| |
| |||||||
Log-Analyse und Auswertung: Backdoor.Win32.Androm.fxulWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
09.01.2015, 22:10
| #1 |
| |  Backdoor.Win32.Androm.fxul Hallo zusammen, ich glaub ich hab ein kleines problemchen. Meine Freundin hat eine email "Rechtsanwalt Direkt Pay AG" bekommen da sollte sie angeblich eine rechnung nicht bezahlt haben, aufjedenfall als sie das email öffnete und den anhang angeklickt hat  reagierte Kaspersky sofort. Ich bin dann auf Kaspersky und da stand malware gefunen oder sowas dann konnte ich entscheiden zwischen überspringen beenden unso. Ich hab auf beenden geklickt. Dannach gleich mal einen vollen system untersuchung gemacht und Kaspersky hat nix festgestellt. Jetzt steht halt auf GEfundene Objekte "gefundenes objekt (datei) ist nicht mehr verfügbar...heißt das, dass mein pc sauber ist? Haben wir glück gehabt? danke schon mal für die hilfe und sorry für mein deutsch hehe  LG J.Jr |
|
09.01.2015, 22:18
| #2 |
| /// the machine /// TB-Ausbilder    | Backdoor.Win32.Androm.fxul hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.01.2015, 22:44
| #3 |
| | Backdoor.Win32.Androm.fxul Hi Schrauber,
__________________FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015 Ran by Anja (administrator) on ANJA-PC on 09-01-2015 22:39:25 Running from C:\Users\Anja\Downloads Loaded Profile: Anja (Available profiles: Anja) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated) HKU\S-1-5-21-543541227-4233948613-3656747902-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-543541227-4233948613-3656747902-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-543541227-4233948613-3656747902-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [855216 2014-12-10] (Adobe Systems Incorporated) HKU\S-1-5-21-543541227-4233948613-3656747902-1000\...\MountPoints2: {0e2adbd7-9927-11e2-a6d5-00040ec9d5d8} - G:\pushinst.exe HKU\S-1-5-21-543541227-4233948613-3656747902-1000\...\MountPoints2: {20312bef-5b20-11e1-a152-e4a52adaf7ec} - G:\pushinst.exe HKU\S-1-5-21-543541227-4233948613-3656747902-1000\...\MountPoints2: {a38a6e4f-5f8e-11e3-bd3b-806e6f6e6963} - E:\Autorun.exe HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-543541227-4233948613-3656747902-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Anja\AppData\Roaming\Mozilla\Firefox\Profiles\gs9dkmup.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-12-04] FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-12-04] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-07-03] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-07-03] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-07-03] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-07-03] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-07-03] Chrome: ======= CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found] CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.) [File not signed] R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-07-03] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-07-03] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-07-03] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-07-03] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-07-03] (Kaspersky Lab ZAO) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-09] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-09 22:39 - 2015-01-09 22:39 - 00014441 _____ () C:\Users\Anja\Downloads\FRST.txt 2015-01-09 22:39 - 2015-01-09 22:39 - 00000000 ____D () C:\FRST 2015-01-09 22:38 - 2015-01-09 22:38 - 02124288 _____ (Farbar) C:\Users\Anja\Downloads\FRST64.exe 2015-01-09 18:41 - 2015-01-09 21:06 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-09 18:40 - 2015-01-09 18:40 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Anja\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-09 18:40 - 2015-01-09 18:40 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-09 18:40 - 2015-01-09 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-09 18:40 - 2015-01-09 18:40 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-09 18:40 - 2015-01-09 18:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-01-09 18:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-09 18:40 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-09 18:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-12-19 00:24 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-19 00:24 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-18 19:24 - 2014-12-18 19:24 - 01054912 _____ (Adobe) C:\Users\Anja\Downloads\install_flashplayer16x32au_ltr5x64d_awc_aih.exe 2014-12-14 03:20 - 2014-12-14 03:20 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-14 03:00 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-14 03:00 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-13 19:33 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-13 19:33 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-13 19:33 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-13 19:33 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-13 19:33 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-13 19:33 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-13 19:33 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-13 19:33 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-13 19:33 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-13 19:33 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-13 19:33 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-13 19:33 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-13 19:33 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-13 19:33 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-13 19:33 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-13 19:33 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-13 19:33 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-13 19:33 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-13 19:33 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-13 19:33 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-13 19:33 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-13 19:33 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-13 19:33 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-13 19:33 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-13 19:33 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-13 19:33 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-13 19:33 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-13 19:33 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-13 19:33 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-13 19:33 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-13 19:33 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-13 19:33 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-13 19:33 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-13 19:33 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-13 19:33 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-13 19:33 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-13 19:33 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-13 19:33 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-13 19:33 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-13 19:33 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-13 19:33 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-13 19:33 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-13 19:33 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-13 19:33 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-13 19:33 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-13 19:33 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-13 19:33 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-13 19:33 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-13 19:33 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-13 19:33 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-13 19:33 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-13 19:33 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-13 19:33 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-13 19:33 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-13 19:31 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-13 19:31 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-13 19:31 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-13 19:31 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-13 19:31 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-13 19:31 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-13 19:31 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-13 19:31 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-13 19:31 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-13 19:31 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-13 19:31 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-13 19:31 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-13 19:31 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-13 19:31 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-13 19:31 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-13 19:31 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-13 19:31 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-13 19:31 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-13 19:31 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-13 19:31 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-13 19:31 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-13 19:31 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-13 19:31 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-13 19:30 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-13 19:30 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-09 22:37 - 2013-12-08 01:58 - 00000281 _____ () C:\Users\Anja\Desktop\....txt 2015-01-09 22:37 - 2012-02-20 17:55 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Skype 2015-01-09 21:58 - 2014-07-03 16:25 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2015-01-09 21:52 - 2012-04-08 19:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-09 19:57 - 2012-02-19 17:44 - 01322880 _____ () C:\Windows\WindowsUpdate.log 2015-01-09 19:23 - 2012-02-19 18:02 - 00000000 ____D () C:\Users\Anja 2015-01-06 20:03 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-06 20:03 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-06 19:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-06 19:54 - 2009-07-14 05:51 - 00088306 _____ () C:\Windows\setupact.log 2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-12-14 09:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-12-14 03:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-14 03:20 - 2014-05-06 21:01 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-14 03:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-14 03:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-14 03:05 - 2013-08-20 18:39 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-14 03:01 - 2012-02-23 18:27 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-10 01:52 - 2014-09-09 19:53 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-12-10 01:52 - 2012-04-08 19:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-10 01:52 - 2012-04-08 19:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-10 01:52 - 2012-02-19 20:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl Some content of TEMP: ==================== C:\Users\Anja\AppData\Local\Temp\AskSLib.dll C:\Users\Anja\AppData\Local\Temp\AutoRun.exe C:\Users\Anja\AppData\Local\Temp\AutoRunGUI.dll C:\Users\Anja\AppData\Local\Temp\avgnt.exe C:\Users\Anja\AppData\Local\Temp\devcon.exe C:\Users\Anja\AppData\Local\Temp\drm_dialogs.dll C:\Users\Anja\AppData\Local\Temp\drm_dyndata_7320013.dll C:\Users\Anja\AppData\Local\Temp\drm_dyndata_7330014.dll C:\Users\Anja\AppData\Local\Temp\eauninstall.exe C:\Users\Anja\AppData\Local\Temp\FileSystemView.dll C:\Users\Anja\AppData\Local\Temp\First15.exe C:\Users\Anja\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe C:\Users\Anja\AppData\Local\Temp\SkypeSetup.exe C:\Users\Anja\AppData\Local\Temp\The Sims 2 Bon Voyage_uninst.exe C:\Users\Anja\AppData\Local\Temp\vlc-2.0.6-win32.exe C:\Users\Anja\AppData\Local\Temp\vlc-2.1.3-win32.exe C:\Users\Anja\AppData\Local\Temp\VP6Install.exe C:\Users\Anja\AppData\Local\Temp\VP6VFW.dll C:\Users\Anja\AppData\Local\Temp\_is238B.exe C:\Users\Anja\AppData\Local\Temp\_is8F96.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-06 22:17 ==================== End Of Log ============================ Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Anja at 2015-01-09 22:40:07
Running from C:\Users\Anja\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10707 - ATI Technologies Inc.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon MX300 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX300_series) (Version: - )
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
Die Sims 2: Family Fun - Accessoires (HKLM-x32\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version: - )
Die Sims 2: Nightlife (HKLM-x32\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - )
Die Sims™ 2 Gute Reise (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
Die Sims™ 2 H&M®-Fashion-Accessoires (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
Die Sims™ 2 Haustiere (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 34.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 de)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.25.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.25.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
10-12-2014 02:59:33 Windows Update
13-12-2014 19:31:04 Windows Update
14-12-2014 03:00:12 Windows Update
19-12-2014 03:00:14 Windows Update
06-01-2015 20:00:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {13A583B7-CD66-4FE1-B32D-FF19B71C9501} - System32\Tasks\{DB137627-457C-4CCD-83BD-C5107E564E45} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {19393654-FC8A-4C4F-AA3C-BF913F20E108} - System32\Tasks\{D06AB10F-4E80-4D77-ABE3-EBCC6F147222} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {2E85B98D-39E7-4900-AD7B-9D69895D8A4D} - System32\Tasks\{B759CE1E-0071-4646-9101-BB69C60331E4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {323FE91E-BA23-42E5-9D77-FB2D6DBBA52F} - System32\Tasks\{4BA68CC8-DCFC-402E-8291-E12BCF41B027} => pcalua.exe -a "E:\Drivers\Chipset\NVIDIA nForce Driver\NFref_1549_w7vs64\setup.exe" -d "E:\Drivers\Chipset\NVIDIA nForce Driver\NFref_1549_w7vs64"
Task: {3283E654-BD6C-4C4E-B970-D1F8A771AC6B} - System32\Tasks\{440DD2DB-AEB8-4206-8CBC-0B4A4F1E846F} => pcalua.exe -a "E:\Drivers\Chipset\Intel®\Intel® Management Engine\Driver for Intel 5 Series Chipset-Based Desktop Boards\setup.exe" -d "E:\Drivers\Chipset\Intel®\Intel® Management Engine\Driver for Intel 5 Series Chipset-Based Desktop Boards"
Task: {6459A46A-C9E6-44CB-BB41-E9B72A378536} - System32\Tasks\{3AB326BC-E5D8-4D8D-BEDB-02A7FA4BD842} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {687D8173-318B-48AE-9BA4-4DF9F0BD7246} - System32\Tasks\{FF531ECF-3F45-4C69-98D2-775EA7417805} => C:\Program Files (x86)\EA GAMES\Die Sims 2 Gute Reise\TSBin\Sims2Launcher.exe [2007-08-04] (Electronic Arts)
Task: {83008343-0767-4049-B08C-93A03FA6DAC9} - System32\Tasks\{3D47F964-1BF2-4FBF-A8FC-BAF97CAB8A0E} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {D3B31523-5D22-4D22-B41A-65EDC4675BCF} - System32\Tasks\{41979F78-5135-494B-96CC-5B9606F443D7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1603
Task: {E4CFC740-A5B6-4B83-A5EB-4D1F1E73AF1F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-10-08 09:35 - 2013-10-08 09:35 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-10-08 09:34 - 2013-10-08 09:34 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-12-04 19:59 - 2014-12-04 19:59 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-543541227-4233948613-3656747902-500 - Administrator - Disabled)
Anja (S-1-5-21-543541227-4233948613-3656747902-1000 - Administrator - Enabled) => C:\Users\Anja
Gast (S-1-5-21-543541227-4233948613-3656747902-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-543541227-4233948613-3656747902-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: High Definition Audio-Controller
Description: High Definition Audio-Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/06/2015 07:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/22/2014 06:54:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/18/2014 07:20:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/15/2014 07:17:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/14/2014 11:01:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.0.5442, Zeitstempel: 0x54754d35
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1120
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/14/2014 03:23:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2014 07:25:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 00:58:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/08/2014 02:43:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.0.5442, Zeitstempel: 0x54754d35
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.0.5442, Zeitstempel: 0x54754649
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x13b4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/08/2014 02:42:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.0.5442, Zeitstempel: 0x54754d35
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.0.5442, Zeitstempel: 0x54754649
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xe2c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
System errors:
=============
Error: (12/05/2014 07:12:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.12.2014 um 21:35:59 unerwartet heruntergefahren.
Error: (11/13/2014 06:12:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (10/16/2014 02:50:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB2952664)
Error: (10/16/2014 02:48:24 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
Error: (10/16/2014 02:48:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (10/05/2014 06:09:47 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.25
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (10/03/2014 04:21:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "AMD FUEL Service" wurde nicht richtig gestartet.
Error: (09/14/2014 02:14:38 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "AMD FUEL Service" wurde nicht richtig gestartet.
Error: (08/17/2014 02:25:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 17.08.2014 um 15:19:32 unerwartet heruntergefahren.
Error: (08/17/2014 07:41:15 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.25
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Microsoft Office Sessions:
=========================
Error: (01/06/2015 07:56:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/22/2014 06:54:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/18/2014 07:20:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/15/2014 07:17:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/14/2014 11:01:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.0.544254754d35KERNELBASE.dll6.1.7601.1840953159a86800000030000c42d112001d01776398f8247C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\syswow64\KERNELBASE.dll1c052b9a-8378-11e4-b5d2-8c89a580c50d
Error: (12/14/2014 03:23:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2014 07:25:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2014 00:58:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/08/2014 02:43:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.0.544254754d35mozalloc.dll34.0.0.544254754649800000030000142513b401d0127cfc4f0235C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll8a2ca68a-7e7b-11e4-adbe-8c89a580c50d
Error: (12/08/2014 02:42:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.0.544254754d35mozalloc.dll34.0.0.5442547546498000000300001425e2c01d0126fad441becC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll815109ec-7e7b-11e4-adbe-8c89a580c50d
CodeIntegrity Errors:
===================================
Date: 2014-10-11 10:25:47.308
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-11 10:25:47.308
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-11 10:25:47.292
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-11 10:25:47.292
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-11 10:25:47.277
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-11 10:25:47.277
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 06:30:15.797
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 06:30:15.797
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 06:30:15.797
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 06:30:15.782
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD A6-3600 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 30%
Total physical RAM: 7672.13 MB
Available physical RAM: 5364.28 MB
Total Pagefile: 15342.45 MB
Available Pagefile: 12629.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:880.41 GB) (Free:817.28 GB) NTFS
Drive d: () (Fixed) (Total:50 GB) (Free:25.1 GB) NTFS
Drive e: (Sims2EP6) (CDROM) (Total:0.75 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
|
10.01.2015, 11:42
| #4 |
| /// the machine /// TB-Ausbilder | Backdoor.Win32.Androm.fxul hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.01.2015, 12:27
| #5 |
| | Backdoor.Win32.Androm.fxul Guten Morgen, Code:
ATTFilter 12:02:01.0269 0x11ac TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
12:02:06.0751 0x11ac ============================================================
12:02:06.0751 0x11ac Current date / time: 2015/01/10 12:02:06.0751
12:02:06.0751 0x11ac SystemInfo:
12:02:06.0752 0x11ac
12:02:06.0752 0x11ac OS Version: 6.1.7601 ServicePack: 1.0
12:02:06.0752 0x11ac Product type: Workstation
12:02:06.0752 0x11ac ComputerName: ANJA-PC
12:02:06.0752 0x11ac UserName: Anja
12:02:06.0752 0x11ac Windows directory: C:\Windows
12:02:06.0752 0x11ac System windows directory: C:\Windows
12:02:06.0752 0x11ac Running under WOW64
12:02:06.0752 0x11ac Processor architecture: Intel x64
12:02:06.0752 0x11ac Number of processors: 4
12:02:06.0752 0x11ac Page size: 0x1000
12:02:06.0752 0x11ac Boot type: Normal boot
12:02:06.0752 0x11ac ============================================================
12:02:07.0277 0x11ac KLMD registered as C:\Windows\system32\drivers\32196738.sys
12:02:07.0843 0x11ac System UUID: {AEC8A2BD-01F8-982B-ADCA-40A0D2179639}
12:02:08.0821 0x11ac Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:02:08.0831 0x11ac ============================================================
12:02:08.0831 0x11ac \Device\Harddisk0\DR0:
12:02:08.0832 0x11ac MBR partitions:
12:02:08.0832 0x11ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:02:08.0832 0x11ac \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6E0D3000
12:02:08.0832 0x11ac \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6E106000, BlocksNum 0x6400000
12:02:08.0832 0x11ac ============================================================
12:02:08.0836 0x11ac C: <-> \Device\Harddisk0\DR0\Partition2
12:02:08.0870 0x11ac D: <-> \Device\Harddisk0\DR0\Partition3
12:02:08.0870 0x11ac ============================================================
12:02:08.0871 0x11ac Initialize success
12:02:08.0871 0x11ac ============================================================
12:03:20.0099 0x0180 ============================================================
12:03:20.0099 0x0180 Scan started
12:03:20.0099 0x0180 Mode: Manual; SigCheck; TDLFS;
12:03:20.0099 0x0180 ============================================================
12:03:20.0099 0x0180 KSN ping started
12:03:33.0768 0x0180 KSN ping finished: true
12:03:34.0705 0x0180 ================ Scan system memory ========================
12:03:34.0705 0x0180 System memory - ok
12:03:34.0706 0x0180 ================ Scan services =============================
12:03:34.0863 0x0180 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:03:35.0113 0x0180 1394ohci - ok
12:03:35.0141 0x0180 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:03:35.0163 0x0180 ACPI - ok
12:03:35.0180 0x0180 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:03:35.0215 0x0180 AcpiPmi - ok
12:03:35.0313 0x0180 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:03:35.0341 0x0180 AdobeARMservice - ok
12:03:35.0472 0x0180 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:03:35.0498 0x0180 AdobeFlashPlayerUpdateSvc - ok
12:03:35.0526 0x0180 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:03:35.0551 0x0180 adp94xx - ok
12:03:35.0570 0x0180 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:03:35.0590 0x0180 adpahci - ok
12:03:35.0608 0x0180 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:03:35.0624 0x0180 adpu320 - ok
12:03:35.0655 0x0180 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:03:35.0692 0x0180 AeLookupSvc - ok
12:03:35.0755 0x0180 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:03:35.0801 0x0180 AFD - ok
12:03:35.0824 0x0180 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:03:35.0837 0x0180 agp440 - ok
12:03:35.0849 0x0180 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:03:35.0878 0x0180 ALG - ok
12:03:35.0894 0x0180 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:03:35.0906 0x0180 aliide - ok
12:03:35.0934 0x0180 [ 68B2C801CDB2B3838E9C27C3C6F66C73, D2E7A062973CB4D1C33A299D5AEFCE943EB59934EBA427F3C99D03A56EFF7A96 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:03:35.0969 0x0180 AMD External Events Utility - ok
12:03:36.0020 0x0180 AMD FUEL Service - ok
12:03:36.0052 0x0180 [ 30BFEEE0DFFD5BD79D29157CF080DEED, D3176AA5CFD43CAE7180E9E51A2C76DC2AC02897CA730391A54F647D263ED4E0 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
12:03:36.0131 0x0180 amdhub30 - ok
12:03:36.0141 0x0180 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:03:36.0154 0x0180 amdide - ok
12:03:36.0168 0x0180 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
12:03:36.0178 0x0180 amdiox64 - ok
12:03:36.0188 0x0180 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:03:36.0211 0x0180 AmdK8 - ok
12:03:36.0639 0x0180 [ 784C941B5A19D69814F9514CFB733906, 496E78FE91B1D6E146EEB79297C4A131D50875A8385438C376CA58A245D4A77E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:03:37.0146 0x0180 amdkmdag - ok
12:03:37.0212 0x0180 [ 954759EAE7FB2591A5E7206AB0093AE7, A47FFCE75767CFE79A1CD2B42DC1FEEC8C65C0E503289DC70B751FECDD9CE9FF ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:03:37.0246 0x0180 amdkmdap - ok
12:03:37.0276 0x0180 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:03:37.0299 0x0180 AmdPPM - ok
12:03:37.0326 0x0180 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:03:37.0342 0x0180 amdsata - ok
12:03:37.0359 0x0180 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:03:37.0376 0x0180 amdsbs - ok
12:03:37.0395 0x0180 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:03:37.0408 0x0180 amdxata - ok
12:03:37.0428 0x0180 [ 321533578132C811EC834A1B741C994C, 82B62C52018655B8A596E1E503CB31F0FA581780425A9FF44BE1248C0F3D4B3E ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
12:03:37.0443 0x0180 amdxhc - ok
12:03:37.0472 0x0180 [ F9D46B6B322708BD5AFCC8767EBDC901, BD4872A62516D8326D43FD37A8BECEBADB80C51CD79506FD8A2013358710F774 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
12:03:37.0484 0x0180 amd_sata - ok
12:03:37.0492 0x0180 [ 329CC9C7E20DEEBCD4CD10816193EF14, FA217536D56EA0BFC783FC29919F529A9AF8E0F7B2A49AA452B218BC6F1E0366 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
12:03:37.0502 0x0180 amd_xata - ok
12:03:37.0527 0x0180 [ F2154A205F4B784B61A72AEBC72BDC5F, A1D962BCF952FAD8016D9210327E7C1044BF4D3D035C7443F8671DDA16E0A390 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
12:03:37.0539 0x0180 AODDriver4.2 - ok
12:03:37.0567 0x0180 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:03:37.0595 0x0180 AppID - ok
12:03:37.0618 0x0180 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:03:37.0631 0x0180 AppIDSvc - ok
12:03:37.0662 0x0180 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:03:37.0685 0x0180 Appinfo - ok
12:03:37.0705 0x0180 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:03:37.0718 0x0180 arc - ok
12:03:37.0735 0x0180 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:03:37.0749 0x0180 arcsas - ok
12:03:37.0830 0x0180 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:03:37.0847 0x0180 aspnet_state - ok
12:03:37.0860 0x0180 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:03:37.0895 0x0180 AsyncMac - ok
12:03:37.0909 0x0180 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:03:37.0922 0x0180 atapi - ok
12:03:37.0950 0x0180 [ 37CB595C0AB20ECBFA5170D3185690DB, 23CA3DC63C35649021AAFF0721BA8A7DF546B5CD1530A35AAAC3E742A787A7D2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:03:37.0964 0x0180 AtiHDAudioService - ok
12:03:38.0010 0x0180 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:03:38.0059 0x0180 AudioEndpointBuilder - ok
12:03:38.0081 0x0180 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:03:38.0112 0x0180 AudioSrv - ok
12:03:38.0148 0x0180 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
12:03:38.0159 0x0180 avmeject - ok
12:03:38.0205 0x0180 [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
12:03:38.0223 0x0180 AVP - ok
12:03:38.0248 0x0180 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:03:38.0285 0x0180 AxInstSV - ok
12:03:38.0319 0x0180 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:03:38.0351 0x0180 b06bdrv - ok
12:03:38.0371 0x0180 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:03:38.0390 0x0180 b57nd60a - ok
12:03:38.0408 0x0180 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:03:38.0422 0x0180 BDESVC - ok
12:03:38.0444 0x0180 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:03:38.0508 0x0180 Beep - ok
12:03:38.0557 0x0180 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:03:38.0598 0x0180 BFE - ok
12:03:38.0645 0x0180 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:03:38.0703 0x0180 BITS - ok
12:03:38.0716 0x0180 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:03:38.0736 0x0180 blbdrive - ok
12:03:38.0767 0x0180 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:03:38.0781 0x0180 bowser - ok
12:03:38.0791 0x0180 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:03:38.0815 0x0180 BrFiltLo - ok
12:03:38.0828 0x0180 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:03:38.0843 0x0180 BrFiltUp - ok
12:03:38.0868 0x0180 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:03:38.0885 0x0180 Browser - ok
12:03:38.0903 0x0180 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:03:38.0927 0x0180 Brserid - ok
12:03:38.0939 0x0180 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:03:38.0955 0x0180 BrSerWdm - ok
12:03:38.0962 0x0180 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:03:38.0995 0x0180 BrUsbMdm - ok
12:03:39.0000 0x0180 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:03:39.0018 0x0180 BrUsbSer - ok
12:03:39.0033 0x0180 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:03:39.0063 0x0180 BTHMODEM - ok
12:03:39.0086 0x0180 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:03:39.0125 0x0180 bthserv - ok
12:03:39.0139 0x0180 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:03:39.0196 0x0180 cdfs - ok
12:03:39.0210 0x0180 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:03:39.0226 0x0180 cdrom - ok
12:03:39.0241 0x0180 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:03:39.0278 0x0180 CertPropSvc - ok
12:03:39.0293 0x0180 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:03:39.0308 0x0180 circlass - ok
12:03:39.0329 0x0180 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:03:39.0350 0x0180 CLFS - ok
12:03:39.0391 0x0180 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:03:39.0422 0x0180 clr_optimization_v2.0.50727_32 - ok
12:03:39.0443 0x0180 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:03:39.0463 0x0180 clr_optimization_v2.0.50727_64 - ok
12:03:39.0515 0x0180 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:03:39.0548 0x0180 clr_optimization_v4.0.30319_32 - ok
12:03:39.0564 0x0180 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:03:39.0588 0x0180 clr_optimization_v4.0.30319_64 - ok
12:03:39.0600 0x0180 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:03:39.0612 0x0180 CmBatt - ok
12:03:39.0636 0x0180 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:03:39.0648 0x0180 cmdide - ok
12:03:39.0680 0x0180 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:03:39.0713 0x0180 CNG - ok
12:03:39.0729 0x0180 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:03:39.0742 0x0180 Compbatt - ok
12:03:39.0755 0x0180 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:03:39.0783 0x0180 CompositeBus - ok
12:03:39.0793 0x0180 COMSysApp - ok
12:03:39.0810 0x0180 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:03:39.0822 0x0180 crcdisk - ok
12:03:39.0852 0x0180 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:03:39.0881 0x0180 CryptSvc - ok
12:03:39.0919 0x0180 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:03:39.0968 0x0180 DcomLaunch - ok
12:03:40.0002 0x0180 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:03:40.0053 0x0180 defragsvc - ok
12:03:40.0074 0x0180 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:03:40.0119 0x0180 DfsC - ok
12:03:40.0143 0x0180 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:03:40.0166 0x0180 Dhcp - ok
12:03:40.0180 0x0180 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:03:40.0217 0x0180 discache - ok
12:03:40.0236 0x0180 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:03:40.0251 0x0180 Disk - ok
12:03:40.0272 0x0180 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:03:40.0298 0x0180 Dnscache - ok
12:03:40.0317 0x0180 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:03:40.0368 0x0180 dot3svc - ok
12:03:40.0382 0x0180 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:03:40.0422 0x0180 DPS - ok
12:03:40.0486 0x0180 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:03:40.0510 0x0180 drmkaud - ok
12:03:40.0567 0x0180 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:03:40.0611 0x0180 DXGKrnl - ok
12:03:40.0626 0x0180 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:03:40.0665 0x0180 EapHost - ok
12:03:40.0799 0x0180 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:03:40.0978 0x0180 ebdrv - ok
12:03:41.0004 0x0180 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:03:41.0032 0x0180 EFS - ok
12:03:41.0102 0x0180 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:03:41.0144 0x0180 ehRecvr - ok
12:03:41.0181 0x0180 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:03:41.0215 0x0180 ehSched - ok
12:03:41.0246 0x0180 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:03:41.0273 0x0180 elxstor - ok
12:03:41.0285 0x0180 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:03:41.0316 0x0180 ErrDev - ok
12:03:41.0355 0x0180 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:03:41.0404 0x0180 EventSystem - ok
12:03:41.0428 0x0180 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:03:41.0470 0x0180 exfat - ok
12:03:41.0485 0x0180 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:03:41.0535 0x0180 fastfat - ok
12:03:41.0575 0x0180 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:03:41.0607 0x0180 Fax - ok
12:03:41.0626 0x0180 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:03:41.0638 0x0180 fdc - ok
12:03:41.0653 0x0180 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:03:41.0689 0x0180 fdPHost - ok
12:03:41.0704 0x0180 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:03:41.0740 0x0180 FDResPub - ok
12:03:41.0756 0x0180 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:03:41.0769 0x0180 FileInfo - ok
12:03:41.0783 0x0180 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:03:41.0835 0x0180 Filetrace - ok
12:03:41.0851 0x0180 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:03:41.0863 0x0180 flpydisk - ok
12:03:41.0881 0x0180 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:03:41.0900 0x0180 FltMgr - ok
12:03:41.0986 0x0180 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:03:42.0041 0x0180 FontCache - ok
12:03:42.0073 0x0180 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:42.0086 0x0180 FontCache3.0.0.0 - ok
12:03:42.0098 0x0180 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:03:42.0113 0x0180 FsDepends - ok
12:03:42.0132 0x0180 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:03:42.0144 0x0180 Fs_Rec - ok
12:03:42.0171 0x0180 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:03:42.0194 0x0180 fvevol - ok
12:03:42.0264 0x0180 [ 444534CBA693DD23C1CC589681E01656, DF8ED7FFA66E0A88EBB58A491A177D8CEB35B08B0911D7A1F4B8865755DC27CE ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
12:03:42.0297 0x0180 FWLANUSB - ok
12:03:42.0320 0x0180 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:03:42.0334 0x0180 gagp30kx - ok
12:03:42.0375 0x0180 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:03:42.0431 0x0180 gpsvc - ok
12:03:42.0449 0x0180 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:03:42.0461 0x0180 hcw85cir - ok
12:03:42.0511 0x0180 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:03:42.0537 0x0180 HdAudAddService - ok
12:03:42.0548 0x0180 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:03:42.0566 0x0180 HDAudBus - ok
12:03:42.0574 0x0180 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:03:42.0600 0x0180 HidBatt - ok
12:03:42.0618 0x0180 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:03:42.0644 0x0180 HidBth - ok
12:03:42.0670 0x0180 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:03:42.0685 0x0180 HidIr - ok
12:03:42.0709 0x0180 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:03:42.0747 0x0180 hidserv - ok
12:03:42.0782 0x0180 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:03:42.0795 0x0180 HidUsb - ok
12:03:42.0821 0x0180 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:03:42.0859 0x0180 hkmsvc - ok
12:03:42.0874 0x0180 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:03:42.0909 0x0180 HomeGroupListener - ok
12:03:42.0931 0x0180 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:03:42.0950 0x0180 HomeGroupProvider - ok
12:03:42.0964 0x0180 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:03:42.0977 0x0180 HpSAMD - ok
12:03:43.0015 0x0180 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:03:43.0079 0x0180 HTTP - ok
12:03:43.0100 0x0180 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:03:43.0112 0x0180 hwpolicy - ok
12:03:43.0130 0x0180 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:03:43.0145 0x0180 i8042prt - ok
12:03:43.0166 0x0180 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:03:43.0190 0x0180 iaStorV - ok
12:03:43.0260 0x0180 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:03:43.0299 0x0180 idsvc - ok
12:03:43.0312 0x0180 IEEtwCollectorService - ok
12:03:43.0325 0x0180 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:03:43.0337 0x0180 iirsp - ok
12:03:43.0382 0x0180 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:03:43.0418 0x0180 IKEEXT - ok
12:03:43.0441 0x0180 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:03:43.0454 0x0180 intelide - ok
12:03:43.0472 0x0180 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
12:03:43.0485 0x0180 intelppm - ok
12:03:43.0496 0x0180 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:03:43.0545 0x0180 IPBusEnum - ok
12:03:43.0561 0x0180 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:03:43.0610 0x0180 IpFilterDriver - ok
12:03:43.0643 0x0180 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:03:43.0673 0x0180 iphlpsvc - ok
12:03:43.0689 0x0180 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:03:43.0722 0x0180 IPMIDRV - ok
12:03:43.0738 0x0180 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:03:43.0784 0x0180 IPNAT - ok
12:03:43.0812 0x0180 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:03:43.0837 0x0180 IRENUM - ok
12:03:43.0858 0x0180 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:03:43.0870 0x0180 isapnp - ok
12:03:43.0895 0x0180 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:03:43.0914 0x0180 iScsiPrt - ok
12:03:43.0936 0x0180 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:03:43.0949 0x0180 kbdclass - ok
12:03:43.0964 0x0180 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:03:43.0976 0x0180 kbdhid - ok
12:03:43.0984 0x0180 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:03:43.0996 0x0180 KeyIso - ok
12:03:44.0036 0x0180 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
12:03:44.0061 0x0180 kl1 - ok
12:03:44.0087 0x0180 [ D0C3AEF67932D2A80736FBCB956C017D, 166C2FD5F1B6FFE7A71CD821DFDD02B68D25CBF0D44BD6F2522C65CF1DEB363C ] klflt C:\Windows\system32\DRIVERS\klflt.sys
12:03:44.0103 0x0180 klflt - ok
12:03:44.0156 0x0180 [ 41DF293A7F0418F5DDED9F0297DC68F3, 25DE4BB7F2D915FCF576ABD46EEDC5574B694A2D1E5CB7AB565792C7BB57C76B ] KLIF C:\Windows\system32\DRIVERS\klif.sys
12:03:44.0186 0x0180 KLIF - ok
12:03:44.0198 0x0180 [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
12:03:44.0210 0x0180 KLIM6 - ok
12:03:44.0222 0x0180 [ 8DA5BC75C3E8A995335642F26CAEA54B, 3995AAB499A37077AA4FB372E75CD9259BA3EA7020B961CF482AC948D2D47AB4 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
12:03:44.0235 0x0180 klkbdflt - ok
12:03:44.0249 0x0180 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
12:03:44.0261 0x0180 klmouflt - ok
12:03:44.0269 0x0180 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
12:03:44.0281 0x0180 klpd - ok
12:03:44.0290 0x0180 [ 4828B3D2BC89B05E07101C6E60CE0A6A, C2D40EA03A526286AEDF27DE80CB0576EB59EB7581C9E9ECFCB867349593D7CE ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
12:03:44.0303 0x0180 kltdi - ok
12:03:44.0318 0x0180 [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\Windows\system32\DRIVERS\kneps.sys
12:03:44.0334 0x0180 kneps - ok
12:03:44.0364 0x0180 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:03:44.0378 0x0180 KSecDD - ok
12:03:44.0406 0x0180 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:03:44.0422 0x0180 KSecPkg - ok
12:03:44.0429 0x0180 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:03:44.0464 0x0180 ksthunk - ok
12:03:44.0493 0x0180 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:03:44.0544 0x0180 KtmRm - ok
12:03:44.0568 0x0180 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:03:44.0625 0x0180 LanmanServer - ok
12:03:44.0642 0x0180 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:03:44.0690 0x0180 LanmanWorkstation - ok
12:03:44.0707 0x0180 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:03:44.0752 0x0180 lltdio - ok
12:03:44.0780 0x0180 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:03:44.0824 0x0180 lltdsvc - ok
12:03:44.0833 0x0180 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:03:44.0882 0x0180 lmhosts - ok
12:03:44.0909 0x0180 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:03:44.0923 0x0180 LSI_FC - ok
12:03:44.0935 0x0180 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:03:44.0949 0x0180 LSI_SAS - ok
12:03:44.0963 0x0180 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:03:44.0977 0x0180 LSI_SAS2 - ok
12:03:44.0990 0x0180 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:03:45.0005 0x0180 LSI_SCSI - ok
12:03:45.0020 0x0180 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:03:45.0071 0x0180 luafv - ok
12:03:45.0129 0x0180 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:03:45.0140 0x0180 MBAMProtector - ok
12:03:45.0246 0x0180 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
12:03:45.0307 0x0180 MBAMScheduler - ok
12:03:45.0362 0x0180 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
12:03:45.0398 0x0180 MBAMService - ok
12:03:45.0425 0x0180 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:03:45.0440 0x0180 MBAMSwissArmy - ok
12:03:45.0452 0x0180 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:03:45.0464 0x0180 MBAMWebAccessControl - ok
12:03:45.0476 0x0180 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:03:45.0491 0x0180 Mcx2Svc - ok
12:03:45.0503 0x0180 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:03:45.0516 0x0180 megasas - ok
12:03:45.0539 0x0180 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:03:45.0558 0x0180 MegaSR - ok
12:03:45.0579 0x0180 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:03:45.0624 0x0180 MMCSS - ok
12:03:45.0638 0x0180 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:03:45.0683 0x0180 Modem - ok
12:03:45.0703 0x0180 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:03:45.0729 0x0180 monitor - ok
12:03:45.0756 0x0180 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:03:45.0768 0x0180 mouclass - ok
12:03:45.0788 0x0180 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:03:45.0801 0x0180 mouhid - ok
12:03:45.0815 0x0180 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:03:45.0829 0x0180 mountmgr - ok
12:03:45.0865 0x0180 [ D1CB0BC1CBA61639FE7162C5476A22C0, 80469683BD18CE0B6E9D9BD3613A63896F3D50A783EFDC15CEA28560C151C6B9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:03:45.0881 0x0180 MozillaMaintenance - ok
12:03:45.0893 0x0180 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:03:45.0908 0x0180 mpio - ok
12:03:45.0921 0x0180 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:03:45.0959 0x0180 mpsdrv - ok
12:03:45.0993 0x0180 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:03:46.0057 0x0180 MpsSvc - ok
12:03:46.0080 0x0180 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:03:46.0095 0x0180 MRxDAV - ok
12:03:46.0124 0x0180 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:03:46.0147 0x0180 mrxsmb - ok
12:03:46.0169 0x0180 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:03:46.0200 0x0180 mrxsmb10 - ok
12:03:46.0215 0x0180 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:03:46.0242 0x0180 mrxsmb20 - ok
12:03:46.0256 0x0180 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:03:46.0269 0x0180 msahci - ok
12:03:46.0287 0x0180 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:03:46.0302 0x0180 msdsm - ok
12:03:46.0319 0x0180 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:03:46.0336 0x0180 MSDTC - ok
12:03:46.0361 0x0180 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:03:46.0402 0x0180 Msfs - ok
12:03:46.0413 0x0180 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:03:46.0470 0x0180 mshidkmdf - ok
12:03:46.0479 0x0180 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:03:46.0491 0x0180 msisadrv - ok
12:03:46.0512 0x0180 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:03:46.0564 0x0180 MSiSCSI - ok
12:03:46.0569 0x0180 msiserver - ok
12:03:46.0583 0x0180 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:03:46.0618 0x0180 MSKSSRV - ok
12:03:46.0627 0x0180 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:03:46.0662 0x0180 MSPCLOCK - ok
12:03:46.0667 0x0180 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:03:46.0702 0x0180 MSPQM - ok
12:03:46.0727 0x0180 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:03:46.0748 0x0180 MsRPC - ok
12:03:46.0765 0x0180 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:03:46.0778 0x0180 mssmbios - ok
12:03:46.0782 0x0180 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:03:46.0823 0x0180 MSTEE - ok
12:03:46.0828 0x0180 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:03:46.0840 0x0180 MTConfig - ok
12:03:46.0860 0x0180 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:03:46.0873 0x0180 Mup - ok
12:03:46.0911 0x0180 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:03:46.0970 0x0180 napagent - ok
12:03:47.0006 0x0180 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:03:47.0047 0x0180 NativeWifiP - ok
12:03:47.0107 0x0180 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:03:47.0144 0x0180 NDIS - ok
12:03:47.0161 0x0180 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:03:47.0197 0x0180 NdisCap - ok
12:03:47.0216 0x0180 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:03:47.0252 0x0180 NdisTapi - ok
12:03:47.0271 0x0180 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:03:47.0316 0x0180 Ndisuio - ok
12:03:47.0331 0x0180 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:03:47.0383 0x0180 NdisWan - ok
12:03:47.0404 0x0180 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:03:47.0439 0x0180 NDProxy - ok
12:03:47.0453 0x0180 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:03:47.0503 0x0180 NetBIOS - ok
12:03:47.0526 0x0180 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:03:47.0581 0x0180 NetBT - ok
12:03:47.0605 0x0180 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:03:47.0618 0x0180 Netlogon - ok
12:03:47.0649 0x0180 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:03:47.0695 0x0180 Netman - ok
12:03:47.0719 0x0180 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:47.0738 0x0180 NetMsmqActivator - ok
12:03:47.0745 0x0180 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:47.0763 0x0180 NetPipeActivator - ok
12:03:47.0789 0x0180 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:03:47.0840 0x0180 netprofm - ok
12:03:47.0853 0x0180 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:47.0872 0x0180 NetTcpActivator - ok
12:03:47.0878 0x0180 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:47.0897 0x0180 NetTcpPortSharing - ok
12:03:47.0914 0x0180 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:03:47.0926 0x0180 nfrd960 - ok
12:03:47.0953 0x0180 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:03:47.0985 0x0180 NlaSvc - ok
12:03:48.0004 0x0180 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:03:48.0041 0x0180 Npfs - ok
12:03:48.0052 0x0180 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:03:48.0089 0x0180 nsi - ok
12:03:48.0097 0x0180 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:03:48.0134 0x0180 nsiproxy - ok
12:03:48.0201 0x0180 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:03:48.0259 0x0180 Ntfs - ok
12:03:48.0272 0x0180 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:03:48.0307 0x0180 Null - ok
12:03:48.0338 0x0180 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:03:48.0355 0x0180 nvraid - ok
12:03:48.0373 0x0180 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:03:48.0390 0x0180 nvstor - ok
12:03:48.0406 0x0180 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:03:48.0421 0x0180 nv_agp - ok
12:03:48.0433 0x0180 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:03:48.0456 0x0180 ohci1394 - ok
12:03:48.0504 0x0180 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:03:48.0534 0x0180 ose - ok
12:03:48.0559 0x0180 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:03:48.0586 0x0180 p2pimsvc - ok
12:03:48.0609 0x0180 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:03:48.0649 0x0180 p2psvc - ok
12:03:48.0664 0x0180 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:03:48.0695 0x0180 Parport - ok
12:03:48.0718 0x0180 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:03:48.0731 0x0180 partmgr - ok
12:03:48.0767 0x0180 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:03:48.0796 0x0180 PcaSvc - ok
12:03:48.0816 0x0180 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:03:48.0834 0x0180 pci - ok
12:03:48.0854 0x0180 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:03:48.0866 0x0180 pciide - ok
12:03:48.0880 0x0180 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:03:48.0897 0x0180 pcmcia - ok
12:03:48.0909 0x0180 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:03:48.0922 0x0180 pcw - ok
12:03:48.0950 0x0180 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:03:48.0986 0x0180 PEAUTH - ok
12:03:49.0047 0x0180 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:03:49.0077 0x0180 PerfHost - ok
12:03:49.0139 0x0180 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:03:49.0213 0x0180 pla - ok
12:03:49.0250 0x0180 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:03:49.0275 0x0180 PlugPlay - ok
12:03:49.0283 0x0180 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:03:49.0296 0x0180 PNRPAutoReg - ok
12:03:49.0318 0x0180 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:03:49.0338 0x0180 PNRPsvc - ok
12:03:49.0376 0x0180 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:03:49.0434 0x0180 PolicyAgent - ok
12:03:49.0457 0x0180 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:03:49.0497 0x0180 Power - ok
12:03:49.0520 0x0180 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:03:49.0556 0x0180 PptpMiniport - ok
12:03:49.0568 0x0180 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:03:49.0582 0x0180 Processor - ok
12:03:49.0615 0x0180 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:03:49.0648 0x0180 ProfSvc - ok
12:03:49.0671 0x0180 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:03:49.0684 0x0180 ProtectedStorage - ok
12:03:49.0704 0x0180 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:03:49.0741 0x0180 Psched - ok
12:03:49.0797 0x0180 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:03:49.0853 0x0180 ql2300 - ok
12:03:49.0867 0x0180 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:03:49.0881 0x0180 ql40xx - ok
12:03:49.0899 0x0180 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:03:49.0923 0x0180 QWAVE - ok
12:03:49.0934 0x0180 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:03:49.0951 0x0180 QWAVEdrv - ok
12:03:49.0965 0x0180 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:03:50.0005 0x0180 RasAcd - ok
12:03:50.0025 0x0180 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:03:50.0061 0x0180 RasAgileVpn - ok
12:03:50.0078 0x0180 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:03:50.0118 0x0180 RasAuto - ok
12:03:50.0136 0x0180 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:03:50.0173 0x0180 Rasl2tp - ok
12:03:50.0191 0x0180 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:03:50.0248 0x0180 RasMan - ok
12:03:50.0259 0x0180 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:03:50.0311 0x0180 RasPppoe - ok
12:03:50.0341 0x0180 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:03:50.0391 0x0180 RasSstp - ok
12:03:50.0407 0x0180 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:03:50.0449 0x0180 rdbss - ok
12:03:50.0459 0x0180 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:03:50.0474 0x0180 rdpbus - ok
12:03:50.0488 0x0180 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:03:50.0536 0x0180 RDPCDD - ok
12:03:50.0555 0x0180 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:03:50.0591 0x0180 RDPENCDD - ok
12:03:50.0602 0x0180 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:03:50.0648 0x0180 RDPREFMP - ok
12:03:50.0675 0x0180 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:03:50.0706 0x0180 RDPWD - ok
12:03:50.0724 0x0180 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:03:50.0741 0x0180 rdyboost - ok
12:03:50.0760 0x0180 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:03:50.0799 0x0180 RemoteAccess - ok
12:03:50.0814 0x0180 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:03:50.0866 0x0180 RemoteRegistry - ok
12:03:50.0891 0x0180 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:03:50.0930 0x0180 RpcEptMapper - ok
12:03:50.0948 0x0180 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:03:50.0974 0x0180 RpcLocator - ok
12:03:51.0000 0x0180 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:03:51.0048 0x0180 RpcSs - ok
12:03:51.0061 0x0180 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:03:51.0097 0x0180 rspndr - ok
12:03:51.0147 0x0180 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:03:51.0174 0x0180 RTL8167 - ok
12:03:51.0186 0x0180 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:03:51.0198 0x0180 SamSs - ok
12:03:51.0215 0x0180 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:03:51.0229 0x0180 sbp2port - ok
12:03:51.0249 0x0180 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:03:51.0290 0x0180 SCardSvr - ok
12:03:51.0306 0x0180 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:03:51.0348 0x0180 scfilter - ok
12:03:51.0397 0x0180 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:03:51.0476 0x0180 Schedule - ok
12:03:51.0496 0x0180 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:03:51.0532 0x0180 SCPolicySvc - ok
12:03:51.0548 0x0180 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:03:51.0575 0x0180 SDRSVC - ok
12:03:51.0585 0x0180 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:03:51.0621 0x0180 secdrv - ok
12:03:51.0633 0x0180 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:03:51.0668 0x0180 seclogon - ok
12:03:51.0682 0x0180 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:03:51.0740 0x0180 SENS - ok
12:03:51.0746 0x0180 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:03:51.0759 0x0180 SensrSvc - ok
12:03:51.0780 0x0180 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:03:51.0793 0x0180 Serenum - ok
12:03:51.0810 0x0180 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:03:51.0824 0x0180 Serial - ok
12:03:51.0839 0x0180 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:03:51.0864 0x0180 sermouse - ok
12:03:51.0891 0x0180 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:03:51.0930 0x0180 SessionEnv - ok
12:03:51.0939 0x0180 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:03:51.0973 0x0180 sffdisk - ok
12:03:51.0979 0x0180 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:03:51.0994 0x0180 sffp_mmc - ok
12:03:52.0013 0x0180 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:03:52.0027 0x0180 sffp_sd - ok
12:03:52.0039 0x0180 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:03:52.0068 0x0180 sfloppy - ok
12:03:52.0099 0x0180 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:03:52.0145 0x0180 SharedAccess - ok
12:03:52.0166 0x0180 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:03:52.0218 0x0180 ShellHWDetection - ok
12:03:52.0229 0x0180 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:03:52.0242 0x0180 SiSRaid2 - ok
12:03:52.0255 0x0180 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:03:52.0268 0x0180 SiSRaid4 - ok
12:03:52.0310 0x0180 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:03:52.0329 0x0180 SkypeUpdate - ok
12:03:52.0379 0x0180 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:03:52.0434 0x0180 Smb - ok
12:03:52.0476 0x0180 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:03:52.0528 0x0180 SNMPTRAP - ok
12:03:52.0554 0x0180 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:03:52.0572 0x0180 spldr - ok
12:03:52.0613 0x0180 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:03:52.0641 0x0180 Spooler - ok
12:03:52.0788 0x0180 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:03:52.0929 0x0180 sppsvc - ok
12:03:52.0956 0x0180 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:03:53.0007 0x0180 sppuinotify - ok
12:03:53.0063 0x0180 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:03:53.0089 0x0180 srv - ok
12:03:53.0110 0x0180 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:03:53.0151 0x0180 srv2 - ok
12:03:53.0173 0x0180 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:03:53.0189 0x0180 srvnet - ok
12:03:53.0203 0x0180 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:03:53.0251 0x0180 SSDPSRV - ok
12:03:53.0265 0x0180 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:03:53.0303 0x0180 SstpSvc - ok
12:03:53.0317 0x0180 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:03:53.0329 0x0180 stexstor - ok
12:03:53.0367 0x0180 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:03:53.0413 0x0180 stisvc - ok
12:03:53.0419 0x0180 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:03:53.0430 0x0180 swenum - ok
12:03:53.0463 0x0180 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:03:53.0514 0x0180 swprv - ok
12:03:53.0581 0x0180 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:03:53.0654 0x0180 SysMain - ok
12:03:53.0675 0x0180 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:03:53.0719 0x0180 TabletInputService - ok
12:03:53.0741 0x0180 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:03:53.0784 0x0180 TapiSrv - ok
12:03:53.0799 0x0180 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:03:53.0838 0x0180 TBS - ok
12:03:53.0942 0x0180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:03:54.0010 0x0180 Tcpip - ok
12:03:54.0082 0x0180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:03:54.0145 0x0180 TCPIP6 - ok
12:03:54.0176 0x0180 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:03:54.0188 0x0180 tcpipreg - ok
12:03:54.0204 0x0180 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:03:54.0226 0x0180 TDPIPE - ok
12:03:54.0245 0x0180 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:03:54.0256 0x0180 TDTCP - ok
12:03:54.0280 0x0180 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:03:54.0296 0x0180 tdx - ok
12:03:54.0312 0x0180 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:03:54.0325 0x0180 TermDD - ok
12:03:54.0360 0x0180 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:03:54.0391 0x0180 TermService - ok
12:03:54.0404 0x0180 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:03:54.0432 0x0180 Themes - ok
12:03:54.0454 0x0180 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:03:54.0491 0x0180 THREADORDER - ok
12:03:54.0505 0x0180 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:03:54.0561 0x0180 TrkWks - ok
12:03:54.0612 0x0180 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:03:54.0671 0x0180 TrustedInstaller - ok
12:03:54.0691 0x0180 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:03:54.0703 0x0180 tssecsrv - ok
12:03:54.0720 0x0180 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:03:54.0732 0x0180 TsUsbFlt - ok
12:03:54.0740 0x0180 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:03:54.0753 0x0180 TsUsbGD - ok
12:03:54.0772 0x0180 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:03:54.0809 0x0180 tunnel - ok
12:03:54.0825 0x0180 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:03:54.0838 0x0180 uagp35 - ok
12:03:54.0860 0x0180 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:03:54.0902 0x0180 udfs - ok
12:03:54.0919 0x0180 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:03:54.0935 0x0180 UI0Detect - ok
12:03:54.0951 0x0180 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:03:54.0964 0x0180 uliagpkx - ok
12:03:54.0978 0x0180 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:03:54.0990 0x0180 umbus - ok
12:03:54.0998 0x0180 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:03:55.0010 0x0180 UmPass - ok
12:03:55.0029 0x0180 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:03:55.0075 0x0180 upnphost - ok
12:03:55.0115 0x0180 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:03:55.0130 0x0180 usbaudio - ok
12:03:55.0159 0x0180 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:03:55.0173 0x0180 usbccgp - ok
12:03:55.0205 0x0180 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:03:55.0229 0x0180 usbcir - ok
12:03:55.0260 0x0180 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:03:55.0287 0x0180 usbehci - ok
12:03:55.0310 0x0180 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
12:03:55.0321 0x0180 usbfilter - ok
12:03:55.0349 0x0180 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:03:55.0371 0x0180 usbhub - ok
12:03:55.0379 0x0180 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:03:55.0391 0x0180 usbohci - ok
12:03:55.0414 0x0180 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:03:55.0429 0x0180 usbprint - ok
12:03:55.0452 0x0180 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:03:55.0465 0x0180 usbscan - ok
12:03:55.0483 0x0180 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:03:55.0498 0x0180 USBSTOR - ok
12:03:55.0503 0x0180 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:03:55.0529 0x0180 usbuhci - ok
12:03:55.0558 0x0180 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:03:55.0614 0x0180 UxSms - ok
12:03:55.0631 0x0180 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:03:55.0644 0x0180 VaultSvc - ok
12:03:55.0653 0x0180 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:03:55.0666 0x0180 vdrvroot - ok
12:03:55.0694 0x0180 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:03:55.0747 0x0180 vds - ok
12:03:55.0763 0x0180 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:03:55.0779 0x0180 vga - ok
12:03:55.0788 0x0180 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:03:55.0829 0x0180 VgaSave - ok
12:03:55.0850 0x0180 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:03:55.0867 0x0180 vhdmp - ok
12:03:55.0872 0x0180 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:03:55.0884 0x0180 viaide - ok
12:03:55.0895 0x0180 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:03:55.0909 0x0180 volmgr - ok
12:03:55.0929 0x0180 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:03:55.0950 0x0180 volmgrx - ok
12:03:55.0970 0x0180 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:03:55.0989 0x0180 volsnap - ok
12:03:56.0006 0x0180 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:03:56.0022 0x0180 vsmraid - ok
12:03:56.0077 0x0180 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:03:56.0177 0x0180 VSS - ok
12:03:56.0197 0x0180 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:03:56.0226 0x0180 vwifibus - ok
12:03:56.0258 0x0180 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:03:56.0306 0x0180 W32Time - ok
12:03:56.0323 0x0180 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:03:56.0347 0x0180 WacomPen - ok
12:03:56.0367 0x0180 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:03:56.0418 0x0180 WANARP - ok
12:03:56.0423 0x0180 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:03:56.0459 0x0180 Wanarpv6 - ok
12:03:56.0522 0x0180 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:03:56.0600 0x0180 wbengine - ok
12:03:56.0619 0x0180 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:03:56.0650 0x0180 WbioSrvc - ok
12:03:56.0672 0x0180 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:03:56.0702 0x0180 wcncsvc - ok
12:03:56.0718 0x0180 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:03:56.0732 0x0180 WcsPlugInService - ok
12:03:56.0744 0x0180 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:03:56.0755 0x0180 Wd - ok
12:03:56.0803 0x0180 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:03:56.0842 0x0180 Wdf01000 - ok
12:03:56.0866 0x0180 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:03:56.0887 0x0180 WdiServiceHost - ok
12:03:56.0893 0x0180 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:03:56.0913 0x0180 WdiSystemHost - ok
12:03:56.0946 0x0180 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:03:56.0984 0x0180 WebClient - ok
12:03:57.0007 0x0180 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:03:57.0052 0x0180 Wecsvc - ok
12:03:57.0066 0x0180 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:03:57.0105 0x0180 wercplsupport - ok
12:03:57.0121 0x0180 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:03:57.0169 0x0180 WerSvc - ok
12:03:57.0191 0x0180 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:03:57.0226 0x0180 WfpLwf - ok
12:03:57.0240 0x0180 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:03:57.0253 0x0180 WIMMount - ok
12:03:57.0271 0x0180 WinDefend - ok
12:03:57.0286 0x0180 WinHttpAutoProxySvc - ok
12:03:57.0345 0x0180 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:03:57.0415 0x0180 Winmgmt - ok
12:03:57.0501 0x0180 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:03:57.0590 0x0180 WinRM - ok
12:03:57.0636 0x0180 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:03:57.0664 0x0180 WinUsb - ok
12:03:57.0701 0x0180 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:03:57.0744 0x0180 Wlansvc - ok
12:03:57.0754 0x0180 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:03:57.0766 0x0180 WmiAcpi - ok
12:03:57.0788 0x0180 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:03:57.0826 0x0180 wmiApSrv - ok
12:03:57.0846 0x0180 WMPNetworkSvc - ok
12:03:57.0855 0x0180 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:03:57.0874 0x0180 WPCSvc - ok
12:03:57.0890 0x0180 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:03:57.0907 0x0180 WPDBusEnum - ok
12:03:57.0920 0x0180 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:03:57.0955 0x0180 ws2ifsl - ok
12:03:57.0966 0x0180 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:03:58.0006 0x0180 wscsvc - ok
12:03:58.0010 0x0180 WSearch - ok
12:03:58.0141 0x0180 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:03:58.0223 0x0180 wuauserv - ok
12:03:58.0250 0x0180 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:03:58.0275 0x0180 WudfPf - ok
12:03:58.0304 0x0180 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:03:58.0320 0x0180 WUDFRd - ok
12:03:58.0338 0x0180 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:03:58.0358 0x0180 wudfsvc - ok
12:03:58.0389 0x0180 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:03:58.0416 0x0180 WwanSvc - ok
12:03:58.0446 0x0180 ================ Scan global ===============================
12:03:58.0470 0x0180 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:03:58.0492 0x0180 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:03:58.0507 0x0180 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:03:58.0524 0x0180 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:03:58.0548 0x0180 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:03:58.0557 0x0180 [ Global ] - ok
12:03:58.0557 0x0180 ================ Scan MBR ==================================
12:03:58.0570 0x0180 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:03:58.0869 0x0180 \Device\Harddisk0\DR0 - ok
12:03:58.0870 0x0180 ================ Scan VBR ==================================
12:03:58.0875 0x0180 [ 9FACF94373D4DDAC20A6933D63EC7D0B ] \Device\Harddisk0\DR0\Partition1
12:03:58.0916 0x0180 \Device\Harddisk0\DR0\Partition1 - ok
12:03:58.0923 0x0180 [ B3B02F5A50C5012E45FD8A4B9938D89D ] \Device\Harddisk0\DR0\Partition2
12:03:58.0956 0x0180 \Device\Harddisk0\DR0\Partition2 - ok
12:03:58.0962 0x0180 [ CD713671300A5D1D6FCF19064138045F ] \Device\Harddisk0\DR0\Partition3
12:03:58.0964 0x0180 \Device\Harddisk0\DR0\Partition3 - ok
12:03:58.0967 0x0180 ================ Scan generic autorun ======================
12:03:59.0018 0x0180 [ AE797B72D85E87D403FC11135507922C, F4FC1E5B9EA2DAB6CDF7FDEE279F7902D3A7832A8EE8CADEDE71E6A2F11FA938 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:03:59.0042 0x0180 NUSB3MON - ok
12:03:59.0132 0x0180 [ 00CF02DBC6E19D5536EBEF841995BEA9, 86B36C8811896BFB106C1128EF5E0330454F509DC200DAF8AC9111D4456B1FBD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
12:03:59.0165 0x0180 StartCCC - ok
12:03:59.0220 0x0180 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:03:59.0259 0x0180 Adobe ARM - ok
12:03:59.0373 0x0180 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:03:59.0432 0x0180 Sidebar - ok
12:03:59.0454 0x0180 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:03:59.0489 0x0180 mctadmin - ok
12:03:59.0536 0x0180 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:03:59.0579 0x0180 Sidebar - ok
12:03:59.0587 0x0180 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:03:59.0606 0x0180 mctadmin - ok
12:04:00.0258 0x0180 [ 58920E6A409046BA06548D9D139CE0F0, 73FB33F5A76A3445C494482D520448EE02C0B1B7D3DD2E97BE3A9B15F89C5911 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
12:04:01.0056 0x0180 Skype - ok
12:04:01.0208 0x0180 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:04:01.0262 0x0180 Sidebar - ok
12:04:01.0293 0x0180 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
12:04:01.0322 0x0180 RESTART_STICKY_NOTES - ok
12:04:01.0324 0x0180 Waiting for KSN requests completion. In queue: 48
12:04:02.0324 0x0180 Waiting for KSN requests completion. In queue: 48
12:04:03.0324 0x0180 Waiting for KSN requests completion. In queue: 48
12:04:04.0564 0x0180 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
12:04:04.0575 0x0180 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
12:04:06.0949 0x0180 ============================================================
12:04:06.0949 0x0180 Scan finished
12:04:06.0949 0x0180 ============================================================
12:04:06.0973 0x0b44 Detected object count: 0
12:04:06.0973 0x0b44 Actual detected object count: 0
12:05:11.0755 0x0fb8 Deinitialize success
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org
Database version: v2015.01.10.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Anja :: ANJA-PC [administrator]
10.01.2015 12:14:21
mbar-log-2015-01-10 (12-14-21).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 326735
Time elapsed: 11 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
10.01.2015, 13:28
| #6 |
| /// the machine /// TB-Ausbilder | Backdoor.Win32.Androm.fxul Sieht gut aus 
__________________ --> Backdoor.Win32.Androm.fxul |
|
10.01.2015, 13:35
| #7 |
| | Backdoor.Win32.Androm.fxul cool danke für deine hilfe |
|
10.01.2015, 14:33
| #8 |
| /// the machine /// TB-Ausbilder | Backdoor.Win32.Androm.fxul Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Backdoor.Win32.Androm.fxul |
| angeblich, angeklickt, anhang, beenden, datei, deutsch, direkt, email, freundin, gefundene, gen, hallo zusammen, kaspersky, kleines, konnte, malware, nicht mehr, rechnung, rechtsanwalt, sauber, system, untersuchung, überspringen, zusammen, zwischen |
Linear-Darstellung
