| |
| |||||||
Log-Analyse und Auswertung: Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AFWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.01.2015, 13:29
| #1 |
 |  Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AFFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-01-2015
Ran by (administrator) on WEB2-PC on 18-01-2015 11:11:34
Running from C:\Users\\Downloads
Loaded Profiles: & Administrator (Available profiles: WEB2 & & Administrator)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7Debug\mdm.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 2\creator-ws.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Printer Manager\SpoolerComp.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Piriform Ltd) D:\Programme\CCleaner\CCleaner.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2662424 2014-10-06] ()
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Command Processor: <======= ATTENTION
HKU\S-1-5-21-2674687411-896115206-3012793717-1001\...\Run: [] => [X]
HKU\S-1-5-21-2674687411-896115206-3012793717-1001\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-2674687411-896115206-3012793717-1003\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-2674687411-896115206-3012793717-1003\...\Run: [CCleaner Monitoring] => D:\Programme\CCleaner\CCleaner.exe [5489944 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2674687411-896115206-3012793717-1003\...\MountPoints2: {586c6e4b-c3db-11e3-ab46-0040053254e7} - H:\unlock.exe autoplay=true
HKU\S-1-5-21-2674687411-896115206-3012793717-500\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2295072 2007-12-05] (Hewlett-Packard Company)
HKU\S-1-5-21-2674687411-896115206-3012793717-500\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
HKU\S-1-5-21-2674687411-896115206-3012793717-500\...\Run: [PC Suite Tray] => "D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~1.DLL => C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~1.DLL File Not Found
IFEO\backitup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\cdspeed.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\coverdes.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\drivespeed.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\infotool.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\lightscribecontrolpanel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\lslauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\nero.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\pdf architect 2.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\setupx.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\tomtomhome.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
IFEO\wdsmartware.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.)
ShellIconOverlayIdentifiers: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => No File
BootExecute: autocheck autochk /r \??\L:autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-2674687411-896115206-3012793717-1001] => http=;ftp=;https=;
ProxyServer: [S-1-5-21-2674687411-896115206-3012793717-1003] => localhost:8080
HKU\S-1-5-21-2674687411-896115206-3012793717-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-2674687411-896115206-3012793717-1003\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-2674687411-896115206-3012793717-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-2674687411-896115206-3012793717-500 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-2674687411-896115206-3012793717-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2674687411-896115206-3012793717-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2674687411-896115206-3012793717-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks: - {56F9679E-7826-4C84-81F3-532071A8BCC5} - No File [ ]
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
FireFox:
========
FF ProfilePath: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3319434&octid=EB_ORIGINAL_CTID&ISID=M69DB71F0-F5CD-461A-A83E-7A42A67B3172&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP4CC2324E-7C07-4AB4-85E7-6FF4018BF983
FF SelectedSearchEngine: Conduit Search
FF Homepage: https://www.google.de/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> L:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF user.js: detected! => C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\user.js
FF SearchPlugin: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: HTTPS-Everywhere - C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\Extensions\https-everywhere@eff.org [2014-10-17]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}(2) [2014-04-14]
FF Extension: NoScript - C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-01-18]
FF Extension: Adblock Plus - C:\Users\Bade\AppData\Roaming\Mozilla\Firefox\Profiles\d93wb87z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-14]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.2.0.18
FF Extension: AVG Web TuneUp - C:\ProgramData\AVG Web TuneUp\FireFoxExt\3.2.0.18 [2014-10-06]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Google Drive) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-14]
CHR Extension: (Win7 Scrollbars) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2014-04-14]
CHR Extension: (Google-Suche) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-14]
CHR Extension: (Google Wallet) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-14]
CHR Extension: (Google Mail) - C:\Users\Bade\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-14]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.0.5.292\avg.crx [Not Found]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 NBService; D:\Program Files\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
S4 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files\PDF Architect 2\creator-ws.exe [738856 2014-06-26] (pdfforge GmbH)
S4 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [379952 2013-05-23] (Samsung Electronics Co., Ltd.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 TomTomHOMEService; D:\Programme\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-08-27] (TomTom)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1781048 2014-07-16] (TuneUp Software)
R2 vToolbarUpdater3.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-08-30] (AVG Secure Search)
S4 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [238592 2011-03-09] (WDC) [File not signed]
S4 WDFME; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1060864 2011-03-09] () [File not signed]
S4 WDSC; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [484352 2011-03-09] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [136488 2014-12-23] (SlySoft, Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208152 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [154904 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-30] (AVG Technologies)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2014-04-18] (Phoenix Technologies) [File not signed]
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
S3 emAudio; C:\Windows\System32\drivers\emAudio.sys [25600 2010-05-07] (eMPIA Technology, Inc.)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-05-24] (Samsung Electronics) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2014-06-23] (TuneUp Software)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA.sys [583552 2014-04-15] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM.sys [840960 2014-04-15] (eMPIA Technology, Inc.)
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-18 11:11 - 2015-01-18 11:12 - 00020105 _____ () C:\Users\Bade\Downloads\FRST.txt
2015-01-18 11:09 - 2015-01-18 11:11 - 00000000 ____D () C:\FRST
2015-01-18 11:07 - 2015-01-18 11:07 - 01117696 _____ (Farbar) C:\Users\Bade\Downloads\FRST.exe
2015-01-18 11:04 - 2015-01-18 11:05 - 00000470 _____ () C:\Users\Bade\Downloads\defogger_disable.log
2015-01-18 11:04 - 2015-01-18 11:04 - 00000000 _____ () C:\Users\Bade\defogger_reenable
2015-01-18 11:02 - 2015-01-18 11:02 - 00050477 _____ () C:\Users\Bade\Downloads\Defogger.exe
2015-01-18 10:13 - 2015-01-18 10:13 - 00243728 _____ () C:\Users\Bade\Downloads\Firefox Setup Stub 35.0.exe
2015-01-14 11:44 - 2015-01-14 11:51 - 125285624 _____ (Microsoft Corporation) C:\Users\Bade\Downloads\msert ms safety scanner.exe
2015-01-14 11:36 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:36 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:36 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 11:36 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:36 - 2014-12-11 18:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:36 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-10 13:35 - 2015-01-10 13:35 - 00000000 ____D () C:\Users\Bade\Documents\ProcAlyzer Dumps
2015-01-10 11:28 - 2015-01-10 11:33 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-10 11:28 - 2015-01-10 11:28 - 00002137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-10 11:28 - 2015-01-10 11:28 - 00002125 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-10 11:28 - 2015-01-10 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-10 11:22 - 2015-01-10 11:25 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Bade\Downloads\spybot-2.4.exe
2014-12-24 09:28 - 2014-12-24 09:29 - 11604456 _____ () C:\Users\Bade\Downloads\SetupAnyDVD7550.exe
2014-12-23 16:41 - 2014-12-23 16:41 - 00136488 _____ (SlySoft, Inc.) C:\Windows\system32\Drivers\AnyDVD.sys
2014-12-22 08:03 - 2015-01-16 10:45 - 00041372 _____ () C:\Windows\PFRO.log
2014-12-21 09:39 - 2015-01-18 10:03 - 00001400 _____ () C:\Windows\setupact.log
2014-12-21 09:39 - 2014-12-21 09:39 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-20 23:31 - 2014-12-20 23:31 - 00030616 _____ (Elaborate Bytes AG) C:\Windows\system32\Drivers\ElbyCDIO.sys
2014-12-20 09:54 - 2014-12-20 09:54 - 05317104 _____ (Piriform Ltd) C:\Users\Bade\Downloads\ccsetup501.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-18 11:04 - 2014-04-14 14:20 - 00000000 ____D () C:\Users\Bade
2015-01-18 10:27 - 2014-10-01 11:12 - 00000000 ____D () C:\Users\Bade\AppData\Local\Adobe
2015-01-18 10:27 - 2014-04-18 08:01 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-18 10:27 - 2014-04-18 08:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-18 10:17 - 2014-12-12 18:00 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-18 10:17 - 2014-07-26 08:49 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-18 10:17 - 2014-07-26 08:49 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-18 10:17 - 2014-04-14 14:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-18 10:14 - 2014-05-11 09:26 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-18 10:10 - 2009-07-14 05:34 - 00026720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 10:10 - 2009-07-14 05:34 - 00026720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-18 10:09 - 2014-04-14 14:22 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-18 10:09 - 2014-04-14 13:05 - 01916013 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 10:03 - 2014-05-11 09:26 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-18 10:03 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-17 08:42 - 2014-10-22 11:31 - 00000957 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-17 08:42 - 2014-04-15 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-15 17:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-15 13:58 - 2010-11-20 22:01 - 01593956 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-14 12:00 - 2014-04-14 14:22 - 00000000 ____D () C:\ProgramData\Samsung
2015-01-14 11:57 - 2014-04-14 17:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 11:37 - 2014-04-14 17:41 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-10 13:33 - 2014-04-14 19:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-05 10:54 - 2014-04-14 17:57 - 00000000 ____D () C:\Users\Bade\AppData\Local\Thunderbird
2014-12-24 09:31 - 2013-10-16 14:28 - 00000757 _____ () C:\Users\Public\Desktop\AnyDVD.lnk
2014-12-20 09:58 - 2010-11-09 09:17 - 00000671 _____ () C:\Users\Public\Desktop\CCleaner.lnk
==================== Files in the root of some directories =======
2013-10-16 14:27 - 2013-10-16 14:32 - 0000088 __SHC () C:\ProgramData\.zreglib
2014-04-14 17:51 - 2014-04-14 17:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-16 23:09 - 2014-04-16 23:09 - 0000048 _____ () C:\ProgramData\dummy.txt
2010-01-05 10:25 - 2010-01-05 10:25 - 0005048 ____C () C:\ProgramData\mtbjfghn.xbe
2010-01-24 11:39 - 2014-11-07 13:58 - 0000020 ____H () C:\ProgramData\PKP_DLec.DAT
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\NEventMessages.dll
C:\Users\Administrator\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\WEB2\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 23:00
==================== End Of Log ============================
Hallo everybody - habe nach verdächtigen Pop-ups beim Surfen erstmals nach Jahren einen Microsoft Safety Scan zusätzlich zu AVG & Spybot gefahren - dabei wurden 2 Vorkommnisse entdeckt und AVG meldete kurz darauf über den Resident Schutz die Infektionen laut Anlage . Da der Generic als Trojaner identifiziert wurde, habe ich für beide - wie empfohlen - die Sandbox aktiviert und im darauffolgenden Rundum Scan hat AVG alles clean gemeldet. Ein zweiter Tiefenroo0tscan von Spybot zeigte aber nach wie vor die gleichen Rootkitmeldungen an. Scheint also doch erweiterte cleaning Aktion neben sandboxing erforderlich zu sein. Deshalb benötige ich Hilfte. Ich habe bereits defogging und FRST laufen lassen. wenns klappt wie folgt Logfiles: |
|
18.01.2015, 14:18
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF Hi,
__________________es fehlt noch die Addition.txt von FRST.
__________________ |
|
18.01.2015, 14:48
| #3 |
| | Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF Hi nochmal Schrauber -
__________________Sry, dieses ist mein erster blog - habe noch einige Kinken in der Prozedur. Versuche die addition einzufügten: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-01-2015
Ran by Bade at 2015-01-18 11:13:30
Running from C:\Users\Bade\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 13 ActiveX (HKLM\...\{8F9B1C8E-F50E-4139-8701-45016021E102}) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Cloud Player (HKU\S-1-5-21-2674687411-896115206-3012793717-1001\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-2674687411-896115206-3012793717-1003\...\Amazon Amazon Music) (Version: 3.4.0.628 - Amazon Services LLC)
Any Video Converter 5.5.8 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.5.5.0 - SlySoft)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 3 (HKLM\...\{A5F68DC8-0278-4AD8-B413-861509B5F25B}) (Version: - ArcSoft)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4260 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 3.2.0.18 - AVG Technologies)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite (HKLM\...\{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}) (Version: 1.00.000 - )
BUFFALO eco Manager for HD (HKLM\...\UN080616) (Version: - )
BUFFALO TurboUSB for FLASH/HDD (HKLM\...\UN070618) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CloneDVDmobile (HKLM\...\CloneDVDmobile) (Version: 1.9.0.1 - SlySoft)
C-Media 3D Audio (HKLM\...\C-Media Audio) (Version: - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corp.)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EZ Tape Converter 2.0.0 by MixMeister (HKLM\...\EZ Tape Converter by MixMeister_is1) (Version: - MixMeister Technology LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Laplink PCmover Upgrade Assistant (HKLM\...\{F65BA800-3F9A-4265-A1C9-C631F269C583}) (Version: 8.20.635 - Laplink Software, Inc.)
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 6.01.0723.01 - )
LightScribe System Software 1.10.27.1 (HKLM\...\{CBCF859F-04BE-4A07-B6FA-F4FAD69EF1ED}) (Version: 1.10.27.1 - hxxp://www.lightscribe.com)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Bootvis (HKLM\...\{0F9196C6-58B4-445B-B56E-B1200FECC151}) (Version: 1.3.37 - Microsoft)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 7.0 (HKLM\...\{EDDDC607-91D9-4758-9F57-265FDCD8A772}) (Version: 07.02.0702 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKU\S-1-5-21-2674687411-896115206-3012793717-1003\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MPC-HC 1.7.3 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team)
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{1596098A-FCEC-48F0-B7C7-08A31B771031}) (Version: 7.03.0918 - Nero AG)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-2674687411-896115206-3012793717-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-2674687411-896115206-3012793717-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF Architect 2 (HKLM\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 Create Module (HKLM\...\{03EC56DE-6424-43D7-A020-1EEE3E8159DE}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM\...\{C960FF38-431D-429D-AD1F-FBD12A45B7C5}) (Version: 2.0.17.17583 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Personal Backup 5.6 (HKLM\...\Personal Backup 5_is1) (Version: 5.6 - Dr. J. Rathlev)
PHOTOfunSTUDIO 6.1 HD Lite Edition (HKLM\...\{7E653036-DE31-4BFD-96BB-421CC72E06FC}) (Version: 6.01.015 - Panasonic Corporation)
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
Platform (Version: 1.1 - VIA Technologies, Inc.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - PowerDVDCorp.)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 063604(3.7)_Vista_LG - CyberLink Corp.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Router monopuerto (HKLM\...\KitAim20CT5071RoHS) (Version: - )
Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.05.62 (30.04.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.03.30.00(24.05.2013) - Samsung Electronics Co., Ltd.)
Samsung M267x 287x Series (HKLM\...\Samsung M267x 287x Series) (Version: 1.20 (10.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM\...\Samsung Network PC Fax) (Version: 1.10.05 (23.05.2013) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden
Sicherheitsupdate für Windows XP (KB923789) (HKLM\...\KB923789) (Version: - Microsoft Corporation)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.179 - TuneUp Software) Hidden
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.1 - VIA Technologies, Inc.)
Video Grabber Driver Setup (HKLM\...\{3FF76A1B-13C9-4336-BBCF-B007A745B065}) (Version: 1.00.0000 - Medion)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD SmartWare (HKLM\...\{BC3804E5-77CC-47A0-8BD5-797355A26BA3}) (Version: 1.4.5.5 - Western Digital)
WEB.DE Toolbar für Internet Explorer 8 (HKLM\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 1.2.21.0 - 1&1 Mail & Media GmbH)
WEB.DE Toolbar MSVC90 CRT (Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2674687411-896115206-3012793717-1003_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0943BD77-76F8-4358-88FD-12CBCC63F446} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {184868E7-506E-4746-987F-40EAFAC75620} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {19F8714C-54F7-4E2D-8BF7-3450E94DCB79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {1F5ADAD6-D69E-40E8-B31D-83E316D2385B} - System32\Tasks\{58A24736-AE0E-4F18-BF55-8F348F0CE28E} => D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Task: {4780C82B-21B0-4B2F-B869-003D4F4DBDB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4C4592AC-2201-43A9-AC1A-75DA14622902} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {77848069-0D3C-4325-845D-1C5B31F5BDD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {993D4AD5-1DC9-472B-94B5-7DD09F485B08} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {9BD46E28-7E90-4529-B428-D265192379B8} - System32\Tasks\{B341E2F0-98A2-40D6-BAA0-307F12DC45CE} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{9810C3D4-4799-42AB-BCF8-48D93A6C5E15}\setup.exe" -c UNINSTALL /l0x0007
Task: {B506E1AC-F35D-4F4F-8B22-136A755906BB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B53F9AB7-EAF9-4476-989C-5F89F99915E8} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {CBF265F5-A38F-4532-A47E-CD33F4F9BF60} - System32\Tasks\{BE268E2C-1445-493E-9347-D3F8EC017DF4} => pcalua.exe -a "C:\Users\Bade\Downloads\32bit_Win7_Win8_Win81_R273 realtek.exe" -d C:\Users\Bade\Downloads
Task: {CE1D5BA8-2915-4E97-8317-EC3600C55C90} - System32\Tasks\{D9BFB92B-1850-4BFA-9E79-84CDC86FC99B} => D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
Task: {DE3D2FB5-01F8-483A-9E78-6F1DF5D02901} - System32\Tasks\{22032200-9FD4-4B87-9EB9-CB2BA195775B} => G:\Programme\iTunes\2\iTunes.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-12-03 10:44 - 2014-12-03 10:44 - 00025600 _____ () C:\Windows\System32\ssa6mlm.dll
2014-04-16 22:52 - 2007-05-14 03:54 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2015-01-10 11:28 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-10 11:28 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-10 11:28 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-10 11:28 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-10 11:28 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00350072 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-08-30 08:17 - 2014-10-06 13:26 - 00577560 _____ () C:\Program Files\AVG Web TuneUp\TBAPI.dll
2014-08-30 08:17 - 2014-10-06 13:26 - 02662424 _____ () C:\Program Files\AVG Web TuneUp\vprot.exe
2014-08-30 08:17 - 2014-08-30 08:16 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\log4cplusU.dll
2013-05-24 10:29 - 2013-05-24 10:29 - 02560512 _____ () C:\Program Files\Samsung\Easy Printer Manager\sf.dll
2013-05-24 10:49 - 2013-05-24 10:49 - 00310272 _____ () C:\Program Files\Samsung\Easy Printer Manager\sslog.dll
2014-07-16 09:24 - 2014-07-16 09:24 - 00585528 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2014-08-30 08:17 - 2014-08-30 08:16 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () D:\Programme\CCleaner\lang\lang-1031.dll
2015-01-18 10:17 - 2015-01-09 10:05 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^NkbMonitor.exe.lnk => C:\WINDOWS\pss\NkbMonitor.exe.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk => C:\WINDOWS\pss\PHOTOfunSTUDIO 6.1 HD Lite Edition.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Pinnacle Scheduler.lnk => C:\WINDOWS\pss\Pinnacle Scheduler.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WDDMStatus.lnk => C:\WINDOWS\pss\WDDMStatus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Windows Search.lnk => C:\WINDOWS\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk => C:\Windows\pss\PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk.CommonStartup
MSCONFIG\startupreg: Alcmtr => ALCMTR.EXE
MSCONFIG\startupreg: AlcWzrd => ALCWZRD.EXE
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Bade\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Bade\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: AnyDVD => "D:\Programme\SlySoft\AnyDVD\AnyDVD.exe"
MSCONFIG\startupreg: CLMLServer => "D:\Programme\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Cmaudio => RunDll32 cmicnfg.cpl,CMICtrlWnd
MSCONFIG\startupreg: ControlCenter2.0 => C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
MSCONFIG\startupreg: InCD => C:\Program Files\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: InstallShieldSetup => C:\PROGRA~2\INSTAL~1\{80F24F31-F641-4349-83F3-59E335976D16}\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{80F24F31-F641-4349-83F3-59E335976D16}\reboot.ini -l0x7
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: LanguageShortcut => "D:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LGODDFU => "D:\Program Files\lg_fwupdate\fwupdate.exe" blrun
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: PC Suite Tray => "D:\Programme\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PCTVUSB2Remote => D:\Programme\Pinnacle\PCTV USB2\Remote\Remoterm.exe
MSCONFIG\startupreg: Power2GoExpress => "C:\Program Files\HomeCinema\Power2Go\Power2GoExpress.exe" /Startup
MSCONFIG\startupreg: QuickTime Task => "D:\Programme\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SearchSettings => C:\Program Files\pdfforge Toolbar\SearchSettings.exe
MSCONFIG\startupreg: SecurDisc => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
MSCONFIG\startupreg: SetDefPrt => D:\Programme\Brother\Brmfl04g\BrStDvPt.exe
MSCONFIG\startupreg: SkyTel => SkyTel.EXE
MSCONFIG\startupreg: SoundMan => SOUNDMAN.EXE
MSCONFIG\startupreg: SpybotSD TeaTimer => D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: StartCCC => "D:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Telefonica => "C:\Program Files\Telefonica\bin\sprtcmd.exe" /P Telefonica
MSCONFIG\startupreg: TomTomHOME.exe => "D:\Programme\TomTom HOME 2\TomTomHOMERunner.exe" -s
MSCONFIG\startupreg: UpdateP2GoShortCut => "D:\Programme\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "D:\Programme\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files\HomeCinema\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\8.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\HomeCinema\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: UserFaultCheck => %systemroot%\system32\dumprep 0 -u
MSCONFIG\startupreg: Windows Defender => "C:\Program Files\Windows Defender\MSASCui.exe" -hide
========================= Accounts: ==========================
Administrator (S-1-5-21-2674687411-896115206-3012793717-500 - Administrator - Enabled) => C:\Users\Administrator
Bade (S-1-5-21-2674687411-896115206-3012793717-1003 - Administrator - Enabled) => C:\Users\Bade
Gast (S-1-5-21-2674687411-896115206-3012793717-501 - Limited - Enabled)
WEB2 (S-1-5-21-2674687411-896115206-3012793717-1001 - Limited - Enabled) => C:\Users\WEB2
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/18/2015 11:13:32 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (01/18/2015 11:13:32 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (01/18/2015 10:03:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2015 11:20:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2015 09:19:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/17/2015 09:18:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/17/2015 09:18:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/17/2015 09:18:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/17/2015 07:42:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/16/2015 10:45:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/18/2015 10:04:08 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/18/2015 10:04:02 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/18/2015 10:03:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/18/2015 10:03:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/18/2015 10:03:04 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (01/18/2015 10:03:04 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/17/2015 11:21:05 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/17/2015 11:21:00 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/17/2015 11:20:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/17/2015 11:19:58 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Microsoft Office Sessions:
=========================
Error: (01/18/2015 11:13:32 AM) (Source: VSS) (EventID: 12292) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (01/18/2015 11:13:32 AM) (Source: VSS) (EventID: 13) (User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Vorgang:
Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
Schattenkopien abfragen
Kontext:
Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Snapshotkontext: 13
Snapshotkontext: 13
Ausführungskontext: Coordinator
Error: (01/18/2015 10:03:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2015 11:20:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/17/2015 09:19:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"e:\program files\panasonic\photofunstudio 6.1 hd lite\HDWTools\RegTool.exe
Error: (01/17/2015 09:18:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\network pc fax\drv\NetFaxTray64.exe
Error: (01/17/2015 09:18:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\network pc fax\drv\NetFaxMon64.exe
Error: (01/17/2015 09:18:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung m267x 287x series\Setup\Setup\bin\wiainst64.exe
Error: (01/17/2015 07:42:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/16/2015 10:45:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 59%
Total physical RAM: 1533.8 MB
Available physical RAM: 627.9 MB
Total Pagefile: 3067.6 MB
Available Pagefile: 1687.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.06 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:101.51 GB) (Free:35.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Programme) (Fixed) (Total:55.51 GB) (Free:43.1 GB) NTFS
Drive e: (Daten) (Fixed) (Total:29.29 GB) (Free:27.23 GB) NTFS
Drive l: (HD-CEU2) (Fixed) (Total:465.65 GB) (Free:404.16 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 186.3 GB) (Disk ID: A3FAA3FA)
Partition 1: (Active) - (Size=101.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=55.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: F5B83B08)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)
==================== End Of Log ============================
|
|
18.01.2015, 16:41
| #4 |
| /// the machine /// TB-Ausbilder | Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.01.2015, 17:41
| #5 |
| | Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF Hi, Schrauber - habe beide tools durchlaufenlassen mit -0 - Befund. hier noch mal die logs zur Sicherheit: Code:
ATTFilter 17:28:56.0457 0x0d54 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
17:29:09.0988 0x0d54 ============================================================
17:29:09.0988 0x0d54 Current date / time: 2015/01/18 17:29:09.0988
17:29:09.0988 0x0d54 SystemInfo:
17:29:09.0988 0x0d54
17:29:09.0988 0x0d54 OS Version: 6.1.7601 ServicePack: 1.0
17:29:09.0988 0x0d54 Product type: Workstation
17:29:09.0988 0x0d54 ComputerName: WEB2-PC
17:29:09.0988 0x0d54 UserName: Bade
17:29:09.0988 0x0d54 Windows directory: C:\Windows
17:29:09.0988 0x0d54 System windows directory: C:\Windows
17:29:09.0988 0x0d54 Processor architecture: Intel x86
17:29:09.0988 0x0d54 Number of processors: 1
17:29:09.0988 0x0d54 Page size: 0x1000
17:29:09.0988 0x0d54 Boot type: Normal boot
17:29:09.0988 0x0d54 ============================================================
17:29:12.0097 0x0d54 KLMD registered as C:\Windows\system32\drivers\21825109.sys
17:29:12.0863 0x0d54 System UUID: {6095B240-D20A-F2BF-55AA-FE99E3E2DE2A}
17:29:14.0613 0x0d54 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 ( 186.31 Gb ), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:29:14.0613 0x0d54 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:29:14.0613 0x0d54 ============================================================
17:29:14.0613 0x0d54 \Device\Harddisk0\DR0:
17:29:14.0613 0x0d54 MBR partitions:
17:29:14.0613 0x0d54 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCB03FC4
17:29:14.0613 0x0d54 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCB04003, BlocksNum 0x6F0798F
17:29:14.0613 0x0d54 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13A0B992, BlocksNum 0x3A9381E
17:29:14.0613 0x0d54 \Device\Harddisk1\DR1:
17:29:14.0613 0x0d54 MBR partitions:
17:29:14.0613 0x0d54 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
17:29:14.0613 0x0d54 ============================================================
17:29:14.0644 0x0d54 C: <-> \Device\Harddisk0\DR0\Partition1
17:29:14.0676 0x0d54 D: <-> \Device\Harddisk0\DR0\Partition2
17:29:14.0691 0x0d54 E: <-> \Device\Harddisk0\DR0\Partition3
17:29:14.0738 0x0d54 L: <-> \Device\Harddisk1\DR1\Partition1
17:29:14.0769 0x0d54 ============================================================
17:29:14.0769 0x0d54 Initialize success
17:29:14.0769 0x0d54 ============================================================
17:30:04.0035 0x15f8 ============================================================
17:30:04.0035 0x15f8 Scan started
17:30:04.0035 0x15f8 Mode: Manual;
17:30:04.0035 0x15f8 ============================================================
17:30:04.0035 0x15f8 KSN ping started
17:30:06.0644 0x15f8 KSN ping finished: true
17:30:07.0816 0x15f8 ================ Scan system memory ========================
17:30:07.0816 0x15f8 System memory - ok
17:30:07.0832 0x15f8 ================ Scan services =============================
17:30:08.0035 0x15f8 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:30:08.0051 0x15f8 1394ohci - ok
17:30:08.0113 0x15f8 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:30:08.0129 0x15f8 ACPI - ok
17:30:08.0160 0x15f8 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:30:08.0160 0x15f8 AcpiPmi - ok
17:30:08.0332 0x15f8 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:08.0332 0x15f8 AdobeARMservice - ok
17:30:08.0410 0x15f8 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:30:08.0426 0x15f8 adp94xx - ok
17:30:08.0472 0x15f8 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:30:08.0488 0x15f8 adpahci - ok
17:30:08.0535 0x15f8 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:30:08.0551 0x15f8 adpu320 - ok
17:30:08.0597 0x15f8 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:30:08.0597 0x15f8 AeLookupSvc - ok
17:30:08.0676 0x15f8 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
17:30:08.0676 0x15f8 AFD - ok
17:30:08.0722 0x15f8 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
17:30:08.0722 0x15f8 agp440 - ok
17:30:08.0785 0x15f8 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:30:08.0785 0x15f8 aic78xx - ok
17:30:08.0847 0x15f8 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
17:30:08.0847 0x15f8 ALG - ok
17:30:08.0894 0x15f8 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
17:30:08.0894 0x15f8 aliide - ok
17:30:08.0957 0x15f8 [ B19505648F033393E907E2E419FDE8B3, BEF76AAD61FE0CA1F2B91C491FD94DE1BE67E776BBB7972D57ADFBE0333E9615 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:30:08.0957 0x15f8 AMD External Events Utility - ok
17:30:09.0004 0x15f8 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:30:09.0004 0x15f8 amdagp - ok
17:30:09.0019 0x15f8 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
17:30:09.0019 0x15f8 amdide - ok
17:30:09.0066 0x15f8 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:30:09.0066 0x15f8 AmdK8 - ok
17:30:09.0097 0x15f8 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:30:09.0097 0x15f8 AmdPPM - ok
17:30:09.0160 0x15f8 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:30:09.0160 0x15f8 amdsata - ok
17:30:09.0222 0x15f8 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:30:09.0238 0x15f8 amdsbs - ok
17:30:09.0269 0x15f8 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:30:09.0269 0x15f8 amdxata - ok
17:30:09.0316 0x15f8 [ E07473ED4962D3560870B4A98F4EB478, 7CF161395C60C641F5F7EB76546E362488C1A567DA5D6415D360ADDE20B54C82 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
17:30:09.0316 0x15f8 AnyDVD - ok
17:30:09.0379 0x15f8 [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID C:\Windows\system32\drivers\appid.sys
17:30:09.0379 0x15f8 AppID - ok
17:30:09.0410 0x15f8 [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:30:09.0410 0x15f8 AppIDSvc - ok
17:30:09.0457 0x15f8 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
17:30:09.0457 0x15f8 Appinfo - ok
17:30:09.0566 0x15f8 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:30:09.0566 0x15f8 Apple Mobile Device - ok
17:30:09.0613 0x15f8 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
17:30:09.0613 0x15f8 arc - ok
17:30:09.0644 0x15f8 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:30:09.0644 0x15f8 arcsas - ok
17:30:09.0769 0x15f8 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:30:09.0769 0x15f8 aspnet_state - ok
17:30:09.0832 0x15f8 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:30:09.0832 0x15f8 AsyncMac - ok
17:30:09.0863 0x15f8 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
17:30:09.0863 0x15f8 atapi - ok
17:30:10.0160 0x15f8 [ 04F09923A393E4E0E8453A8F78361E73, B5C0B9D1195B87AF823887AD9355CD2B4C4F4DDF34103891EE48EA86F0F544E7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:30:10.0379 0x15f8 atikmdag - ok
17:30:10.0472 0x15f8 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:30:10.0488 0x15f8 AudioEndpointBuilder - ok
17:30:10.0535 0x15f8 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:30:10.0551 0x15f8 Audiosrv - ok
17:30:10.0613 0x15f8 [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx C:\Windows\system32\DRIVERS\avgdiskx.sys
17:30:10.0629 0x15f8 Avgdiskx - ok
17:30:10.0863 0x15f8 [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] AVGIDSAgent C:\Program Files\AVG\AVG2015\avgidsagent.exe
17:30:10.0941 0x15f8 AVGIDSAgent - ok
17:30:11.0019 0x15f8 [ EB1AA821F99D5D2DA05511AE8D4704C4, 68AE41B7DA35200B24E27733DC05D9DA1F2D4C98524531AB8F1BD2AB4AFC831C ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
17:30:11.0035 0x15f8 AVGIDSDriver - ok
17:30:11.0066 0x15f8 [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
17:30:11.0066 0x15f8 AVGIDSHX - ok
17:30:11.0113 0x15f8 [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
17:30:11.0113 0x15f8 AVGIDSShim - ok
17:30:11.0160 0x15f8 [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
17:30:11.0176 0x15f8 Avgldx86 - ok
17:30:11.0207 0x15f8 [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
17:30:11.0222 0x15f8 Avglogx - ok
17:30:11.0269 0x15f8 [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
17:30:11.0285 0x15f8 Avgmfx86 - ok
17:30:11.0316 0x15f8 [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
17:30:11.0316 0x15f8 Avgrkx86 - ok
17:30:11.0363 0x15f8 [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
17:30:11.0363 0x15f8 Avgtdix - ok
17:30:11.0426 0x15f8 [ D15D2E9F5567075740B88F16F01810D6, 09086182352B0901D886B1F588F141DFC1E68CF0CA62BA399F841E1C96DFDFEF ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
17:30:11.0426 0x15f8 avgtp - ok
17:30:11.0472 0x15f8 [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] avgwd C:\Program Files\AVG\AVG2015\avgwdsvc.exe
17:30:11.0488 0x15f8 avgwd - ok
17:30:11.0551 0x15f8 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:30:11.0551 0x15f8 AxInstSV - ok
17:30:11.0629 0x15f8 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
17:30:11.0644 0x15f8 b06bdrv - ok
17:30:11.0691 0x15f8 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
17:30:11.0707 0x15f8 b57nd60x - ok
17:30:11.0769 0x15f8 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
17:30:11.0769 0x15f8 BDESVC - ok
17:30:11.0801 0x15f8 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
17:30:11.0801 0x15f8 Beep - ok
17:30:11.0863 0x15f8 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
17:30:11.0879 0x15f8 BFE - ok
17:30:11.0957 0x15f8 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
17:30:11.0988 0x15f8 BITS - ok
17:30:12.0035 0x15f8 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:30:12.0035 0x15f8 blbdrive - ok
17:30:12.0129 0x15f8 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:30:12.0144 0x15f8 Bonjour Service - ok
17:30:12.0191 0x15f8 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:30:12.0191 0x15f8 bowser - ok
17:30:12.0222 0x15f8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:30:12.0222 0x15f8 BrFiltLo - ok
17:30:12.0269 0x15f8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:30:12.0269 0x15f8 BrFiltUp - ok
17:30:12.0316 0x15f8 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
17:30:12.0316 0x15f8 Browser - ok
17:30:12.0347 0x15f8 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:30:12.0363 0x15f8 Brserid - ok
17:30:12.0394 0x15f8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:30:12.0394 0x15f8 BrSerWdm - ok
17:30:12.0426 0x15f8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:30:12.0426 0x15f8 BrUsbMdm - ok
17:30:12.0457 0x15f8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:30:12.0457 0x15f8 BrUsbSer - ok
17:30:12.0488 0x15f8 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:30:12.0488 0x15f8 BTHMODEM - ok
17:30:12.0566 0x15f8 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
17:30:12.0566 0x15f8 bthserv - ok
17:30:12.0613 0x15f8 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:30:12.0613 0x15f8 cdfs - ok
17:30:12.0660 0x15f8 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:30:12.0676 0x15f8 cdrom - ok
17:30:12.0738 0x15f8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
17:30:12.0738 0x15f8 CertPropSvc - ok
17:30:12.0785 0x15f8 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
17:30:12.0785 0x15f8 circlass - ok
17:30:12.0816 0x15f8 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
17:30:12.0832 0x15f8 CLFS - ok
17:30:12.0926 0x15f8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:30:12.0941 0x15f8 clr_optimization_v2.0.50727_32 - ok
17:30:12.0988 0x15f8 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:30:12.0988 0x15f8 clr_optimization_v4.0.30319_32 - ok
17:30:13.0035 0x15f8 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:30:13.0035 0x15f8 CmBatt - ok
17:30:13.0082 0x15f8 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:30:13.0082 0x15f8 cmdide - ok
17:30:13.0160 0x15f8 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
17:30:13.0176 0x15f8 CNG - ok
17:30:13.0222 0x15f8 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:30:13.0222 0x15f8 Compbatt - ok
17:30:13.0269 0x15f8 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:30:13.0269 0x15f8 CompositeBus - ok
17:30:13.0285 0x15f8 COMSysApp - ok
17:30:13.0316 0x15f8 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:30:13.0316 0x15f8 crcdisk - ok
17:30:13.0379 0x15f8 [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:30:13.0394 0x15f8 CryptSvc - ok
17:30:13.0472 0x15f8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
17:30:13.0488 0x15f8 DcomLaunch - ok
17:30:13.0551 0x15f8 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
17:30:13.0551 0x15f8 defragsvc - ok
17:30:13.0613 0x15f8 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:30:13.0613 0x15f8 DfsC - ok
17:30:13.0660 0x15f8 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:30:13.0676 0x15f8 Dhcp - ok
17:30:13.0691 0x15f8 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
17:30:13.0691 0x15f8 discache - ok
17:30:13.0769 0x15f8 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
17:30:13.0769 0x15f8 Disk - ok
17:30:13.0816 0x15f8 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:30:13.0816 0x15f8 Dnscache - ok
17:30:13.0879 0x15f8 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
17:30:13.0879 0x15f8 dot3svc - ok
17:30:13.0941 0x15f8 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
17:30:13.0941 0x15f8 DPS - ok
17:30:14.0004 0x15f8 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:30:14.0051 0x15f8 drmkaud - ok
17:30:14.0160 0x15f8 [ 651554E483712B708EDE864D0CA1AA73, A016C03D630A2FF7FC44B826DEA890F5AC09DD270588CEAD05F63A5A0AC79249 ] DrvAgent32 C:\Windows\system32\Drivers\DrvAgent32.sys
17:30:14.0160 0x15f8 DrvAgent32 - ok
17:30:14.0238 0x15f8 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:30:14.0285 0x15f8 DXGKrnl - ok
17:30:14.0347 0x15f8 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
17:30:14.0347 0x15f8 EapHost - ok
17:30:14.0535 0x15f8 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
17:30:14.0676 0x15f8 ebdrv - ok
17:30:14.0722 0x15f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
17:30:14.0738 0x15f8 EFS - ok
17:30:14.0832 0x15f8 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:30:14.0847 0x15f8 ehRecvr - ok
17:30:14.0879 0x15f8 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
17:30:14.0894 0x15f8 ehSched - ok
17:30:14.0910 0x15f8 [ 72753D5CC94A90F5CFC6C00ECC47163F, 824EEDCB94334912D8C44BC9626723F142DA95E9494C4B7D2F6EC7899CFF1DD2 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
17:30:14.0910 0x15f8 ElbyCDIO - ok
17:30:14.0988 0x15f8 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:30:15.0004 0x15f8 elxstor - ok
17:30:15.0066 0x15f8 [ 8BC8294AB15A472D05650CC6C255204A, C2A704438ACE3E41692C7CF5BEDEB732F10B69FF92B2945ABF990E9277A8906A ] emAudio C:\Windows\system32\drivers\emAudio.sys
17:30:15.0066 0x15f8 emAudio - ok
17:30:15.0097 0x15f8 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:30:15.0097 0x15f8 ErrDev - ok
17:30:15.0176 0x15f8 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
17:30:15.0191 0x15f8 EventSystem - ok
17:30:15.0238 0x15f8 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
17:30:15.0238 0x15f8 exfat - ok
17:30:15.0285 0x15f8 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:30:15.0285 0x15f8 fastfat - ok
17:30:15.0363 0x15f8 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
17:30:15.0394 0x15f8 Fax - ok
17:30:15.0441 0x15f8 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:30:15.0441 0x15f8 fdc - ok
17:30:15.0488 0x15f8 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
17:30:15.0488 0x15f8 fdPHost - ok
17:30:15.0519 0x15f8 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
17:30:15.0519 0x15f8 FDResPub - ok
17:30:15.0551 0x15f8 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:30:15.0551 0x15f8 FileInfo - ok
17:30:15.0582 0x15f8 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:30:15.0582 0x15f8 Filetrace - ok
17:30:15.0613 0x15f8 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:30:15.0629 0x15f8 flpydisk - ok
17:30:15.0676 0x15f8 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:30:15.0676 0x15f8 FltMgr - ok
17:30:15.0785 0x15f8 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
17:30:15.0816 0x15f8 FontCache - ok
17:30:15.0879 0x15f8 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:30:15.0894 0x15f8 FontCache3.0.0.0 - ok
17:30:15.0926 0x15f8 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:30:15.0941 0x15f8 FsDepends - ok
17:30:15.0957 0x15f8 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:30:15.0957 0x15f8 Fs_Rec - ok
17:30:16.0019 0x15f8 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:30:16.0019 0x15f8 fvevol - ok
17:30:16.0066 0x15f8 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:30:16.0066 0x15f8 gagp30kx - ok
17:30:16.0144 0x15f8 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:30:16.0160 0x15f8 GEARAspiWDM - ok
17:30:16.0238 0x15f8 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
17:30:16.0285 0x15f8 gpsvc - ok
17:30:16.0410 0x15f8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:30:16.0410 0x15f8 gupdate - ok
17:30:16.0457 0x15f8 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:30:16.0457 0x15f8 gupdatem - ok
17:30:16.0535 0x15f8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:30:16.0551 0x15f8 gusvc - ok
17:30:16.0597 0x15f8 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:30:16.0597 0x15f8 hcw85cir - ok
17:30:16.0691 0x15f8 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:30:16.0707 0x15f8 HdAudAddService - ok
17:30:16.0769 0x15f8 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:30:16.0785 0x15f8 HDAudBus - ok
17:30:16.0832 0x15f8 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:30:16.0832 0x15f8 HidBatt - ok
17:30:16.0863 0x15f8 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:30:16.0863 0x15f8 HidBth - ok
17:30:16.0941 0x15f8 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
17:30:16.0941 0x15f8 HidIr - ok
17:30:16.0988 0x15f8 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
17:30:17.0004 0x15f8 hidserv - ok
17:30:17.0066 0x15f8 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:30:17.0066 0x15f8 HidUsb - ok
17:30:17.0113 0x15f8 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
17:30:17.0113 0x15f8 hkmsvc - ok
17:30:17.0176 0x15f8 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:30:17.0176 0x15f8 HomeGroupListener - ok
17:30:17.0238 0x15f8 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:30:17.0238 0x15f8 HomeGroupProvider - ok
17:30:17.0301 0x15f8 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:30:17.0316 0x15f8 HpSAMD - ok
17:30:17.0379 0x15f8 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:30:17.0379 0x15f8 HTTP - ok
17:30:17.0410 0x15f8 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:30:17.0410 0x15f8 hwpolicy - ok
17:30:17.0472 0x15f8 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:30:17.0519 0x15f8 i8042prt - ok
17:30:17.0566 0x15f8 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:30:17.0582 0x15f8 iaStorV - ok
17:30:17.0691 0x15f8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:30:17.0754 0x15f8 IDriverT - ok
17:30:17.0879 0x15f8 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:30:17.0941 0x15f8 idsvc - ok
17:30:17.0972 0x15f8 IEEtwCollectorService - ok
17:30:18.0019 0x15f8 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:30:18.0035 0x15f8 iirsp - ok
17:30:18.0129 0x15f8 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
17:30:18.0176 0x15f8 IKEEXT - ok
17:30:18.0519 0x15f8 [ 816EEF1A714ABF9A633F478EFAC8F24C, 362492F5922781CE1AD6EB3DC8415BBEC736A5046BF6D9E82C69BADDE86048B8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:30:18.0644 0x15f8 IntcAzAudAddService - ok
17:30:18.0707 0x15f8 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
17:30:18.0707 0x15f8 intelide - ok
17:30:18.0863 0x15f8 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:30:18.0863 0x15f8 intelppm - ok
17:30:18.0910 0x15f8 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:30:18.0926 0x15f8 IPBusEnum - ok
17:30:18.0957 0x15f8 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:18.0972 0x15f8 IpFilterDriver - ok
17:30:19.0051 0x15f8 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:30:19.0066 0x15f8 iphlpsvc - ok
17:30:19.0113 0x15f8 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:30:19.0129 0x15f8 IPMIDRV - ok
17:30:19.0144 0x15f8 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:30:19.0160 0x15f8 IPNAT - ok
17:30:19.0238 0x15f8 [ 33813E4F82AEC696762EAD9EDADC9FE3, D0045D6782523B7B6FCFE4A6C864F081B522E409D9E5F031A7B8584910CEE3F5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:30:19.0254 0x15f8 iPod Service - ok
17:30:19.0301 0x15f8 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:30:19.0301 0x15f8 IRENUM - ok
17:30:19.0347 0x15f8 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:30:19.0347 0x15f8 isapnp - ok
17:30:19.0394 0x15f8 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:30:19.0410 0x15f8 iScsiPrt - ok
17:30:19.0441 0x15f8 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:30:19.0441 0x15f8 kbdclass - ok
17:30:19.0488 0x15f8 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:30:19.0488 0x15f8 kbdhid - ok
17:30:19.0519 0x15f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
17:30:19.0519 0x15f8 KeyIso - ok
17:30:19.0551 0x15f8 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:30:19.0566 0x15f8 KSecDD - ok
17:30:19.0597 0x15f8 [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:30:19.0597 0x15f8 KSecPkg - ok
17:30:19.0660 0x15f8 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:30:19.0676 0x15f8 KtmRm - ok
17:30:19.0738 0x15f8 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:30:19.0754 0x15f8 LanmanServer - ok
17:30:19.0816 0x15f8 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:30:19.0816 0x15f8 LanmanWorkstation - ok
17:30:19.0910 0x15f8 [ CCAD2AAE36E24346488B0F54A049DE78, 6A698AA0952822515413B1A432D914C9B90C3B5A43DDC2A2D72D3ADE972998D0 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:30:19.0910 0x15f8 LightScribeService - ok
17:30:19.0957 0x15f8 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:30:19.0972 0x15f8 lltdio - ok
17:30:20.0019 0x15f8 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:30:20.0035 0x15f8 lltdsvc - ok
17:30:20.0066 0x15f8 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:30:20.0066 0x15f8 lmhosts - ok
17:30:20.0113 0x15f8 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:30:20.0129 0x15f8 LSI_FC - ok
17:30:20.0160 0x15f8 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:30:20.0160 0x15f8 LSI_SAS - ok
17:30:20.0191 0x15f8 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:30:20.0191 0x15f8 LSI_SAS2 - ok
17:30:20.0222 0x15f8 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:30:20.0222 0x15f8 LSI_SCSI - ok
17:30:20.0269 0x15f8 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
17:30:20.0269 0x15f8 luafv - ok
17:30:20.0316 0x15f8 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:30:20.0316 0x15f8 Mcx2Svc - ok
17:30:20.0426 0x15f8 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
17:30:20.0426 0x15f8 MDM - ok
17:30:20.0457 0x15f8 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
17:30:20.0457 0x15f8 megasas - ok
17:30:20.0519 0x15f8 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:30:20.0535 0x15f8 MegaSR - ok
17:30:20.0582 0x15f8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
17:30:20.0582 0x15f8 MMCSS - ok
17:30:20.0613 0x15f8 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
17:30:20.0629 0x15f8 Modem - ok
17:30:20.0660 0x15f8 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:30:20.0660 0x15f8 monitor - ok
17:30:20.0691 0x15f8 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:30:20.0691 0x15f8 mouclass - ok
17:30:20.0738 0x15f8 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\drivers\mouhid.sys
17:30:20.0738 0x15f8 mouhid - ok
17:30:20.0769 0x15f8 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:30:20.0769 0x15f8 mountmgr - ok
17:30:20.0847 0x15f8 [ 9E587AFE2AD4873C809F1E0C598AB435, 0B0ECFF265120BCBAC37CF9B53B18462725AB991D00B90DBEE8DD9375121DA4F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:30:20.0863 0x15f8 MozillaMaintenance - ok
17:30:20.0894 0x15f8 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
17:30:20.0894 0x15f8 mpio - ok
17:30:20.0941 0x15f8 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:30:20.0941 0x15f8 mpsdrv - ok
17:30:21.0019 0x15f8 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:30:21.0051 0x15f8 MpsSvc - ok
17:30:21.0097 0x15f8 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:30:21.0097 0x15f8 MRxDAV - ok
17:30:21.0144 0x15f8 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:30:21.0160 0x15f8 mrxsmb - ok
17:30:21.0191 0x15f8 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:30:21.0207 0x15f8 mrxsmb10 - ok
17:30:21.0238 0x15f8 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:30:21.0238 0x15f8 mrxsmb20 - ok
17:30:21.0269 0x15f8 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
17:30:21.0269 0x15f8 msahci - ok
17:30:21.0316 0x15f8 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:30:21.0316 0x15f8 msdsm - ok
17:30:21.0347 0x15f8 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
17:30:21.0363 0x15f8 MSDTC - ok
17:30:21.0410 0x15f8 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:30:21.0410 0x15f8 Msfs - ok
17:30:21.0441 0x15f8 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:30:21.0441 0x15f8 mshidkmdf - ok
17:30:21.0457 0x15f8 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:30:21.0457 0x15f8 msisadrv - ok
17:30:21.0519 0x15f8 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:30:21.0519 0x15f8 MSiSCSI - ok
17:30:21.0535 0x15f8 msiserver - ok
17:30:21.0582 0x15f8 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:30:21.0597 0x15f8 MSKSSRV - ok
17:30:21.0613 0x15f8 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:30:21.0613 0x15f8 MSPCLOCK - ok
17:30:21.0644 0x15f8 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:30:21.0644 0x15f8 MSPQM - ok
17:30:21.0676 0x15f8 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:30:21.0691 0x15f8 MsRPC - ok
17:30:21.0722 0x15f8 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:30:21.0738 0x15f8 mssmbios - ok
17:30:21.0769 0x15f8 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:30:21.0785 0x15f8 MSTEE - ok
17:30:21.0816 0x15f8 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:30:21.0816 0x15f8 MTConfig - ok
17:30:21.0847 0x15f8 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
17:30:21.0847 0x15f8 Mup - ok
17:30:21.0926 0x15f8 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
17:30:21.0926 0x15f8 napagent - ok
17:30:21.0988 0x15f8 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:30:22.0004 0x15f8 NativeWifiP - ok
17:30:22.0160 0x15f8 [ 5836B9E91863A00EC1B8E785EFD86ECB, 6D6BC5C8070FB82A30228A6D617F0A141E225F2EC5C27F2BA8B67B8A50ABBE69 ] NBService D:\Program Files\Nero 7\Nero BackItUp\NBService.exe
17:30:22.0191 0x15f8 NBService - ok
17:30:22.0269 0x15f8 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:30:22.0285 0x15f8 NDIS - ok
17:30:22.0347 0x15f8 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:30:22.0347 0x15f8 NdisCap - ok
17:30:22.0394 0x15f8 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:30:22.0394 0x15f8 NdisTapi - ok
17:30:22.0441 0x15f8 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:30:22.0441 0x15f8 Ndisuio - ok
17:30:22.0472 0x15f8 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:30:22.0488 0x15f8 NdisWan - ok
17:30:22.0519 0x15f8 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:30:22.0519 0x15f8 NDProxy - ok
17:30:22.0551 0x15f8 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:30:22.0551 0x15f8 NetBIOS - ok
17:30:22.0582 0x15f8 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:30:22.0597 0x15f8 NetBT - ok
17:30:22.0629 0x15f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
17:30:22.0629 0x15f8 Netlogon - ok
17:30:22.0691 0x15f8 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
17:30:22.0691 0x15f8 Netman - ok
17:30:22.0738 0x15f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:22.0754 0x15f8 NetMsmqActivator - ok
17:30:22.0769 0x15f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:22.0769 0x15f8 NetPipeActivator - ok
17:30:22.0816 0x15f8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
17:30:22.0832 0x15f8 netprofm - ok
17:30:22.0863 0x15f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:22.0863 0x15f8 NetTcpActivator - ok
17:30:22.0894 0x15f8 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:30:22.0894 0x15f8 NetTcpPortSharing - ok
17:30:22.0957 0x15f8 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:30:22.0957 0x15f8 nfrd960 - ok
17:30:23.0004 0x15f8 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:30:23.0019 0x15f8 NlaSvc - ok
17:30:23.0113 0x15f8 [ A328A46D87BB92CE4D8A4528E9D84787, D3245ED700151111592BA82FB675B284DA7FCE52B07A7F68352F64A402CAB37C ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:30:23.0129 0x15f8 NMIndexingService - ok
17:30:23.0176 0x15f8 [ F6C40E0A565EE3CE5AEEB325E10054F2, 30C8BA41B1C235ECB2C7F29CD76C8F41B8D705BE7DD44F66666C28275EA56BAC ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
17:30:23.0176 0x15f8 nmwcd - ok
17:30:23.0207 0x15f8 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:30:23.0222 0x15f8 Npfs - ok
17:30:23.0269 0x15f8 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
17:30:23.0269 0x15f8 nsi - ok
17:30:23.0316 0x15f8 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:30:23.0316 0x15f8 nsiproxy - ok
17:30:23.0441 0x15f8 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:30:23.0488 0x15f8 Ntfs - ok
17:30:23.0535 0x15f8 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
17:30:23.0535 0x15f8 Null - ok
17:30:23.0582 0x15f8 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:30:23.0597 0x15f8 nvraid - ok
17:30:23.0629 0x15f8 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:30:23.0629 0x15f8 nvstor - ok
17:30:23.0660 0x15f8 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:30:23.0676 0x15f8 nv_agp - ok
17:30:23.0722 0x15f8 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:30:23.0722 0x15f8 ohci1394 - ok
17:30:23.0785 0x15f8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:30:23.0801 0x15f8 p2pimsvc - ok
17:30:23.0863 0x15f8 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
17:30:23.0879 0x15f8 p2psvc - ok
17:30:23.0926 0x15f8 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:30:23.0941 0x15f8 Parport - ok
17:30:23.0988 0x15f8 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:30:23.0988 0x15f8 partmgr - ok
17:30:24.0019 0x15f8 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
17:30:24.0019 0x15f8 Parvdm - ok
17:30:24.0066 0x15f8 [ 3A55D53687F16D9EF5BF307BBFEFCD9C, F1BB1B43442B151686500768C43A4D20CAA47427E78386953A42DDB42D9DDF0C ] PcaSvc C:\Windows\System32\pcasvc.dll
17:30:24.0082 0x15f8 PcaSvc - ok
17:30:24.0113 0x15f8 pccsmcfd - ok
17:30:24.0144 0x15f8 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
17:30:24.0144 0x15f8 pci - ok
17:30:24.0191 0x15f8 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
17:30:24.0191 0x15f8 pciide - ok
17:30:24.0222 0x15f8 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:30:24.0238 0x15f8 pcmcia - ok
17:30:24.0269 0x15f8 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
17:30:24.0269 0x15f8 pcw - ok
17:30:24.0426 0x15f8 [ F97DC1A5244469D367B1334D47118E34, A36B6C402F92BEBE14082296CBF5F69656ED87AB700789028799768FA1FE2A72 ] PDF Architect 2 C:\Program Files\PDF Architect 2\ws.exe
17:30:24.0472 0x15f8 PDF Architect 2 - ok
17:30:24.0566 0x15f8 [ B932EEFE2A1C456856E44B8A9A79D36C, 26DCB96E1FC177DF3192CEAB6BE2524E9D23F858E09A47530275174F6FD767BA ] PDF Architect 2 Creator C:\Program Files\PDF Architect 2\creator-ws.exe
17:30:24.0582 0x15f8 PDF Architect 2 Creator - ok
17:30:24.0676 0x15f8 [ E81F7D5371C95904D4105B06405D5EDA, A6A41793AC241801D37A95C25B2DA0C3CDDC804B4F2BD087ECBD30C562F3517B ] pdfforge CrashHandler C:\Program Files\PDF Architect 2\crash-handler-ws.exe
17:30:24.0722 0x15f8 pdfforge CrashHandler - ok
17:30:24.0801 0x15f8 [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:30:24.0816 0x15f8 PEAUTH - ok
17:30:24.0972 0x15f8 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
17:30:25.0019 0x15f8 pla - ok
17:30:25.0082 0x15f8 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:30:25.0097 0x15f8 PlugPlay - ok
17:30:25.0129 0x15f8 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:30:25.0129 0x15f8 PNRPAutoReg - ok
17:30:25.0160 0x15f8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:30:25.0176 0x15f8 PNRPsvc - ok
17:30:25.0254 0x15f8 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:30:25.0269 0x15f8 PolicyAgent - ok
17:30:25.0332 0x15f8 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
17:30:25.0332 0x15f8 Power - ok
17:30:25.0410 0x15f8 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:30:25.0410 0x15f8 PptpMiniport - ok
17:30:25.0441 0x15f8 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
17:30:25.0441 0x15f8 Processor - ok
17:30:25.0504 0x15f8 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
17:30:25.0519 0x15f8 ProfSvc - ok
17:30:25.0535 0x15f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:30:25.0535 0x15f8 ProtectedStorage - ok
17:30:25.0582 0x15f8 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:30:25.0582 0x15f8 Psched - ok
17:30:25.0644 0x15f8 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:30:25.0644 0x15f8 PxHelp20 - ok
17:30:25.0754 0x15f8 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:30:25.0816 0x15f8 ql2300 - ok
17:30:25.0847 0x15f8 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:30:25.0863 0x15f8 ql40xx - ok
17:30:25.0910 0x15f8 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
17:30:25.0926 0x15f8 QWAVE - ok
17:30:25.0957 0x15f8 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:30:25.0957 0x15f8 QWAVEdrv - ok
17:30:25.0988 0x15f8 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:30:26.0004 0x15f8 RasAcd - ok
17:30:26.0066 0x15f8 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:30:26.0066 0x15f8 RasAgileVpn - ok
17:30:26.0129 0x15f8 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
17:30:26.0129 0x15f8 RasAuto - ok
17:30:26.0191 0x15f8 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:30:26.0191 0x15f8 Rasl2tp - ok
17:30:26.0269 0x15f8 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
17:30:26.0301 0x15f8 RasMan - ok
17:30:26.0347 0x15f8 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:30:26.0347 0x15f8 RasPppoe - ok
17:30:26.0410 0x15f8 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:30:26.0410 0x15f8 RasSstp - ok
17:30:26.0441 0x15f8 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:30:26.0457 0x15f8 rdbss - ok
17:30:26.0504 0x15f8 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:30:26.0519 0x15f8 rdpbus - ok
17:30:26.0551 0x15f8 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:30:26.0551 0x15f8 RDPCDD - ok
17:30:26.0597 0x15f8 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:30:26.0597 0x15f8 RDPENCDD - ok
17:30:26.0660 0x15f8 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:30:26.0660 0x15f8 RDPREFMP - ok
17:30:26.0754 0x15f8 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:30:26.0754 0x15f8 RdpVideoMiniport - ok
17:30:26.0816 0x15f8 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:30:26.0832 0x15f8 RDPWD - ok
17:30:26.0894 0x15f8 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:30:26.0894 0x15f8 rdyboost - ok
17:30:26.0941 0x15f8 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:30:26.0941 0x15f8 RemoteAccess - ok
17:30:27.0004 0x15f8 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:30:27.0004 0x15f8 RemoteRegistry - ok
17:30:27.0144 0x15f8 [ 06A49B7BDC36CFBF97DD90804F833369, 0E02B50F9F371162E18D5E4FFEF1669E9B5B75460618B10FD31E63F2ACC50A90 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
17:30:27.0160 0x15f8 RichVideo - ok
17:30:27.0207 0x15f8 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:30:27.0222 0x15f8 RpcEptMapper - ok
17:30:27.0269 0x15f8 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
17:30:27.0269 0x15f8 RpcLocator - ok
17:30:27.0332 0x15f8 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
17:30:27.0332 0x15f8 RpcSs - ok
17:30:27.0410 0x15f8 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:30:27.0410 0x15f8 rspndr - ok
17:30:27.0472 0x15f8 [ 4E20765744BFBC16F6D6E5BD5598786B, CDB5AB7F8BE3C0085D08DC00CC8DB3266ABA16228B2F022380482C9D05070839 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
17:30:27.0472 0x15f8 RTL8023xp - ok
17:30:27.0504 0x15f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
17:30:27.0504 0x15f8 SamSs - ok
17:30:27.0660 0x15f8 [ AB60A0447A8C4B8FB5706D9BDF7DC156, 6DDC4252E8B3D38E4D98A516894DEBFE6E6C8D33DC76200C671810A15ADD7318 ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe
17:30:27.0676 0x15f8 Samsung Network Fax Server - ok
17:30:27.0722 0x15f8 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:30:27.0722 0x15f8 sbp2port - ok
17:30:27.0785 0x15f8 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:30:27.0801 0x15f8 SCardSvr - ok
17:30:27.0832 0x15f8 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:30:27.0832 0x15f8 scfilter - ok
17:30:27.0957 0x15f8 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
17:30:28.0004 0x15f8 Schedule - ok
17:30:28.0051 0x15f8 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:30:28.0051 0x15f8 SCPolicySvc - ok
17:30:28.0113 0x15f8 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:30:28.0129 0x15f8 SDRSVC - ok
17:30:28.0363 0x15f8 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
17:30:28.0426 0x15f8 SDScannerService - ok
17:30:28.0691 0x15f8 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:30:28.0769 0x15f8 SDUpdateService - ok
17:30:28.0926 0x15f8 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:30:28.0926 0x15f8 SDWSCService - ok
17:30:28.0988 0x15f8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:30:28.0988 0x15f8 secdrv - ok
17:30:29.0051 0x15f8 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
17:30:29.0051 0x15f8 seclogon - ok
17:30:29.0097 0x15f8 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
17:30:29.0113 0x15f8 SENS - ok
17:30:29.0160 0x15f8 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:30:29.0160 0x15f8 SensrSvc - ok
17:30:29.0191 0x15f8 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:30:29.0207 0x15f8 Serenum - ok
17:30:29.0254 0x15f8 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:30:29.0269 0x15f8 Serial - ok
17:30:29.0301 0x15f8 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:30:29.0301 0x15f8 sermouse - ok
17:30:29.0410 0x15f8 [ C3BB6CF8F9EE199005A2AAE2815AD756, 7A817599C2F3AD819D643223AA714CCCB790EE5983096D8D9CD2D626D6924837 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:30:29.0441 0x15f8 ServiceLayer - ok
17:30:29.0504 0x15f8 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
17:30:29.0519 0x15f8 SessionEnv - ok
17:30:29.0566 0x15f8 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:30:29.0566 0x15f8 sffdisk - ok
17:30:29.0582 0x15f8 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:30:29.0597 0x15f8 sffp_mmc - ok
17:30:29.0629 0x15f8 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:30:29.0629 0x15f8 sffp_sd - ok
17:30:29.0644 0x15f8 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:30:29.0644 0x15f8 sfloppy - ok
17:30:29.0722 0x15f8 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:30:29.0722 0x15f8 SharedAccess - ok
17:30:29.0785 0x15f8 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:30:29.0801 0x15f8 ShellHWDetection - ok
17:30:29.0847 0x15f8 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:30:29.0847 0x15f8 sisagp - ok
17:30:29.0894 0x15f8 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:30:29.0894 0x15f8 SiSRaid2 - ok
17:30:29.0926 0x15f8 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:30:29.0926 0x15f8 SiSRaid4 - ok
17:30:30.0004 0x15f8 [ 7C15061CD0372487903B07B9BB03AFAD, FB96CDA29C7C1E8A315BA89E8B150918E59F32CE749D3EF43FCBEB3FB57BF1C6 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:30:30.0019 0x15f8 SkypeUpdate - ok
17:30:30.0051 0x15f8 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:30:30.0051 0x15f8 Smb - ok
17:30:30.0129 0x15f8 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:30:30.0144 0x15f8 SNMPTRAP - ok
17:30:30.0176 0x15f8 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
17:30:30.0191 0x15f8 spldr - ok
17:30:30.0254 0x15f8 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
17:30:30.0269 0x15f8 Spooler - ok
17:30:30.0457 0x15f8 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
17:30:30.0597 0x15f8 sppsvc - ok
17:30:30.0644 0x15f8 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:30:30.0644 0x15f8 sppuinotify - ok
17:30:30.0707 0x15f8 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:30:30.0722 0x15f8 srv - ok
17:30:30.0769 0x15f8 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:30:30.0785 0x15f8 srv2 - ok
17:30:30.0816 0x15f8 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:30:30.0816 0x15f8 srvnet - ok
17:30:30.0879 0x15f8 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:30:30.0879 0x15f8 SSDPSRV - ok
17:30:30.0941 0x15f8 [ EF3458337D7341A05169CEFC73709264, C9D0AE966CFA02F7B72586C2A6E2AFA9818C9F4856A4E9625B79BC5A886FC193 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
17:30:30.0941 0x15f8 SSPORT - ok
17:30:30.0988 0x15f8 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:30:30.0988 0x15f8 SstpSvc - ok
17:30:31.0035 0x15f8 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:30:31.0035 0x15f8 stexstor - ok
17:30:31.0129 0x15f8 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
17:30:31.0144 0x15f8 StiSvc - ok
17:30:31.0191 0x15f8 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:30:31.0191 0x15f8 swenum - ok
17:30:31.0238 0x15f8 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
17:30:31.0254 0x15f8 swprv - ok
17:30:31.0347 0x15f8 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
17:30:31.0394 0x15f8 SysMain - ok
17:30:31.0457 0x15f8 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:30:31.0457 0x15f8 TabletInputService - ok
17:30:31.0504 0x15f8 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
17:30:31.0519 0x15f8 TapiSrv - ok
17:30:31.0535 0x15f8 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
17:30:31.0551 0x15f8 TBS - ok
17:30:31.0660 0x15f8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:30:31.0722 0x15f8 Tcpip - ok
17:30:31.0816 0x15f8 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:30:31.0863 0x15f8 TCPIP6 - ok
17:30:31.0926 0x15f8 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:30:31.0926 0x15f8 tcpipreg - ok
17:30:31.0988 0x15f8 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:30:31.0988 0x15f8 TDPIPE - ok
17:30:32.0019 0x15f8 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:30:32.0019 0x15f8 TDTCP - ok
17:30:32.0082 0x15f8 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:30:32.0082 0x15f8 tdx - ok
17:30:32.0113 0x15f8 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:30:32.0113 0x15f8 TermDD - ok
17:30:32.0176 0x15f8 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
17:30:32.0207 0x15f8 TermService - ok
17:30:32.0254 0x15f8 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
17:30:32.0254 0x15f8 Themes - ok
17:30:32.0285 0x15f8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
17:30:32.0301 0x15f8 THREADORDER - ok
17:30:32.0363 0x15f8 [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService D:\Programme\TomTom HOME 2\TomTomHOMEService.exe
17:30:32.0363 0x15f8 TomTomHOMEService - ok
17:30:32.0426 0x15f8 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
17:30:32.0426 0x15f8 TrkWks - ok
17:30:32.0519 0x15f8 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:30:32.0519 0x15f8 TrustedInstaller - ok
17:30:32.0597 0x15f8 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:30:32.0597 0x15f8 tssecsrv - ok
17:30:32.0644 0x15f8 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:30:32.0644 0x15f8 TsUsbFlt - ok
17:30:32.0691 0x15f8 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:30:32.0691 0x15f8 TsUsbGD - ok
17:30:32.0879 0x15f8 [ 110F9D73BEB93EB2CDB0A0D9101F8164, F60F3DD6A63D875701FFC3BAB475108E9EF5C2B99E815972D9417A197E863A4C ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
17:30:32.0926 0x15f8 TuneUp.UtilitiesSvc - ok
17:30:32.0972 0x15f8 [ E5049C43601473B5A909058596111229, 96CFE481F767C66FA2877594384086C1BE8B2BADBF12DBF4CB72CF73898D0876 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys
17:30:32.0972 0x15f8 TuneUpUtilitiesDrv - ok
17:30:33.0019 0x15f8 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:30:33.0019 0x15f8 tunnel - ok
17:30:33.0066 0x15f8 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:30:33.0066 0x15f8 uagp35 - ok
17:30:33.0129 0x15f8 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:30:33.0144 0x15f8 udfs - ok
17:30:33.0207 0x15f8 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:30:33.0207 0x15f8 UI0Detect - ok
17:30:33.0238 0x15f8 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:30:33.0238 0x15f8 uliagpkx - ok
17:30:33.0285 0x15f8 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:30:33.0285 0x15f8 umbus - ok
17:30:33.0316 0x15f8 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:30:33.0316 0x15f8 UmPass - ok
17:30:33.0363 0x15f8 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
17:30:33.0379 0x15f8 upnphost - ok
17:30:33.0426 0x15f8 [ 587E643A4E2FFD9A00F114B057CEB773, CEB821A89FAE95D8CFAF468EEDA349B666C3FC13E1D142D5141484D621681197 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
17:30:33.0426 0x15f8 upperdev - ok
17:30:33.0519 0x15f8 [ D339B7E74D908EEBEB4B4413B756150B, 96F4E297EED813E18DD6D5A778A7C535C89D2669083A4EC3D25B837066EF2BA2 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA.sys
17:30:33.0551 0x15f8 USB28xxBGA - ok
17:30:33.0629 0x15f8 [ 65C288D96EB8DBB6FE6787011E99665C, B7D1432EE003A30BA64438A08FA92CAC7E6F26D4CE6AE570F0ABA8C2C7262591 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM.sys
17:30:33.0660 0x15f8 USB28xxOEM - ok
17:30:33.0722 0x15f8 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:30:33.0722 0x15f8 usbaudio - ok
17:30:33.0769 0x15f8 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:30:33.0769 0x15f8 usbccgp - ok
17:30:33.0816 0x15f8 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:30:33.0816 0x15f8 usbcir - ok
17:30:33.0863 0x15f8 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:30:33.0863 0x15f8 usbehci - ok
17:30:33.0926 0x15f8 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:30:33.0926 0x15f8 usbhub - ok
17:30:33.0972 0x15f8 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:30:33.0988 0x15f8 usbohci - ok
17:30:34.0019 0x15f8 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:30:34.0035 0x15f8 usbprint - ok
17:30:34.0082 0x15f8 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:30:34.0082 0x15f8 usbscan - ok
17:30:34.0144 0x15f8 [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser C:\Windows\system32\drivers\usbser.sys
17:30:34.0144 0x15f8 usbser - ok
17:30:34.0191 0x15f8 [ FCA6A196D47CB972A0E4ADC0DB9CD17C, 31EF8E3839C3EB9404B72ABE777060B831AFAFAD51E10ADEB72E41DCC4FE8D47 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
17:30:34.0191 0x15f8 UsbserFilt - ok
17:30:34.0222 0x15f8 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:30:34.0222 0x15f8 USBSTOR - ok
17:30:34.0269 0x15f8 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:30:34.0285 0x15f8 usbuhci - ok
17:30:34.0332 0x15f8 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
17:30:34.0332 0x15f8 UxSms - ok
17:30:34.0347 0x15f8 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
17:30:34.0363 0x15f8 VaultSvc - ok
17:30:34.0410 0x15f8 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:30:34.0410 0x15f8 vdrvroot - ok
17:30:34.0472 0x15f8 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
17:30:34.0488 0x15f8 vds - ok
17:30:34.0535 0x15f8 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:30:34.0535 0x15f8 vga - ok
17:30:34.0566 0x15f8 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:30:34.0582 0x15f8 VgaSave - ok
17:30:34.0613 0x15f8 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:30:34.0613 0x15f8 vhdmp - ok
17:30:34.0660 0x15f8 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:30:34.0660 0x15f8 viaagp - ok
17:30:34.0691 0x15f8 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:30:34.0707 0x15f8 ViaC7 - ok
17:30:34.0738 0x15f8 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
17:30:34.0738 0x15f8 viaide - ok
17:30:34.0769 0x15f8 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:30:34.0769 0x15f8 volmgr - ok
17:30:34.0816 0x15f8 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:30:34.0816 0x15f8 volmgrx - ok
17:30:34.0879 0x15f8 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:30:34.0894 0x15f8 volsnap - ok
17:30:34.0941 0x15f8 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:30:34.0941 0x15f8 vsmraid - ok
17:30:35.0035 0x15f8 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
17:30:35.0066 0x15f8 VSS - ok
17:30:35.0207 0x15f8 [ C3382C99F1D10BCBEBC689BF847B77B5, BB11A866595D745BA7427CCB9E1F39F2340BC55B3E61B48B47B8E64384D3FFEA ] vToolbarUpdater3.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
17:30:35.0254 0x15f8 vToolbarUpdater3.2.0 - ok
17:30:35.0301 0x15f8 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:30:35.0301 0x15f8 vwifibus - ok
17:30:35.0332 0x15f8 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
17:30:35.0347 0x15f8 W32Time - ok
17:30:35.0410 0x15f8 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:30:35.0410 0x15f8 WacomPen - ok
17:30:35.0457 0x15f8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:30:35.0457 0x15f8 WANARP - ok
17:30:35.0472 0x15f8 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:30:35.0472 0x15f8 Wanarpv6 - ok
17:30:35.0597 0x15f8 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:30:35.0644 0x15f8 WatAdminSvc - ok
17:30:35.0769 0x15f8 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
17:30:35.0832 0x15f8 wbengine - ok
17:30:35.0894 0x15f8 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:30:35.0894 0x15f8 WbioSrvc - ok
17:30:35.0957 0x15f8 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:30:35.0972 0x15f8 wcncsvc - ok
17:30:36.0004 0x15f8 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:30:36.0019 0x15f8 WcsPlugInService - ok
17:30:36.0066 0x15f8 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
17:30:36.0066 0x15f8 Wd - ok
17:30:36.0191 0x15f8 [ BF847A3972CC6B5CE26E0EA742DD52D9, F8EEAB98260A6D1A1426842F5DE7F28186784FBE30C86EFF4FD3BFFBCF9F277F ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
17:30:36.0207 0x15f8 WDDMService - ok
17:30:36.0285 0x15f8 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:30:36.0316 0x15f8 Wdf01000 - ok
17:30:36.0488 0x15f8 [ B5966F1DFF6E20576F3C8C2D93D129FD, 215526629D2160B15117B4F2395AA8B2B01A1237F9320B6CF33B668F7F36B2F5 ] WDFME C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
17:30:36.0551 0x15f8 WDFME - ok
17:30:36.0582 0x15f8 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:30:36.0582 0x15f8 WdiServiceHost - ok
17:30:36.0613 0x15f8 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:30:36.0613 0x15f8 WdiSystemHost - ok
17:30:36.0691 0x15f8 [ 92F0088CA18BB08BB596EF2608256F8A, 70DD5E23505719DB114B8E78770CDB48B985FB8F00AF59B9BB191600D52D95A5 ] WDSC C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
17:30:36.0707 0x15f8 WDSC - ok
17:30:36.0769 0x15f8 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
17:30:36.0785 0x15f8 WebClient - ok
17:30:36.0894 0x15f8 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:30:36.0910 0x15f8 Wecsvc - ok
17:30:36.0957 0x15f8 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:30:36.0972 0x15f8 wercplsupport - ok
17:30:37.0035 0x15f8 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
17:30:37.0035 0x15f8 WerSvc - ok
17:30:37.0082 0x15f8 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:30:37.0097 0x15f8 WfpLwf - ok
17:30:37.0129 0x15f8 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:30:37.0129 0x15f8 WIMMount - ok
17:30:37.0269 0x15f8 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:30:37.0301 0x15f8 WinDefend - ok
17:30:37.0347 0x15f8 WinHttpAutoProxySvc - ok
17:30:37.0472 0x15f8 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:30:37.0488 0x15f8 Winmgmt - ok
17:30:37.0629 0x15f8 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
17:30:37.0660 0x15f8 WinRM - ok
17:30:37.0785 0x15f8 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:30:37.0785 0x15f8 WinUsb - ok
17:30:37.0926 0x15f8 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:30:37.0988 0x15f8 Wlansvc - ok
17:30:38.0019 0x15f8 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:30:38.0019 0x15f8 WmiAcpi - ok
17:30:38.0082 0x15f8 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:30:38.0097 0x15f8 wmiApSrv - ok
17:30:38.0269 0x15f8 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:30:38.0332 0x15f8 WMPNetworkSvc - ok
17:30:38.0394 0x15f8 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:30:38.0410 0x15f8 WPCSvc - ok
17:30:38.0457 0x15f8 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:30:38.0472 0x15f8 WPDBusEnum - ok
17:30:38.0504 0x15f8 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:30:38.0519 0x15f8 ws2ifsl - ok
17:30:38.0566 0x15f8 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
17:30:38.0582 0x15f8 wscsvc - ok
17:30:38.0597 0x15f8 WSearch - ok
17:30:38.0801 0x15f8 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
17:30:38.0894 0x15f8 wuauserv - ok
17:30:38.0957 0x15f8 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:30:38.0957 0x15f8 WudfPf - ok
17:30:39.0004 0x15f8 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:30:39.0004 0x15f8 WUDFRd - ok
17:30:39.0066 0x15f8 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:30:39.0082 0x15f8 wudfsvc - ok
17:30:39.0129 0x15f8 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
17:30:39.0144 0x15f8 WwanSvc - ok
17:30:39.0191 0x15f8 ================ Scan global ===============================
17:30:39.0238 0x15f8 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
17:30:39.0285 0x15f8 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:30:39.0316 0x15f8 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:30:39.0363 0x15f8 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:30:39.0426 0x15f8 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
17:30:39.0441 0x15f8 [ Global ] - ok
17:30:39.0457 0x15f8 ================ Scan MBR ==================================
17:30:39.0472 0x15f8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:30:39.0644 0x15f8 \Device\Harddisk0\DR0 - ok
17:30:39.0660 0x15f8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:30:39.0676 0x15f8 \Device\Harddisk1\DR1 - ok
17:30:39.0691 0x15f8 ================ Scan VBR ==================================
17:30:39.0707 0x15f8 [ 6164367842B2B6E1C5F2B9BFA10C83A7 ] \Device\Harddisk0\DR0\Partition1
17:30:39.0707 0x15f8 \Device\Harddisk0\DR0\Partition1 - ok
17:30:39.0707 0x15f8 [ D18C3DC1E36D73B629A262261C6A0FEF ] \Device\Harddisk0\DR0\Partition2
17:30:39.0722 0x15f8 \Device\Harddisk0\DR0\Partition2 - ok
17:30:39.0722 0x15f8 [ F0E8303CD3AC156178A855292988E1F6 ] \Device\Harddisk0\DR0\Partition3
17:30:39.0738 0x15f8 \Device\Harddisk0\DR0\Partition3 - ok
17:30:39.0738 0x15f8 [ 35B1B5D58EC7C9C30B69455808156ED8 ] \Device\Harddisk1\DR1\Partition1
17:30:39.0738 0x15f8 \Device\Harddisk1\DR1\Partition1 - ok
17:30:39.0754 0x15f8 ================ Scan generic autorun ======================
17:30:39.0816 0x15f8 [ EB7711A785E5B12F153C715CC91BC76F, A83820C9D8347E7B080453BEFE4E84D74817936B6C97459A361A8C3C9EA73BCD ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
17:30:39.0832 0x15f8 CDAServer - ok
17:30:40.0066 0x15f8 [ 7E713E2ED0226EA82E97A630684115BE, C99F83CF01E7926DE8D2FBCDFA9565D2BCC2D156976458367AEBDB3B327FB849 ] C:\Program Files\AVG\AVG2015\avgui.exe
17:30:40.0144 0x15f8 AVG_UI - ok
17:30:40.0347 0x15f8 [ 1E677E475F85F6CB94AE42B545F45FE7, C2CCEC00E28B7D057FE1E96BC7934EDF40C5F79A149B8061334FDB90AC1F98B6 ] C:\Program Files\AVG Web TuneUp\vprot.exe
17:30:40.0410 0x15f8 vProt - ok
17:30:40.0504 0x15f8 [ F0CE006E1D14F45959985A05F8E81204, D9FE67DB4CEDB3B09A48C305DDE983A15695EE41C68CE222880D002C0D5D7688 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:30:40.0519 0x15f8 APSDaemon - ok
17:30:40.0754 0x15f8 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
17:30:40.0832 0x15f8 SDTray - ok
17:30:40.0972 0x15f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:30:41.0019 0x15f8 Sidebar - ok
17:30:41.0066 0x15f8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:30:41.0066 0x15f8 mctadmin - ok
17:30:41.0144 0x15f8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:30:41.0176 0x15f8 Sidebar - ok
17:30:41.0191 0x15f8 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
17:30:41.0191 0x15f8 mctadmin - ok
17:30:41.0207 0x15f8 EEDSpeedLauncher - ok
17:30:41.0707 0x15f8 [ 805210C8DB11D5799E7172923959BF98, A8DCB8A6FDE5ED583D329D6D8A5979FFD3E844046335529BB2E81A5D310E5894 ] D:\Programme\CCleaner\CCleaner.exe
17:30:41.0832 0x15f8 CCleaner Monitoring - ok
17:30:41.0863 0x15f8 Waiting for KSN requests completion. In queue: 78
17:30:42.0863 0x15f8 Waiting for KSN requests completion. In queue: 78
17:30:43.0863 0x15f8 Waiting for KSN requests completion. In queue: 78
17:30:44.0957 0x15f8 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41000 ( enabled : updated )
17:30:45.0051 0x15f8 Win FW state via NFP2: enabled
17:30:47.0597 0x15f8 ============================================================
17:30:47.0597 0x15f8 Scan finished
17:30:47.0597 0x15f8 ============================================================
17:30:47.0613 0x14a4 Detected object count: 0
17:30:47.0613 0x14a4 Actual detected object count: 0
|
|
18.01.2015, 19:43
| #6 |
| /// the machine /// TB-Ausbilder | Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF hi, Scan mit Combofix
__________________ --> Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF |
WARNUNG an die MITLESER: 
.
Linear-Darstellung
