| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avast RootkitWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.01.2015, 17:06
| #1 |
 |  Avast Rootkit Hallo, Seit gestern habe ich eine Meldung bekommen: "Rootkit gefunden" (siehe Screenshot) Habe die Anweisung zum entfernen befolgt, einen vollständigen Scan inkl. Neustart gemacht. Nachdem nun der PC gerade aus dem Ruhezustand geweckt wurde, kam erneut die Meldung. Das Programm "watchme", was da angesprochen wird, ist seit dem Kauf auf dem PC und wird von mir nicht genutzt. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01 Ran by Olaf (administrator) on FREIZEITSPASS on 28-01-2015 14:18:57 Running from D:\Downloads Loaded Profiles: Olaf (Available profiles: Olaf) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (ICQ, LLC.) C:\Program Files (x86)\ICQ7.4\ICQ.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe (ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe () C:\Mouse driver\mouse_driver.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-11-29] (Realtek Semiconductor) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [ACSW15DE] => C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [1135304 2012-12-17] (ACD Systems) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH) HKLM-x32\...\Run: [uni mouse driver] => C:\Mouse driver\mouse_driver.exe [2972672 2011-11-09] () HKLM-x32\...\Run: [uni mouse driver tilt] => C:\Mouse driver\wh_exec.exe [147456 2010-10-05] () HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7.4\ICQ.exe [119608 2011-03-01] (ICQ, LLC.) HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare) HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.) HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\MountPoints2: {771b0796-963c-11e2-88b7-8c89a5ce07ee} - G:\NokiaPCIA_Autorun.exe Startup: C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\f0eqc439.default-1406321414976 FF Homepage: hxxp://www.passatforum.com/forum/index.php FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3492589866-2073817867-3983155500-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Olaf\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-3492589866-2073817867-3983155500-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Olaf\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-23] Chrome: ======= CHR HomePage: Default -> CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Shockwave Flash) - C:\Users\Olaf\AppData\Local\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Olaf\AppData\Local\Google\Chrome\Application\40.0.2214.93\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Users\Olaf\AppData\Local\Google\Chrome\Application\40.0.2214.93\pdf.dll () CHR Plugin: (ProductName) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhejngphiacapbgllhagbpdkkdieeaej\1.4_0\NPIP2Country.dll (CompanyName) CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\Olaf\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Profile: C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-23] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04] CHR Extension: (YouTube) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-23] CHR Extension: (Google-Suche) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-23] CHR Extension: (IP-Address) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghlojgpiinfelppegaabbiphgomaidml [2012-12-23] CHR Extension: (AdBlock) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-12-23] CHR Extension: (Tabs to the front!) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla [2012-12-29] CHR Extension: (Downloads) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2012-12-24] CHR Extension: (Chrome Flags) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhejngphiacapbgllhagbpdkkdieeaej [2012-12-23] CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2012-12-24] CHR Extension: (Clickable Links) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp [2014-05-30] CHR Extension: (RedBull Stratos) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkdcillehlgfleogocdlkbidmhmdcond [2014-07-25] CHR Extension: (Google Wallet) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (AutoZoom) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdkpkoaonnchdakgkmmcmnihhhgbjch [2014-01-21] CHR Extension: (Google Mail) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-23] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-28] StartMenuInternet: Google Chrome.7NVG545WAHBACEDD3OIOVFFDXY - C:\Users\Olaf\AppData\Local\Google\Chrome\Application\chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1406317275&from=exp&uid=ST2000DL003-9VT166_5YD869RSXXXX5YD869RS ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-28] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-28] (Avast Software) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-01-20] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software) S4 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 Crypkey License; crypserv.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-28] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-28] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-28] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-28] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-28] (AVAST Software) S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-28] () S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed] S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed] S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed] S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed] S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed] S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-25] () S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-28] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] () R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-14] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-12-14] (Acronis International GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software) S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90928 2012-03-01] (Windows (R) 2000 DDK provider) S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [632752 2012-03-01] (Paragon) S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [379696 2012-03-01] (Paragon) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-28] (Avast Software) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-12-14] (Acronis International GmbH) R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294232 2012-12-30] (Microsoft Corporation) S3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2009-09-16] () S3 whfltr2k; C:\Windows\SysWOW64\DRIVERS\whfltr2k.sys [10368 2009-09-16] () S1 NetworkX; \SystemRoot\system32\ckldrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-28 14:14 - 2015-01-28 14:14 - 00001739 _____ () C:\Users\Olaf\Desktop\JRT.txt 2015-01-28 13:55 - 2015-01-28 13:55 - 00000000 ____D () C:\Windows\ERUNT 2015-01-28 13:16 - 2015-01-28 13:16 - 00000197 _____ () C:\Windows\system32\2015-01-28-12-16-36.008-AvastVBoxSVC.exe-4748.log 2015-01-28 11:46 - 2015-01-28 14:18 - 00000000 ____D () C:\FRST 2015-01-28 04:39 - 2015-01-28 04:39 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-28 04:38 - 2015-01-28 04:38 - 00000197 _____ () C:\Windows\system32\2015-01-28-03-38-31.019-AvastVBoxSVC.exe-5332.log 2015-01-28 04:22 - 2015-01-28 04:22 - 00000197 _____ () C:\Windows\system32\2015-01-28-03-22-43.053-AvastVBoxSVC.exe-3432.log 2015-01-28 03:25 - 2015-01-28 03:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-01-27 21:09 - 2015-01-27 21:09 - 00000197 _____ () C:\Windows\system32\2015-01-27-20-09-08.004-AvastVBoxSVC.exe-5160.log 2015-01-27 18:59 - 2015-01-27 18:59 - 00000197 _____ () C:\Windows\system32\2015-01-27-17-59-21.075-AvastVBoxSVC.exe-4416.log 2015-01-27 18:56 - 2015-01-28 13:14 - 00000840 _____ () C:\Windows\setupact.log 2015-01-27 18:56 - 2015-01-28 13:11 - 00003596 _____ () C:\Windows\PFRO.log 2015-01-27 18:56 - 2015-01-27 18:56 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-15 04:30 - 2015-01-15 04:30 - 00000000 __SHD () C:\Users\Olaf\AppData\Local\EmieBrowserModeList 2015-01-15 04:18 - 2015-01-15 04:18 - 00000197 _____ () C:\Windows\system32\2015-01-15-03-18-21.014-AvastVBoxSVC.exe-3436.log 2015-01-14 14:30 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 14:29 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 14:29 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-14 14:29 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-14 14:29 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-14 14:29 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-14 14:29 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 14:29 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 14:29 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 14:29 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 14:29 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 14:29 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 14:29 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-01 17:09 - 2015-01-01 17:09 - 00004185 _____ () C:\Users\Olaf\Desktop\Einsätze in 2015.lnk 2014-12-31 15:52 - 2014-12-31 15:52 - 00000197 _____ () C:\Windows\system32\2014-12-31-14-52-34.054-AvastVBoxSVC.exe-4992.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-28 14:16 - 2012-12-23 15:53 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3492589866-2073817867-3983155500-1002UA.job 2015-01-28 14:15 - 2012-12-19 22:32 - 00000000 ____D () C:\Users\Olaf\AppData\Roaming\Skype 2015-01-28 13:24 - 2012-12-19 19:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-28 13:21 - 2014-07-25 22:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-28 13:21 - 2013-05-22 11:41 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-28 13:21 - 2009-07-14 05:45 - 00024576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-28 13:21 - 2009-07-14 05:45 - 00024576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-28 13:18 - 2012-12-19 19:21 - 01715659 _____ () C:\Windows\WindowsUpdate.log 2015-01-28 13:13 - 2013-05-22 11:41 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-28 13:13 - 2012-12-21 18:19 - 00000000 ____D () C:\Users\Olaf\AppData\Roaming\ICQ 2015-01-28 13:12 - 2012-02-22 15:34 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-28 13:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-28 04:39 - 2014-07-25 22:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-01-28 04:35 - 2012-12-23 20:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-01-28 04:32 - 2014-07-25 22:14 - 00000000 ____D () C:\AdwCleaner 2015-01-27 19:18 - 2012-12-23 15:54 - 00002364 _____ () C:\Users\Olaf\Desktop\Google Chrome.lnk 2015-01-27 18:56 - 2012-12-19 23:20 - 00000000 ____D () C:\Program Files\WinRAR 2015-01-26 20:25 - 2013-01-22 12:23 - 01601720 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-01-26 20:25 - 2011-05-16 15:04 - 00703028 _____ () C:\Windows\system32\perfh007.dat 2015-01-26 20:25 - 2011-05-16 15:04 - 00150968 _____ () C:\Windows\system32\perfc007.dat 2015-01-26 20:25 - 2009-07-14 06:13 - 01601720 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-26 20:17 - 2013-06-07 22:19 - 00000000 ___HD () C:\Users\Olaf\Desktop\[Originaldateien] 2015-01-26 20:16 - 2012-12-23 15:53 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3492589866-2073817867-3983155500-1002Core.job 2015-01-25 19:24 - 2012-12-19 19:53 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-25 19:24 - 2012-12-19 19:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-25 19:24 - 2011-12-01 22:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-24 20:15 - 2012-12-21 23:44 - 00000000 ____D () C:\Users\Olaf\AppData\Roaming\vlc 2015-01-24 12:24 - 2012-12-19 22:35 - 00000000 ____D () C:\Users\Olaf\AppData\Roaming\TeamViewer 2015-01-23 20:50 - 2012-12-19 23:20 - 00000000 ____D () C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-23 20:50 - 2012-12-19 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-01-22 17:41 - 2013-05-08 12:02 - 00000786 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2015-01-22 17:41 - 2013-05-08 12:02 - 00000000 ____D () C:\Program Files\CCleaner 2015-01-17 12:48 - 2013-01-03 22:02 - 00000000 ____D () C:\VueScan 2015-01-15 04:30 - 2012-12-20 16:42 - 00000000 ____D () C:\Users\Olaf\AppData\Local\Adobe 2015-01-14 15:42 - 2013-08-15 15:10 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-14 15:38 - 2011-07-18 21:31 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-14 14:18 - 2012-12-19 22:32 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-01-14 14:17 - 2012-12-19 22:32 - 00000000 ____D () C:\ProgramData\Skype 2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-12-31 15:45 - 2012-12-19 19:22 - 00000000 ____D () C:\Users\Olaf ==================== Files in the root of some directories ======= 2014-04-04 14:56 - 2014-04-04 14:57 - 0004608 _____ () C:\Users\Olaf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-03-27 16:08 - 2014-03-27 16:08 - 0000017 _____ () C:\Users\Olaf\AppData\Local\resmon.resmoncfg 2012-12-20 00:36 - 2012-12-20 00:36 - 0017408 _____ () C:\Users\Olaf\AppData\Local\WebpageIcons.db Some content of TEMP: ==================== C:\Users\Olaf\AppData\Local\Temp\Quarantine.exe C:\Users\Olaf\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-25 18:48 ==================== End Of Log ============================ |
|
28.01.2015, 17:09
| #2 |
| | Avast Rootkit Adwcleaner lief durch ... ohne Ergebnis
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Olaf at 2015-01-28 14:19:32
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACDSee 15 (HKLM-x32\...\{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}) (Version: 15.2.212 - ACD Systems International Inc.)
Acronis True Image 2014 (HKLM-x32\...\{D1CBB979-E0F5-464C-ACCB-4071078DA04A}Visible) (Version: 17.0.6614 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6614 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Advanced Archive Password Recovery (HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\Advanced Archive Password Recovery) (Version: 4.53 - ElcomSoft Co. Ltd.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
ArcSoft PhotoBase 3 (HKLM-x32\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version: - )
ArcSoft PhotoStudio 5 (HKLM-x32\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - )
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.9.0 - Asmedia Technology)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
DruckStudio DeLuxe (HKLM-x32\...\{5183F61E-008C-43F3-BF5C-5655EE1773AA}) (Version: - )
DxO Optics Pro 8 (HKLM\...\{7290A2BE-EB61-42F1-A9F9-C0B274559795}) (Version: 8.1.2 - DxO Labs)
ETKA (HKLM-x32\...\ETKA) (Version: - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
ICQ 7.4 Build #4629 Banner Remover 1.0 (HKLM-x32\...\{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1) (Version: - murb.com)
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Java(TM) 7 Update 3 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217003FF}) (Version: 7.0.30 - Oracle)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Mouse driver v1.0 (HKLM-x32\...\uni mouse driver) (Version: - )
Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\MyFreeCodec) (Version: - )
Nero 9 (HKLM-x32\...\{659b9250-8b47-4db4-ae6c-fef46bca0081}) (Version: - Nero AG)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PdaNet+ for Android 4.12 (HKLM-x32\...\PdaNet_is1) (Version: - June Fabrics Technology Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6516 - Realtek Semiconductor Corp.)
SAMSUNG CDMA Modem Driver Set (HKLM-x32\...\SAMSUNG CDMA Modem) (Version: - )
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.17396 - TeamViewer)
TKexe designer (HKU\S-1-5-21-3492589866-2073817867-3983155500-1002\...\c4db908bc0b92124) (Version: 2.0.1.14 - TKexe Printservice)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.3000.132 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Volkswagen Passat Screensaver (HKLM-x32\...\Volkswagen Passat Screensaver) (Version: - )
VueScan (HKLM\...\VueScan) (Version: - )
watchmi (HKLM-x32\...\{F0559C5E-7912-4391-B1A0-6B975F0E5064}) (Version: 3.0.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare MobileTrans ( Version 6.0.0 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 6.0.0 - Wondershare)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3492589866-2073817867-3983155500-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Olaf\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3492589866-2073817867-3983155500-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Olaf\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2013-12-02 20:20 - 00000822 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {04C2EA68-175A-4B8C-B8F8-A3503E9D06C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3492589866-2073817867-3983155500-1002Core => C:\Users\Olaf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-23] (Google Inc.)
Task: {04FA5788-A97F-4D46-A2D3-B6A884F6B812} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-28] (AVAST Software)
Task: {1518AD17-DD37-4600-9330-27F190BDE341} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {1961D9DA-1047-429A-9C1D-C4E9927CE7D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {1CC3F01A-651F-411B-9754-A2FE1D072DD6} - System32\Tasks\{642C6FC4-5E9C-4657-85B0-3297B28D497E} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {30AA8587-0A3A-49F4-8B8E-E985A13AD30D} - System32\Tasks\{8472FB48-1842-4E9D-AD13-821C5FC14BAA} => C:\Program Files (x86)\Microsoft Virtual PC\Virtual PC.exe [2007-02-18] (Microsoft Corporation)
Task: {315A09B9-F48F-4C8D-96E7-340BBBD4170D} - System32\Tasks\Google Updater and Installer => C:\Users\Olaf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-23] (Google Inc.)
Task: {4B0D4422-8411-4AF1-9E83-1CB1F9E9A247} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3492589866-2073817867-3983155500-1002UA => C:\Users\Olaf\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-23] (Google Inc.)
Task: {5A6B8A33-EBC6-4E1A-9FA0-36453D35E714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22] (Google Inc.)
Task: {5D430B80-2451-4C27-978E-6BEEC193FD0A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {7306C649-C69D-41D5-A0A5-1BFE030F2EAD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {963F394D-C072-44D1-8C9F-76D1310C52DC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {9CDD0A0B-B05D-4D81-A3B5-7D623A1738D3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {A084F183-36E5-4DF1-967D-97C8581C095D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-11-29] (TuneUp Software)
Task: {A0927539-A737-44F6-AC85-FB2A8BE1B399} - System32\Tasks\{AEA7992C-F83B-45D8-938F-EEE92938A3C6} => pcalua.exe -a C:\Users\Olaf\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp <==== ATTENTION
Task: {A2997D49-F095-40DB-8BFB-F7416E574FF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-05-22] (Google Inc.)
Task: {A4C376A0-EFDD-4947-9CB9-ECD8D62721AA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {AB90D2E4-78AB-4A0B-9C22-0218A351483C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {E672C7D7-66D9-48E6-9887-77D7042541BA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3492589866-2073817867-3983155500-1002Core.job => C:\Users\Olaf\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3492589866-2073817867-3983155500-1002UA.job => C:\Users\Olaf\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-02-22 15:33 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-13 18:35 - 2013-04-22 09:46 - 01054320 _____ () C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
2011-11-09 01:45 - 2011-11-09 01:45 - 02972672 _____ () C:\Mouse driver\mouse_driver.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-11-28 14:06 - 2014-11-28 14:06 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-28 14:06 - 2014-11-28 14:06 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-10-01 10:32 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2015-01-28 11:34 - 2015-01-28 11:34 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012800\algo.dll
2014-11-28 14:06 - 2014-11-28 14:06 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-03-23 19:46 - 2011-08-31 14:39 - 00675840 _____ () C:\Windows\SysWOW64\ac3filter.ax
2014-09-25 14:11 - 2014-09-11 17:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-05-10 14:33 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-11-28 14:06 - 2014-11-28 14:06 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-10 12:02 - 2013-10-10 12:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-10-24 17:09 - 2013-10-24 17:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2012-02-22 22:53 - 2012-01-20 04:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-01-27 19:18 - 2015-01-25 07:08 - 01117512 _____ () C:\Users\Olaf\AppData\Local\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 19:17 - 2015-01-25 07:08 - 00211272 _____ () C:\Users\Olaf\AppData\Local\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 19:18 - 2015-01-25 07:08 - 09170760 _____ () C:\Users\Olaf\AppData\Local\Google\Chrome\Application\40.0.2214.93\pdf.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:D5FBE8F9
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-3492589866-2073817867-3983155500-500 - Administrator - Disabled)
Gast (S-1-5-21-3492589866-2073817867-3983155500-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3492589866-2073817867-3983155500-1003 - Limited - Enabled)
Olaf (S-1-5-21-3492589866-2073817867-3983155500-1002 - Administrator - Enabled) => C:\Users\Olaf
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (10/22/2013 02:48:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 50 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/29/2013 03:38:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/29/2013 03:38:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/29/2013 03:37:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 71 seconds with 60 seconds of active time. This session ended with a crash.
Error: (12/19/2012 10:53:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 42 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/19/2012 09:56:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 957 seconds with 360 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-01-28 13:14:12.861
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-28 13:14:12.721
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-28 04:36:05.574
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-28 04:36:05.144
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-28 04:19:15.005
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-28 04:19:14.896
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-27 21:05:28.570
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-27 21:05:28.398
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-27 18:58:48.865
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-01-27 18:58:48.715
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 41%
Total physical RAM: 6110.91 MB
Available physical RAM: 3566.01 MB
Total Pagefile: 12220.01 MB
Available Pagefile: 9389.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:511.38 GB) (Free:419.1 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1350.54 GB) (Free:1073.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 525C06AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=511.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1350.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Olaf on 28.01.2015 at 14:11:32,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3492589866-2073817867-3983155500-1002\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Empty Folder] C:\Users\Olaf\appdata\local\{19428EF9-4165-4847-ABFE-58B3894E7D41}
Successfully deleted: [Empty Folder] C:\Users\Olaf\appdata\local\{2EA55F5F-A43A-41EB-AF63-46772A13DB21}
Successfully deleted: [Empty Folder] C:\Users\Olaf\appdata\local\{FB78FFE3-F985-4D60-9CA6-3EB65D9E8B01}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.01.2015 at 14:14:41,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Danke |
|
28.01.2015, 17:15
| #3 |
| /// the machine /// TB-Ausbilder    | Avast Rootkit hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
28.01.2015, 17:28
| #4 |
| | Avast RootkitCode:
ATTFilter 17:20:07.0964 0x1328 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:20:15.0655 0x1328 ============================================================
17:20:15.0655 0x1328 Current date / time: 2015/01/28 17:20:15.0655
17:20:15.0655 0x1328 SystemInfo:
17:20:15.0655 0x1328
17:20:15.0655 0x1328 OS Version: 6.1.7601 ServicePack: 1.0
17:20:15.0655 0x1328 Product type: Workstation
17:20:15.0655 0x1328 ComputerName: FREIZEITSPASS
17:20:15.0655 0x1328 UserName: Olaf
17:20:15.0655 0x1328 Windows directory: C:\Windows
17:20:15.0655 0x1328 System windows directory: C:\Windows
17:20:15.0655 0x1328 Running under WOW64
17:20:15.0655 0x1328 Processor architecture: Intel x64
17:20:15.0655 0x1328 Number of processors: 4
17:20:15.0655 0x1328 Page size: 0x1000
17:20:15.0655 0x1328 Boot type: Normal boot
17:20:15.0655 0x1328 ============================================================
17:20:16.0015 0x1328 KLMD registered as C:\Windows\system32\drivers\34757659.sys
17:20:16.0435 0x1328 System UUID: {23B0B2E5-62B7-143A-CBE6-069CDE429F4E}
17:20:16.0895 0x1328 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:20:16.0915 0x1328 ============================================================
17:20:16.0915 0x1328 \Device\Harddisk0\DR0:
17:20:16.0915 0x1328 MBR partitions:
17:20:16.0915 0x1328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:20:16.0915 0x1328 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3FEC1791
17:20:16.0915 0x1328 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3FEF3F98, BlocksNum 0xA8D14068
17:20:16.0915 0x1328 ============================================================
17:20:16.0935 0x1328 C: <-> \Device\Harddisk0\DR0\Partition2
17:20:16.0975 0x1328 D: <-> \Device\Harddisk0\DR0\Partition3
17:20:16.0975 0x1328 ============================================================
17:20:16.0975 0x1328 Initialize success
17:20:16.0975 0x1328 ============================================================
17:20:18.0490 0x1d0c ============================================================
17:20:18.0500 0x1d0c Scan started
17:20:18.0500 0x1d0c Mode: Manual;
17:20:18.0500 0x1d0c ============================================================
17:20:18.0500 0x1d0c KSN ping started
17:20:32.0121 0x1d0c KSN ping finished: true
17:20:32.0667 0x1d0c ================ Scan system memory ========================
17:20:32.0667 0x1d0c System memory - ok
17:20:32.0668 0x1d0c ================ Scan services =============================
17:20:32.0786 0x1d0c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:20:32.0794 0x1d0c 1394ohci - ok
17:20:32.0852 0x1d0c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:20:32.0863 0x1d0c ACPI - ok
17:20:32.0881 0x1d0c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:20:32.0883 0x1d0c AcpiPmi - ok
17:20:32.0985 0x1d0c [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
17:20:33.0003 0x1d0c AcrSch2Svc - ok
17:20:33.0060 0x1d0c [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:20:33.0063 0x1d0c AdobeARMservice - ok
17:20:33.0176 0x1d0c [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:20:33.0181 0x1d0c AdobeFlashPlayerUpdateSvc - ok
17:20:33.0248 0x1d0c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:20:33.0256 0x1d0c adp94xx - ok
17:20:33.0305 0x1d0c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:20:33.0312 0x1d0c adpahci - ok
17:20:33.0364 0x1d0c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:20:33.0368 0x1d0c adpu320 - ok
17:20:33.0390 0x1d0c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:20:33.0392 0x1d0c AeLookupSvc - ok
17:20:33.0427 0x1d0c [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
17:20:33.0434 0x1d0c afcdp - ok
17:20:33.0553 0x1d0c [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
17:20:33.0683 0x1d0c afcdpsrv - ok
17:20:33.0733 0x1d0c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
17:20:33.0733 0x1d0c AFD - ok
17:20:33.0763 0x1d0c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:20:33.0763 0x1d0c agp440 - ok
17:20:33.0793 0x1d0c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:20:33.0793 0x1d0c ALG - ok
17:20:33.0813 0x1d0c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:20:33.0813 0x1d0c aliide - ok
17:20:33.0833 0x1d0c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:20:33.0833 0x1d0c amdide - ok
17:20:33.0853 0x1d0c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:20:33.0863 0x1d0c AmdK8 - ok
17:20:33.0883 0x1d0c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:20:33.0893 0x1d0c AmdPPM - ok
17:20:33.0923 0x1d0c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:20:33.0923 0x1d0c amdsata - ok
17:20:33.0953 0x1d0c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:20:33.0963 0x1d0c amdsbs - ok
17:20:33.0973 0x1d0c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:20:33.0973 0x1d0c amdxata - ok
17:20:33.0993 0x1d0c [ 4DE0D5D747A73797C95A97DCCE5018B5, 17EC669675C2E43515EFE2D8BCC9DDFFBE64F99EBFB9A6DAB429F65A2B504560 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
17:20:33.0993 0x1d0c androidusb - ok
17:20:34.0013 0x1d0c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:20:34.0023 0x1d0c AppID - ok
17:20:34.0033 0x1d0c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:20:34.0033 0x1d0c AppIDSvc - ok
17:20:34.0071 0x1d0c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:20:34.0073 0x1d0c Appinfo - ok
17:20:34.0091 0x1d0c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:20:34.0102 0x1d0c arc - ok
17:20:34.0126 0x1d0c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:20:34.0130 0x1d0c arcsas - ok
17:20:34.0167 0x1d0c [ D6D2BB2F4F5868549DDE75F3146BC84E, FE2965649FF62696D30A4A7C377064EA2A27F03511DAF781913AA055A5FED323 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
17:20:34.0172 0x1d0c asmthub3 - ok
17:20:34.0191 0x1d0c [ 1E758172367DC2A3653F16586D62A3F0, 5395781F2B71CD9050F6CF75779D661F98E816A263ABA51153D14E21B73D4BC4 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
17:20:34.0201 0x1d0c asmtxhci - ok
17:20:34.0271 0x1d0c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:20:34.0271 0x1d0c aspnet_state - ok
17:20:34.0301 0x1d0c [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
17:20:34.0311 0x1d0c aswHwid - ok
17:20:34.0341 0x1d0c [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:20:34.0341 0x1d0c aswMonFlt - ok
17:20:34.0361 0x1d0c [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
17:20:34.0371 0x1d0c aswRdr - ok
17:20:34.0381 0x1d0c [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:20:34.0391 0x1d0c aswRvrt - ok
17:20:34.0441 0x1d0c [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:20:34.0461 0x1d0c aswSnx - ok
17:20:34.0491 0x1d0c [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:20:34.0501 0x1d0c aswSP - ok
17:20:34.0531 0x1d0c [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
17:20:34.0541 0x1d0c aswStm - ok
17:20:34.0551 0x1d0c [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:20:34.0551 0x1d0c aswVmm - ok
17:20:34.0581 0x1d0c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:20:34.0581 0x1d0c AsyncMac - ok
17:20:34.0601 0x1d0c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:20:34.0611 0x1d0c atapi - ok
17:20:34.0651 0x1d0c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:20:34.0671 0x1d0c AudioEndpointBuilder - ok
17:20:34.0691 0x1d0c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:20:34.0701 0x1d0c AudioSrv - ok
17:20:34.0791 0x1d0c [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:20:34.0801 0x1d0c avast! Antivirus - ok
17:20:34.0971 0x1d0c [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
17:20:35.0091 0x1d0c AvastVBoxSvc - ok
17:20:35.0151 0x1d0c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:20:35.0151 0x1d0c AxInstSV - ok
17:20:35.0181 0x1d0c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:20:35.0191 0x1d0c b06bdrv - ok
17:20:35.0211 0x1d0c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:20:35.0211 0x1d0c b57nd60a - ok
17:20:35.0231 0x1d0c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:20:35.0231 0x1d0c BDESVC - ok
17:20:35.0241 0x1d0c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:20:35.0251 0x1d0c Beep - ok
17:20:35.0271 0x1d0c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:20:35.0281 0x1d0c BFE - ok
17:20:35.0321 0x1d0c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:20:35.0341 0x1d0c BITS - ok
17:20:35.0381 0x1d0c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:20:35.0381 0x1d0c blbdrive - ok
17:20:35.0401 0x1d0c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:20:35.0401 0x1d0c bowser - ok
17:20:35.0421 0x1d0c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:20:35.0431 0x1d0c BrFiltLo - ok
17:20:35.0451 0x1d0c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:20:35.0451 0x1d0c BrFiltUp - ok
17:20:35.0471 0x1d0c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:20:35.0481 0x1d0c Browser - ok
17:20:35.0521 0x1d0c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:20:35.0521 0x1d0c Brserid - ok
17:20:35.0551 0x1d0c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:20:35.0551 0x1d0c BrSerWdm - ok
17:20:35.0561 0x1d0c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:20:35.0561 0x1d0c BrUsbMdm - ok
17:20:35.0561 0x1d0c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:20:35.0561 0x1d0c BrUsbSer - ok
17:20:35.0581 0x1d0c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:20:35.0591 0x1d0c BTHMODEM - ok
17:20:35.0601 0x1d0c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:20:35.0611 0x1d0c bthserv - ok
17:20:35.0621 0x1d0c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:20:35.0631 0x1d0c cdfs - ok
17:20:35.0661 0x1d0c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:20:35.0661 0x1d0c cdrom - ok
17:20:35.0671 0x1d0c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:20:35.0671 0x1d0c CertPropSvc - ok
17:20:35.0691 0x1d0c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:20:35.0701 0x1d0c circlass - ok
17:20:35.0721 0x1d0c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:20:35.0731 0x1d0c CLFS - ok
17:20:35.0781 0x1d0c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:20:35.0791 0x1d0c clr_optimization_v2.0.50727_32 - ok
17:20:35.0831 0x1d0c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:20:35.0831 0x1d0c clr_optimization_v2.0.50727_64 - ok
17:20:35.0911 0x1d0c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:20:35.0911 0x1d0c clr_optimization_v4.0.30319_32 - ok
17:20:35.0931 0x1d0c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:20:35.0931 0x1d0c clr_optimization_v4.0.30319_64 - ok
17:20:35.0961 0x1d0c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:20:35.0961 0x1d0c CmBatt - ok
17:20:35.0981 0x1d0c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:20:35.0991 0x1d0c cmdide - ok
17:20:36.0021 0x1d0c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
17:20:36.0031 0x1d0c CNG - ok
17:20:36.0051 0x1d0c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:20:36.0051 0x1d0c Compbatt - ok
17:20:36.0071 0x1d0c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:20:36.0081 0x1d0c CompositeBus - ok
17:20:36.0081 0x1d0c COMSysApp - ok
17:20:36.0141 0x1d0c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:20:36.0151 0x1d0c crcdisk - ok
17:20:36.0151 0x1d0c Crypkey License - ok
17:20:36.0184 0x1d0c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:20:36.0191 0x1d0c CryptSvc - ok
17:20:36.0233 0x1d0c [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:20:36.0233 0x1d0c dc3d - ok
17:20:36.0276 0x1d0c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:20:36.0298 0x1d0c DcomLaunch - ok
17:20:36.0330 0x1d0c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:20:36.0340 0x1d0c defragsvc - ok
17:20:36.0361 0x1d0c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:20:36.0371 0x1d0c DfsC - ok
17:20:36.0403 0x1d0c [ 41AC348DBD378F618CB4FDEE54270692, A4080C9FF314F52C52E2207E5F7B745A003E931FA42E67E742D34477B5CC0166 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:20:36.0403 0x1d0c dg_ssudbus - ok
17:20:36.0433 0x1d0c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:20:36.0443 0x1d0c Dhcp - ok
17:20:36.0453 0x1d0c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:20:36.0463 0x1d0c discache - ok
17:20:36.0473 0x1d0c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:20:36.0483 0x1d0c Disk - ok
17:20:36.0514 0x1d0c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:20:36.0524 0x1d0c Dnscache - ok
17:20:36.0544 0x1d0c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:20:36.0554 0x1d0c dot3svc - ok
17:20:36.0567 0x1d0c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:20:36.0574 0x1d0c DPS - ok
17:20:36.0616 0x1d0c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:20:36.0616 0x1d0c drmkaud - ok
17:20:36.0666 0x1d0c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:20:36.0691 0x1d0c DXGKrnl - ok
17:20:36.0756 0x1d0c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:20:36.0758 0x1d0c EapHost - ok
17:20:36.0861 0x1d0c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:20:36.0931 0x1d0c ebdrv - ok
17:20:36.0966 0x1d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
17:20:36.0968 0x1d0c EFS - ok
17:20:37.0018 0x1d0c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:20:37.0028 0x1d0c ehRecvr - ok
17:20:37.0038 0x1d0c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:20:37.0048 0x1d0c ehSched - ok
17:20:37.0078 0x1d0c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:20:37.0088 0x1d0c elxstor - ok
17:20:37.0118 0x1d0c [ 9EAFB3B3B60B8AD958985152A9309ACA, EC58F487D50A125DA3F747670282EA2104580CCAAF709EA494B61C7549576AE6 ] epmntdrv C:\Windows\system32\epmntdrv.sys
17:20:37.0118 0x1d0c epmntdrv - ok
17:20:37.0138 0x1d0c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:20:37.0148 0x1d0c ErrDev - ok
17:20:37.0188 0x1d0c [ FB949ED2C93C878A189039F3D7730942, 857AFB9965F14C80C21948C05A44D37948BD206961101DFF087735D6A7CCAA8A ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
17:20:37.0188 0x1d0c EuGdiDrv - ok
17:20:37.0231 0x1d0c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:20:37.0238 0x1d0c EventSystem - ok
17:20:37.0258 0x1d0c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:20:37.0268 0x1d0c exfat - ok
17:20:37.0278 0x1d0c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:20:37.0278 0x1d0c fastfat - ok
17:20:37.0308 0x1d0c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:20:37.0318 0x1d0c Fax - ok
17:20:37.0348 0x1d0c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:20:37.0348 0x1d0c fdc - ok
17:20:37.0368 0x1d0c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:20:37.0368 0x1d0c fdPHost - ok
17:20:37.0388 0x1d0c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:20:37.0388 0x1d0c FDResPub - ok
17:20:37.0408 0x1d0c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:20:37.0418 0x1d0c FileInfo - ok
17:20:37.0428 0x1d0c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:20:37.0428 0x1d0c Filetrace - ok
17:20:37.0438 0x1d0c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:20:37.0438 0x1d0c flpydisk - ok
17:20:37.0458 0x1d0c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:20:37.0468 0x1d0c FltMgr - ok
17:20:37.0498 0x1d0c [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
17:20:37.0508 0x1d0c fltsrv - ok
17:20:37.0558 0x1d0c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:20:37.0608 0x1d0c FontCache - ok
17:20:37.0638 0x1d0c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:20:37.0638 0x1d0c FontCache3.0.0.0 - ok
17:20:37.0658 0x1d0c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:20:37.0658 0x1d0c FsDepends - ok
17:20:37.0699 0x1d0c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:20:37.0702 0x1d0c Fs_Rec - ok
17:20:37.0726 0x1d0c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:20:37.0726 0x1d0c fvevol - ok
17:20:37.0756 0x1d0c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:20:37.0756 0x1d0c gagp30kx - ok
17:20:37.0799 0x1d0c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:20:37.0829 0x1d0c gpsvc - ok
17:20:37.0922 0x1d0c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:37.0926 0x1d0c gupdate - ok
17:20:37.0935 0x1d0c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:37.0938 0x1d0c gupdatem - ok
17:20:37.0959 0x1d0c [ 091582DA724F54830012E3FAAF2F1D1A, B7EB5697C924C90BF70C64F71EBA004925C2948323E1B16E58FF2F71432AAFB1 ] Hardlock C:\Windows\system32\drivers\hardlock.sys
17:20:37.0969 0x1d0c Hardlock - ok
17:20:37.0999 0x1d0c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:20:38.0009 0x1d0c hcw85cir - ok
17:20:38.0039 0x1d0c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:20:38.0049 0x1d0c HdAudAddService - ok
17:20:38.0079 0x1d0c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:20:38.0089 0x1d0c HDAudBus - ok
17:20:38.0109 0x1d0c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:20:38.0109 0x1d0c HidBatt - ok
17:20:38.0129 0x1d0c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:20:38.0139 0x1d0c HidBth - ok
17:20:38.0179 0x1d0c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:20:38.0189 0x1d0c HidIr - ok
17:20:38.0209 0x1d0c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:20:38.0219 0x1d0c hidserv - ok
17:20:38.0259 0x1d0c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:20:38.0259 0x1d0c HidUsb - ok
17:20:38.0309 0x1d0c [ FCE2251FE4464DCAA2F4684F19A8EE9B, 8062CD636DEFA8E160427BC2C61BC5C0DAA5396E16ABE9353B27C217FDE70B04 ] hitmanpro37 C:\Windows\system32\drivers\hitmanpro37.sys
17:20:38.0309 0x1d0c hitmanpro37 - ok
17:20:38.0329 0x1d0c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:20:38.0329 0x1d0c hkmsvc - ok
17:20:38.0349 0x1d0c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:20:38.0349 0x1d0c HomeGroupListener - ok
17:20:38.0369 0x1d0c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:20:38.0379 0x1d0c HomeGroupProvider - ok
17:20:38.0399 0x1d0c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:20:38.0399 0x1d0c HpSAMD - ok
17:20:38.0429 0x1d0c [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
17:20:38.0439 0x1d0c HTCAND64 - ok
17:20:38.0459 0x1d0c [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
17:20:38.0469 0x1d0c htcnprot - ok
17:20:38.0479 0x1d0c [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
17:20:38.0489 0x1d0c HtcVCom32 - ok
17:20:38.0509 0x1d0c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:20:38.0519 0x1d0c HTTP - ok
17:20:38.0529 0x1d0c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:20:38.0529 0x1d0c hwpolicy - ok
17:20:38.0549 0x1d0c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:20:38.0549 0x1d0c i8042prt - ok
17:20:38.0619 0x1d0c [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:20:38.0639 0x1d0c iaStor - ok
17:20:38.0689 0x1d0c [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:20:38.0689 0x1d0c IAStorDataMgrSvc - ok
17:20:38.0719 0x1d0c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:20:38.0729 0x1d0c iaStorV - ok
17:20:38.0799 0x1d0c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:20:38.0819 0x1d0c idsvc - ok
17:20:38.0879 0x1d0c IEEtwCollectorService - ok
17:20:39.0038 0x1d0c [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:20:39.0228 0x1d0c igfx - ok
17:20:39.0258 0x1d0c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:20:39.0258 0x1d0c iirsp - ok
17:20:39.0308 0x1d0c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:20:39.0328 0x1d0c IKEEXT - ok
17:20:39.0490 0x1d0c [ 483987354C1C2C2E67B82EA4A58C23A7, 7429C993DB67EDB48F16ACAA013E2D2AB5B934E94FD90273A50583201BD6E932 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:20:39.0610 0x1d0c IntcAzAudAddService - ok
17:20:39.0680 0x1d0c [ 7C76466F4E0F76CE259C6005D161E9E8, 19F3CCC3A86B68DB70B7608F9ED33746518F5B2450E5BAF9581127CE7A9AA5D2 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:20:39.0690 0x1d0c Intel(R) Capability Licensing Service Interface - ok
17:20:39.0760 0x1d0c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:20:39.0760 0x1d0c intelide - ok
17:20:39.0770 0x1d0c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:20:39.0780 0x1d0c intelppm - ok
17:20:39.0810 0x1d0c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:20:39.0820 0x1d0c IPBusEnum - ok
17:20:39.0830 0x1d0c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:20:39.0840 0x1d0c IpFilterDriver - ok
17:20:39.0901 0x1d0c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:20:39.0919 0x1d0c iphlpsvc - ok
17:20:39.0937 0x1d0c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:20:39.0947 0x1d0c IPMIDRV - ok
17:20:39.0957 0x1d0c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:20:39.0957 0x1d0c IPNAT - ok
17:20:39.0977 0x1d0c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:20:39.0977 0x1d0c IRENUM - ok
17:20:39.0997 0x1d0c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:20:39.0997 0x1d0c isapnp - ok
17:20:40.0027 0x1d0c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:20:40.0037 0x1d0c iScsiPrt - ok
17:20:40.0067 0x1d0c [ D22982C269775BCBDDA8A0F82A9ADE9E, 26C19369F5F2B42C37F23842C5795FECEF21BC290968AABC9984502F0FD921DF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:20:40.0077 0x1d0c jhi_service - ok
17:20:40.0097 0x1d0c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:20:40.0097 0x1d0c kbdclass - ok
17:20:40.0117 0x1d0c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:20:40.0117 0x1d0c kbdhid - ok
17:20:40.0147 0x1d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
17:20:40.0147 0x1d0c KeyIso - ok
17:20:40.0167 0x1d0c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:20:40.0167 0x1d0c KSecDD - ok
17:20:40.0187 0x1d0c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:20:40.0187 0x1d0c KSecPkg - ok
17:20:40.0207 0x1d0c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:20:40.0207 0x1d0c ksthunk - ok
17:20:40.0237 0x1d0c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:20:40.0247 0x1d0c KtmRm - ok
17:20:40.0267 0x1d0c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:20:40.0277 0x1d0c LanmanServer - ok
17:20:40.0287 0x1d0c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:20:40.0297 0x1d0c LanmanWorkstation - ok
17:20:40.0317 0x1d0c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:20:40.0317 0x1d0c lltdio - ok
17:20:40.0337 0x1d0c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:20:40.0347 0x1d0c lltdsvc - ok
17:20:40.0357 0x1d0c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:20:40.0357 0x1d0c lmhosts - ok
17:20:40.0397 0x1d0c [ 5C08357C65F658E29B5DDC2EF18D575C, 80802787D7CD07BFB4F2EEE463837FB0CBB3626A2D5451B32794DB66A3CC3D98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:20:40.0397 0x1d0c LMS - ok
17:20:40.0412 0x1d0c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:20:40.0422 0x1d0c LSI_FC - ok
17:20:40.0442 0x1d0c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:20:40.0452 0x1d0c LSI_SAS - ok
17:20:40.0472 0x1d0c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:20:40.0472 0x1d0c LSI_SAS2 - ok
17:20:40.0502 0x1d0c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:20:40.0512 0x1d0c LSI_SCSI - ok
17:20:40.0522 0x1d0c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:20:40.0532 0x1d0c luafv - ok
17:20:40.0642 0x1d0c [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
17:20:40.0712 0x1d0c MBAMScheduler - ok
17:20:40.0752 0x1d0c [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
17:20:40.0752 0x1d0c MBAMSwissArmy - ok
17:20:40.0772 0x1d0c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:20:40.0772 0x1d0c Mcx2Svc - ok
17:20:40.0792 0x1d0c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:20:40.0792 0x1d0c megasas - ok
17:20:40.0812 0x1d0c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:20:40.0822 0x1d0c MegaSR - ok
17:20:40.0852 0x1d0c [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
17:20:40.0862 0x1d0c MEIx64 - ok
17:20:40.0912 0x1d0c [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:20:40.0912 0x1d0c Microsoft Office Groove Audit Service - ok
17:20:40.0932 0x1d0c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:20:40.0942 0x1d0c MMCSS - ok
17:20:40.0952 0x1d0c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:20:40.0952 0x1d0c Modem - ok
17:20:40.0972 0x1d0c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:20:40.0972 0x1d0c monitor - ok
17:20:41.0012 0x1d0c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:20:41.0012 0x1d0c mouclass - ok
17:20:41.0032 0x1d0c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:20:41.0042 0x1d0c mouhid - ok
17:20:41.0052 0x1d0c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:20:41.0062 0x1d0c mountmgr - ok
17:20:41.0112 0x1d0c [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:20:41.0122 0x1d0c MozillaMaintenance - ok
17:20:41.0142 0x1d0c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:20:41.0152 0x1d0c mpio - ok
17:20:41.0172 0x1d0c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:20:41.0172 0x1d0c mpsdrv - ok
17:20:41.0212 0x1d0c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:20:41.0232 0x1d0c MpsSvc - ok
17:20:41.0252 0x1d0c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:20:41.0252 0x1d0c MRxDAV - ok
17:20:41.0272 0x1d0c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:20:41.0272 0x1d0c mrxsmb - ok
17:20:41.0292 0x1d0c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:20:41.0292 0x1d0c mrxsmb10 - ok
17:20:41.0302 0x1d0c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:20:41.0302 0x1d0c mrxsmb20 - ok
17:20:41.0322 0x1d0c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:20:41.0322 0x1d0c msahci - ok
17:20:41.0332 0x1d0c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:20:41.0342 0x1d0c msdsm - ok
17:20:41.0352 0x1d0c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:20:41.0352 0x1d0c MSDTC - ok
17:20:41.0352 0x1d0c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:20:41.0362 0x1d0c Msfs - ok
17:20:41.0372 0x1d0c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:20:41.0372 0x1d0c mshidkmdf - ok
17:20:41.0372 0x1d0c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:20:41.0372 0x1d0c msisadrv - ok
17:20:41.0392 0x1d0c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:20:41.0403 0x1d0c MSiSCSI - ok
17:20:41.0405 0x1d0c msiserver - ok
17:20:41.0415 0x1d0c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:20:41.0425 0x1d0c MSKSSRV - ok
17:20:41.0435 0x1d0c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:20:41.0435 0x1d0c MSPCLOCK - ok
17:20:41.0445 0x1d0c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:20:41.0445 0x1d0c MSPQM - ok
17:20:41.0465 0x1d0c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:20:41.0475 0x1d0c MsRPC - ok
17:20:41.0495 0x1d0c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:20:41.0505 0x1d0c mssmbios - ok
17:20:41.0515 0x1d0c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:20:41.0515 0x1d0c MSTEE - ok
17:20:41.0525 0x1d0c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:20:41.0535 0x1d0c MTConfig - ok
17:20:41.0535 0x1d0c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:20:41.0545 0x1d0c Mup - ok
17:20:41.0575 0x1d0c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:20:41.0595 0x1d0c napagent - ok
17:20:41.0615 0x1d0c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:20:41.0625 0x1d0c NativeWifiP - ok
17:20:41.0675 0x1d0c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:20:41.0695 0x1d0c NDIS - ok
17:20:41.0715 0x1d0c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:20:41.0715 0x1d0c NdisCap - ok
17:20:41.0725 0x1d0c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:20:41.0725 0x1d0c NdisTapi - ok
17:20:41.0745 0x1d0c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:20:41.0745 0x1d0c Ndisuio - ok
17:20:41.0755 0x1d0c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:20:41.0765 0x1d0c NdisWan - ok
17:20:41.0775 0x1d0c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:20:41.0785 0x1d0c NDProxy - ok
17:20:41.0785 0x1d0c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:20:41.0785 0x1d0c NetBIOS - ok
17:20:41.0805 0x1d0c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:20:41.0812 0x1d0c NetBT - ok
17:20:41.0824 0x1d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
17:20:41.0826 0x1d0c Netlogon - ok
17:20:41.0850 0x1d0c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:20:41.0860 0x1d0c Netman - ok
17:20:41.0900 0x1d0c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:41.0910 0x1d0c NetMsmqActivator - ok
17:20:41.0920 0x1d0c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:41.0920 0x1d0c NetPipeActivator - ok
17:20:41.0950 0x1d0c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:20:41.0970 0x1d0c netprofm - ok
17:20:41.0970 0x1d0c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:41.0980 0x1d0c NetTcpActivator - ok
17:20:41.0980 0x1d0c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:20:41.0980 0x1d0c NetTcpPortSharing - ok
17:20:41.0990 0x1d0c NetworkX - ok
17:20:42.0020 0x1d0c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:20:42.0020 0x1d0c nfrd960 - ok
17:20:42.0060 0x1d0c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:20:42.0070 0x1d0c NlaSvc - ok
17:20:42.0070 0x1d0c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:20:42.0070 0x1d0c Npfs - ok
17:20:42.0080 0x1d0c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:20:42.0090 0x1d0c nsi - ok
17:20:42.0090 0x1d0c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:20:42.0090 0x1d0c nsiproxy - ok
17:20:42.0130 0x1d0c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:20:42.0170 0x1d0c Ntfs - ok
17:20:42.0190 0x1d0c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:20:42.0200 0x1d0c Null - ok
17:20:42.0230 0x1d0c [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
17:20:42.0250 0x1d0c NVENETFD - ok
17:20:42.0280 0x1d0c [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:20:42.0290 0x1d0c NVHDA - ok
17:20:42.0580 0x1d0c [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:20:42.0840 0x1d0c nvlddmkm - ok
17:20:42.0950 0x1d0c [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:20:42.0980 0x1d0c NvNetworkService - ok
17:20:43.0010 0x1d0c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:20:43.0020 0x1d0c nvraid - ok
17:20:43.0040 0x1d0c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:20:43.0050 0x1d0c nvstor - ok
17:20:43.0110 0x1d0c [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:20:43.0120 0x1d0c NvStreamKms - ok
17:20:43.0520 0x1d0c [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:20:43.0901 0x1d0c NvStreamSvc - ok
17:20:43.0971 0x1d0c [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:20:43.0981 0x1d0c nvsvc - ok
17:20:44.0011 0x1d0c [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:20:44.0011 0x1d0c nvvad_WaveExtensible - ok
17:20:44.0051 0x1d0c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:20:44.0051 0x1d0c nv_agp - ok
17:20:44.0111 0x1d0c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:20:44.0131 0x1d0c odserv - ok
17:20:44.0141 0x1d0c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:20:44.0141 0x1d0c ohci1394 - ok
17:20:44.0161 0x1d0c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:20:44.0171 0x1d0c ose - ok
17:20:44.0201 0x1d0c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:20:44.0211 0x1d0c p2pimsvc - ok
17:20:44.0231 0x1d0c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:20:44.0241 0x1d0c p2psvc - ok
17:20:44.0261 0x1d0c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:20:44.0261 0x1d0c Parport - ok
17:20:44.0281 0x1d0c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:20:44.0291 0x1d0c partmgr - ok
17:20:44.0331 0x1d0c [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
17:20:44.0341 0x1d0c PassThru Service - ok
17:20:44.0351 0x1d0c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:20:44.0361 0x1d0c PcaSvc - ok
17:20:44.0401 0x1d0c [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:20:44.0401 0x1d0c pccsmcfd - ok
17:20:44.0411 0x1d0c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:20:44.0421 0x1d0c pci - ok
17:20:44.0451 0x1d0c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:20:44.0461 0x1d0c pciide - ok
17:20:44.0471 0x1d0c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:20:44.0481 0x1d0c pcmcia - ok
17:20:44.0491 0x1d0c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:20:44.0491 0x1d0c pcw - ok
17:20:44.0541 0x1d0c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:20:44.0551 0x1d0c PEAUTH - ok
17:20:44.0601 0x1d0c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:20:44.0611 0x1d0c PerfHost - ok
17:20:44.0651 0x1d0c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:20:44.0691 0x1d0c pla - ok
17:20:44.0731 0x1d0c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:20:44.0751 0x1d0c PlugPlay - ok
17:20:44.0801 0x1d0c [ A010F13D27C1033A8BE09D5FA9BF348B, 5536A233554C469F270046ADEE12A158F70E2D8BE776BAD0925235B015567D46 ] pneteth C:\Windows\system32\DRIVERS\pneteth.sys
17:20:44.0811 0x1d0c pneteth - ok
17:20:44.0824 0x1d0c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:20:44.0824 0x1d0c PNRPAutoReg - ok
17:20:44.0845 0x1d0c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:20:44.0855 0x1d0c PNRPsvc - ok
17:20:44.0874 0x1d0c [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64 C:\Windows\system32\DRIVERS\point64.sys
17:20:44.0877 0x1d0c Point64 - ok
17:20:44.0898 0x1d0c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:20:44.0918 0x1d0c PolicyAgent - ok
17:20:44.0928 0x1d0c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:20:44.0938 0x1d0c Power - ok
17:20:44.0948 0x1d0c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:20:44.0948 0x1d0c PptpMiniport - ok
17:20:44.0968 0x1d0c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:20:44.0978 0x1d0c Processor - ok
17:20:44.0998 0x1d0c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
17:20:45.0008 0x1d0c ProfSvc - ok
17:20:45.0018 0x1d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:20:45.0028 0x1d0c ProtectedStorage - ok
17:20:45.0038 0x1d0c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:20:45.0048 0x1d0c Psched - ok
17:20:45.0068 0x1d0c [ DEFD557D9B8C0FA3CEA6CC576400114E, 5A969B652EE5F2DE10E936482B9A7D23B7C5F9B3DBC71AC660F004EFFF0CD229 ] pwdrvio C:\Windows\system32\pwdrvio.sys
17:20:45.0078 0x1d0c pwdrvio - ok
17:20:45.0088 0x1d0c [ A2EE3B70A9E05F651B888078726C2787, 66F90B23A041F8050510A4DE6612F6CB7F3F259DDDDC2FA1BE7D578300B92188 ] pwdspio C:\Windows\system32\pwdspio.sys
17:20:45.0088 0x1d0c pwdspio - ok
17:20:45.0148 0x1d0c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:20:45.0208 0x1d0c ql2300 - ok
17:20:45.0248 0x1d0c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:20:45.0248 0x1d0c ql40xx - ok
17:20:45.0268 0x1d0c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:20:45.0278 0x1d0c QWAVE - ok
17:20:45.0288 0x1d0c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:20:45.0288 0x1d0c QWAVEdrv - ok
17:20:45.0308 0x1d0c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:20:45.0308 0x1d0c RasAcd - ok
17:20:45.0328 0x1d0c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:20:45.0338 0x1d0c RasAgileVpn - ok
17:20:45.0348 0x1d0c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:20:45.0358 0x1d0c RasAuto - ok
17:20:45.0368 0x1d0c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:20:45.0368 0x1d0c Rasl2tp - ok
17:20:45.0388 0x1d0c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:20:45.0398 0x1d0c RasMan - ok
17:20:45.0418 0x1d0c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:20:45.0418 0x1d0c RasPppoe - ok
17:20:45.0438 0x1d0c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:20:45.0438 0x1d0c RasSstp - ok
17:20:45.0458 0x1d0c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:20:45.0468 0x1d0c rdbss - ok
17:20:45.0498 0x1d0c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:20:45.0498 0x1d0c rdpbus - ok
17:20:45.0518 0x1d0c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:20:45.0518 0x1d0c RDPCDD - ok
17:20:45.0528 0x1d0c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:20:45.0528 0x1d0c RDPENCDD - ok
17:20:45.0538 0x1d0c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:20:45.0538 0x1d0c RDPREFMP - ok
17:20:45.0598 0x1d0c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:20:45.0608 0x1d0c RdpVideoMiniport - ok
17:20:45.0628 0x1d0c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:20:45.0638 0x1d0c RDPWD - ok
17:20:45.0668 0x1d0c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:20:45.0668 0x1d0c rdyboost - ok
17:20:45.0698 0x1d0c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:20:45.0698 0x1d0c RemoteAccess - ok
17:20:45.0718 0x1d0c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:20:45.0728 0x1d0c RemoteRegistry - ok
17:20:45.0738 0x1d0c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:20:45.0748 0x1d0c RpcEptMapper - ok
17:20:45.0758 0x1d0c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:20:45.0768 0x1d0c RpcLocator - ok
17:20:45.0788 0x1d0c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:20:45.0808 0x1d0c RpcSs - ok
17:20:45.0818 0x1d0c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:20:45.0828 0x1d0c rspndr - ok
17:20:45.0858 0x1d0c [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:20:45.0878 0x1d0c RTL8167 - ok
17:20:45.0948 0x1d0c [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
17:20:45.0968 0x1d0c RTL8192su - ok
17:20:45.0978 0x1d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
17:20:45.0988 0x1d0c SamSs - ok
17:20:46.0008 0x1d0c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:20:46.0018 0x1d0c sbp2port - ok
17:20:46.0038 0x1d0c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:20:46.0048 0x1d0c SCardSvr - ok
17:20:46.0068 0x1d0c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:20:46.0068 0x1d0c scfilter - ok
17:20:46.0108 0x1d0c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:20:46.0158 0x1d0c Schedule - ok
17:20:46.0198 0x1d0c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:20:46.0198 0x1d0c SCPolicySvc - ok
17:20:46.0208 0x1d0c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:20:46.0218 0x1d0c SDRSVC - ok
17:20:46.0248 0x1d0c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:20:46.0248 0x1d0c secdrv - ok
17:20:46.0268 0x1d0c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:20:46.0268 0x1d0c seclogon - ok
17:20:46.0278 0x1d0c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:20:46.0288 0x1d0c SENS - ok
17:20:46.0308 0x1d0c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:20:46.0308 0x1d0c SensrSvc - ok
17:20:46.0328 0x1d0c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:20:46.0328 0x1d0c Serenum - ok
17:20:46.0368 0x1d0c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
17:20:46.0378 0x1d0c Serial - ok
17:20:46.0408 0x1d0c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:20:46.0408 0x1d0c sermouse - ok
17:20:46.0458 0x1d0c [ F31E9531AF225CA25350D5E87E999B31, 69BA311E15C9E819AFD8150344498B549B0C47B332EF26346A24B89B6E7C3A44 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:20:46.0478 0x1d0c ServiceLayer - ok
17:20:46.0498 0x1d0c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:20:46.0498 0x1d0c SessionEnv - ok
17:20:46.0508 0x1d0c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:20:46.0508 0x1d0c sffdisk - ok
17:20:46.0528 0x1d0c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:20:46.0528 0x1d0c sffp_mmc - ok
17:20:46.0538 0x1d0c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:20:46.0538 0x1d0c sffp_sd - ok
17:20:46.0558 0x1d0c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:20:46.0568 0x1d0c sfloppy - ok
17:20:46.0598 0x1d0c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:20:46.0608 0x1d0c SharedAccess - ok
17:20:46.0628 0x1d0c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:20:46.0638 0x1d0c ShellHWDetection - ok
17:20:46.0658 0x1d0c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:20:46.0668 0x1d0c SiSRaid2 - ok
17:20:46.0678 0x1d0c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:20:46.0688 0x1d0c SiSRaid4 - ok
17:20:46.0758 0x1d0c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:20:46.0768 0x1d0c SkypeUpdate - ok
17:20:46.0788 0x1d0c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:20:46.0798 0x1d0c Smb - ok
17:20:46.0828 0x1d0c [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman C:\Windows\system32\DRIVERS\snapman.sys
17:20:46.0838 0x1d0c snapman - ok
17:20:46.0858 0x1d0c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:20:46.0868 0x1d0c SNMPTRAP - ok
17:20:46.0878 0x1d0c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:20:46.0888 0x1d0c spldr - ok
17:20:46.0918 0x1d0c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:20:46.0938 0x1d0c Spooler - ok
17:20:47.0030 0x1d0c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:20:47.0150 0x1d0c sppsvc - ok
17:20:47.0180 0x1d0c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:20:47.0190 0x1d0c sppuinotify - ok
17:20:47.0230 0x1d0c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:20:47.0240 0x1d0c srv - ok
17:20:47.0250 0x1d0c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:20:47.0260 0x1d0c srv2 - ok
17:20:47.0270 0x1d0c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:20:47.0270 0x1d0c srvnet - ok
17:20:47.0300 0x1d0c [ 8F8324ED1DE63FFC7B1A02CD2D963C72, E58603F81DEAFF1D45CB83FB6E625E6A13868741B833B1C9E60D672179D18EE0 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
17:20:47.0300 0x1d0c ssadbus - ok
17:20:47.0320 0x1d0c [ 58221EFCB74167B73667F0024C661CE0, D9B67A8897B4DC3E4729187F17ABEB4710CF57440D718E17ED828439198D34DB ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:20:47.0320 0x1d0c ssadmdfl - ok
17:20:47.0340 0x1d0c [ 4DA7C71BFAC5AD71255B7E4CAB980163, 4CC0F9C8E96ECEF36EEB021E448A9734B63512D030516DC38B1A2EEAA1043AEC ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
17:20:47.0350 0x1d0c ssadmdm - ok
17:20:47.0350 0x1d0c [ D33D1BD3EC0E766211A234F56A12726D, 53EEAA94865554F8422D111D717B548DF553B5B8647D2A45F3718BF4AEEBEC27 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
17:20:47.0360 0x1d0c ssadserd - ok
17:20:47.0370 0x1d0c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:20:47.0380 0x1d0c SSDPSRV - ok
17:20:47.0390 0x1d0c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:20:47.0390 0x1d0c SstpSvc - ok
17:20:47.0430 0x1d0c [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:20:47.0440 0x1d0c ssudmdm - ok
17:20:47.0490 0x1d0c [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:20:47.0500 0x1d0c Stereo Service - ok
17:20:47.0530 0x1d0c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:20:47.0530 0x1d0c stexstor - ok
17:20:47.0560 0x1d0c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:20:47.0580 0x1d0c stisvc - ok
17:20:47.0610 0x1d0c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:20:47.0610 0x1d0c swenum - ok
17:20:47.0630 0x1d0c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:20:47.0640 0x1d0c swprv - ok
17:20:47.0840 0x1d0c [ 40C44484AA64B9CD738DDF9E3BE8A85F, 937447B2D0071315A249C3B240083CDB86C8918A99A3DEACEAF5C9F6E63BEB70 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
17:20:47.0920 0x1d0c syncagentsrv - ok
17:20:48.0000 0x1d0c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:20:48.0040 0x1d0c SysMain - ok
17:20:48.0050 0x1d0c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:20:48.0060 0x1d0c TabletInputService - ok
17:20:48.0070 0x1d0c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:20:48.0080 0x1d0c TapiSrv - ok
17:20:48.0090 0x1d0c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:20:48.0100 0x1d0c TBS - ok
17:20:48.0150 0x1d0c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:20:48.0190 0x1d0c Tcpip - ok
17:20:48.0270 0x1d0c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:20:48.0300 0x1d0c TCPIP6 - ok
17:20:48.0340 0x1d0c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:20:48.0350 0x1d0c tcpipreg - ok
17:20:48.0360 0x1d0c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:20:48.0370 0x1d0c TDPIPE - ok
17:20:48.0430 0x1d0c [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
17:20:48.0460 0x1d0c tdrpman - ok
17:20:48.0490 0x1d0c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:20:48.0490 0x1d0c TDTCP - ok
17:20:48.0520 0x1d0c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:20:48.0520 0x1d0c tdx - ok
17:20:48.0650 0x1d0c [ 6B1B2F8D62D606B200C2072564090104, 5EC2A32CAC5729CD26C2A5E1EFF65B4CE24E41BB89F098FF9B9C4968756712FA ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
17:20:48.0720 0x1d0c TeamViewer8 - ok
17:20:48.0750 0x1d0c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:20:48.0750 0x1d0c TermDD - ok
17:20:48.0780 0x1d0c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
17:20:48.0790 0x1d0c TermService - ok
17:20:48.0810 0x1d0c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:20:48.0810 0x1d0c Themes - ok
17:20:48.0830 0x1d0c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:20:48.0830 0x1d0c THREADORDER - ok
17:20:48.0870 0x1d0c [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\Windows\system32\DRIVERS\tib.sys
17:20:48.0900 0x1d0c tib - ok
17:20:48.0920 0x1d0c [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys
17:20:48.0930 0x1d0c tib_mounter - ok
17:20:48.0940 0x1d0c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:20:48.0940 0x1d0c TrkWks - ok
17:20:48.0990 0x1d0c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:20:48.0990 0x1d0c TrustedInstaller - ok
17:20:49.0010 0x1d0c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:20:49.0020 0x1d0c tssecsrv - ok
17:20:49.0050 0x1d0c [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:20:49.0060 0x1d0c TsUsbFlt - ok
17:20:49.0080 0x1d0c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:20:49.0090 0x1d0c TsUsbGD - ok
17:20:49.0180 0x1d0c [ E8985332F611F56ADBCFF987E7D67D51, F0388E75956365E73A5F6D5CB8929D66227B46A0529123EE158136B7B9D96535 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
17:20:49.0210 0x1d0c TuneUp.UtilitiesSvc - ok
17:20:49.0244 0x1d0c [ 7BC3381C0713F613B31ACDE38B71CB53, 275A6CB6A6157270C35FD7D6213D0D99030AEE5AE852E0D929CBE879C63FAB2F ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
17:20:49.0244 0x1d0c TuneUpUtilitiesDrv - ok
17:20:49.0264 0x1d0c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:20:49.0274 0x1d0c tunnel - ok
17:20:49.0304 0x1d0c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:20:49.0304 0x1d0c uagp35 - ok
17:20:49.0324 0x1d0c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:20:49.0334 0x1d0c udfs - ok
17:20:49.0354 0x1d0c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:20:49.0364 0x1d0c UI0Detect - ok
17:20:49.0394 0x1d0c [ 6D5E0269F2B97011800B788ACCF2EAF6, 1F1B0B161BC85F04863FA4383FCC9A1AAAD939394D39D02F061FA7F314719233 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
17:20:49.0394 0x1d0c UimBus - ok
17:20:49.0424 0x1d0c [ A30AC921D38E6F3EACFF0D0FF5510F1A, 1888455F4B42A0D183F26B8A1C68E2D6DCB2C5F47B4C6E59B0EA568971510D03 ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
17:20:49.0444 0x1d0c Uim_IM - ok
17:20:49.0464 0x1d0c [ 5525963E10CCA6C8551B986A2CF39C59, 95912A240F12D30513C3702DFB2870DC416B609FD16F52332C67C40A67064B5C ] Uim_VIM C:\Windows\system32\Drivers\uim_vimx64.sys
17:20:49.0474 0x1d0c Uim_VIM - ok
17:20:49.0484 0x1d0c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:20:49.0494 0x1d0c uliagpkx - ok
17:20:49.0504 0x1d0c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:20:49.0514 0x1d0c umbus - ok
17:20:49.0544 0x1d0c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:20:49.0544 0x1d0c UmPass - ok
17:20:49.0594 0x1d0c [ 0DFC9713D117B349E41A2A477448107A, 0C7B2162C2FA0BA46C2D3D9986CB542926C1802532E0785A49AC9B18284267AC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:20:49.0604 0x1d0c UNS - ok
17:20:49.0634 0x1d0c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:20:49.0634 0x1d0c upnphost - ok
17:20:49.0664 0x1d0c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:20:49.0664 0x1d0c usbccgp - ok
17:20:49.0684 0x1d0c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:20:49.0695 0x1d0c usbcir - ok
17:20:49.0705 0x1d0c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:20:49.0705 0x1d0c usbehci - ok
17:20:49.0728 0x1d0c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:20:49.0728 0x1d0c usbhub - ok
17:20:49.0738 0x1d0c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:20:49.0748 0x1d0c usbohci - ok
17:20:49.0768 0x1d0c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:20:49.0768 0x1d0c usbprint - ok
17:20:49.0798 0x1d0c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
17:20:49.0798 0x1d0c usbscan - ok
17:20:49.0828 0x1d0c [ 4ACEE387FA8FD39F83564FCD2FC234F2, 3D62DE27027B8C032D15EB74F97A14B4EC24E67052C1163862740D6312B2569B ] usbser C:\Windows\system32\drivers\usbser.sys
17:20:49.0828 0x1d0c usbser - ok
17:20:49.0848 0x1d0c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:20:49.0848 0x1d0c USBSTOR - ok
17:20:49.0858 0x1d0c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:20:49.0868 0x1d0c usbuhci - ok
17:20:49.0898 0x1d0c [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
17:20:49.0908 0x1d0c usb_rndisx - ok
17:20:49.0918 0x1d0c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:20:49.0928 0x1d0c UxSms - ok
17:20:49.0968 0x1d0c [ 0089C14DFBBEB6B3A22BE14A44A4CE1F, DD5224930D77504B2241E0AB9658F3C2D84B89A3019F818AE666A957CCDC0869 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:20:49.0978 0x1d0c UxTuneUp - ok
17:20:49.0988 0x1d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
17:20:49.0998 0x1d0c VaultSvc - ok
17:20:50.0075 0x1d0c [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
17:20:50.0079 0x1d0c VBoxAswDrv - ok
17:20:50.0109 0x1d0c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:20:50.0109 0x1d0c vdrvroot - ok
17:20:50.0139 0x1d0c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:20:50.0159 0x1d0c vds - ok
17:20:50.0181 0x1d0c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:20:50.0183 0x1d0c vga - ok
17:20:50.0198 0x1d0c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:20:50.0200 0x1d0c VgaSave - ok
17:20:50.0215 0x1d0c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:20:50.0219 0x1d0c vhdmp - ok
17:20:50.0245 0x1d0c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:20:50.0248 0x1d0c viaide - ok
17:20:50.0279 0x1d0c [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr C:\Windows\system32\DRIVERS\vididr.sys
17:20:50.0285 0x1d0c vididr - ok
17:20:50.0300 0x1d0c [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt C:\Windows\system32\DRIVERS\vidsflt.sys
17:20:50.0306 0x1d0c vidsflt - ok
17:20:50.0346 0x1d0c [ 091E009EF749C9D65CF9ADFAD316D251, BA3D03C535BA120E40332DD3F88956C853AFF4E44346B29D59943901A0737B02 ] vmm C:\Windows\system32\Treiber\vmm.sys
17:20:50.0353 0x1d0c vmm - ok
17:20:50.0377 0x1d0c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:20:50.0379 0x1d0c volmgr - ok
17:20:50.0398 0x1d0c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:20:50.0405 0x1d0c volmgrx - ok
17:20:50.0421 0x1d0c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:20:50.0427 0x1d0c volsnap - ok
17:20:50.0445 0x1d0c [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
17:20:50.0449 0x1d0c vpcbus - ok
17:20:50.0464 0x1d0c [ BC2EA40B98B5E866D9A4F98AFB66B682, 838EAF1ADDC2826FE4830F2410F6EE3517CDDEF0D5212BC6FD009BC3CA7D70E6 ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
17:20:50.0467 0x1d0c VPCNetS2 - ok
17:20:50.0474 0x1d0c [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
17:20:50.0477 0x1d0c vpcnfltr - ok
17:20:50.0488 0x1d0c [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
17:20:50.0492 0x1d0c vpcusb - ok
17:20:50.0515 0x1d0c [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
17:20:50.0521 0x1d0c vpcvmm - ok
17:20:50.0547 0x1d0c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:20:50.0551 0x1d0c vsmraid - ok
17:20:50.0596 0x1d0c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:20:50.0619 0x1d0c VSS - ok
17:20:50.0669 0x1d0c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:20:50.0672 0x1d0c vwifibus - ok
17:20:50.0692 0x1d0c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:20:50.0694 0x1d0c vwififlt - ok
17:20:50.0719 0x1d0c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:20:50.0729 0x1d0c W32Time - ok
17:20:50.0749 0x1d0c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:20:50.0751 0x1d0c WacomPen - ok
17:20:50.0764 0x1d0c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:20:50.0767 0x1d0c WANARP - ok
17:20:50.0770 0x1d0c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:20:50.0772 0x1d0c Wanarpv6 - ok
17:20:50.0818 0x1d0c [ 63D7250ED2C2E3CD9B11139A608D6C39, 256CF5427706912090ABE67E7EAAB09FEE6692A610839BAEE233CFC403702B9C ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe
17:20:50.0822 0x1d0c watchmi - ok
17:20:50.0880 0x1d0c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:20:50.0919 0x1d0c wbengine - ok
17:20:50.0936 0x1d0c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:20:50.0943 0x1d0c WbioSrvc - ok
17:20:50.0975 0x1d0c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:20:50.0984 0x1d0c wcncsvc - ok
17:20:50.0994 0x1d0c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:20:50.0999 0x1d0c WcsPlugInService - ok
17:20:51.0020 0x1d0c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:20:51.0022 0x1d0c Wd - ok
17:20:51.0052 0x1d0c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:20:51.0066 0x1d0c Wdf01000 - ok
17:20:51.0092 0x1d0c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:20:51.0102 0x1d0c WdiServiceHost - ok
17:20:51.0102 0x1d0c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:20:51.0102 0x1d0c WdiSystemHost - ok
17:20:51.0122 0x1d0c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
17:20:51.0132 0x1d0c WebClient - ok
17:20:51.0142 0x1d0c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:20:51.0152 0x1d0c Wecsvc - ok
17:20:51.0162 0x1d0c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:20:51.0172 0x1d0c wercplsupport - ok
17:20:51.0192 0x1d0c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:20:51.0192 0x1d0c WerSvc - ok
17:20:51.0222 0x1d0c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:20:51.0222 0x1d0c WfpLwf - ok
17:20:51.0242 0x1d0c [ 2C3E71FF4F6E859AE3833BA206B00614, 60CA297905E357F1596EBEC695629AA34FD5D80C6C6291E89F5B4BC8591ECA64 ] whfltr2k C:\Windows\system32\DRIVERS\whfltr2k.sys
17:20:51.0242 0x1d0c whfltr2k - ok
17:20:51.0252 0x1d0c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:20:51.0262 0x1d0c WIMMount - ok
17:20:51.0282 0x1d0c WinDefend - ok
17:20:51.0292 0x1d0c WinHttpAutoProxySvc - ok
17:20:51.0342 0x1d0c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:20:51.0352 0x1d0c Winmgmt - ok
17:20:51.0422 0x1d0c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
17:20:51.0478 0x1d0c WinRM - ok
17:20:51.0532 0x1d0c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:20:51.0534 0x1d0c WinUsb - ok
17:20:51.0561 0x1d0c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:20:51.0578 0x1d0c Wlansvc - ok
17:20:51.0619 0x1d0c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:20:51.0622 0x1d0c wlcrasvc - ok
17:20:51.0691 0x1d0c [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:20:51.0724 0x1d0c wlidsvc - ok
17:20:51.0744 0x1d0c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:20:51.0745 0x1d0c WmiAcpi - ok
17:20:51.0764 0x1d0c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:20:51.0769 0x1d0c wmiApSrv - ok
17:20:51.0794 0x1d0c WMPNetworkSvc - ok
17:20:51.0814 0x1d0c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:20:51.0818 0x1d0c WPCSvc - ok
17:20:51.0831 0x1d0c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:20:51.0836 0x1d0c WPDBusEnum - ok
17:20:51.0862 0x1d0c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:20:51.0863 0x1d0c ws2ifsl - ok
17:20:51.0887 0x1d0c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:20:51.0892 0x1d0c wscsvc - ok
17:20:51.0895 0x1d0c WSearch - ok
17:20:51.0918 0x1d0c [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
17:20:51.0922 0x1d0c wsvd - ok
17:20:52.0036 0x1d0c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
17:20:52.0086 0x1d0c wuauserv - ok
17:20:52.0129 0x1d0c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:20:52.0134 0x1d0c WudfPf - ok
17:20:52.0162 0x1d0c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:20:52.0166 0x1d0c WUDFRd - ok
17:20:52.0195 0x1d0c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:20:52.0200 0x1d0c wudfsvc - ok
17:20:52.0226 0x1d0c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:20:52.0233 0x1d0c WwanSvc - ok
17:20:52.0251 0x1d0c ================ Scan global ===============================
17:20:52.0261 0x1d0c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:20:52.0281 0x1d0c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:20:52.0291 0x1d0c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:20:52.0301 0x1d0c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:20:52.0329 0x1d0c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:20:52.0335 0x1d0c [ Global ] - ok
17:20:52.0335 0x1d0c ================ Scan MBR ==================================
17:20:52.0335 0x1d0c [ 5D949EEA3BEEC2DF38A2D7900AD89A60 ] \Device\Harddisk0\DR0
17:20:53.0972 0x1d0c \Device\Harddisk0\DR0 - ok
17:20:53.0972 0x1d0c ================ Scan VBR ==================================
17:20:53.0974 0x1d0c [ 521BA6E06CF73128BB0825C3637A31E0 ] \Device\Harddisk0\DR0\Partition1
17:20:54.0051 0x1d0c \Device\Harddisk0\DR0\Partition1 - ok
17:20:54.0053 0x1d0c [ D7A2A743A952301EA3AA3D9B637C32CD ] \Device\Harddisk0\DR0\Partition2
17:20:54.0139 0x1d0c \Device\Harddisk0\DR0\Partition2 - ok
17:20:54.0141 0x1d0c [ 115E88C960E69EBA207384A41D376EE6 ] \Device\Harddisk0\DR0\Partition3
17:20:54.0174 0x1d0c \Device\Harddisk0\DR0\Partition3 - ok
17:20:54.0174 0x1d0c ================ Scan generic autorun ======================
17:20:54.0256 0x1d0c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:20:54.0287 0x1d0c Sidebar - ok
17:20:54.0308 0x1d0c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:20:54.0312 0x1d0c mctadmin - ok
17:20:54.0348 0x1d0c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:20:54.0364 0x1d0c Sidebar - ok
17:20:54.0369 0x1d0c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:20:54.0372 0x1d0c mctadmin - ok
17:20:54.0440 0x1d0c [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
17:20:54.0461 0x1d0c Sidebar - ok
17:20:54.0505 0x1d0c [ 224A20C49D9C71F4B57E35201A28E42C, A426E6773ADB75E1CB20A7EAC33D85F7F4B90CCA334C45D63F56BEA29A89F7CF ] C:\Program Files (x86)\ICQ7.4\ICQ.exe
17:20:54.0507 0x1d0c ICQ - ok
17:20:54.0586 0x1d0c [ 8D8D9C8486CB29D01000BFFFE132780A, E1DD85E8CF029FA2F294A2E162838C0D5F11795338C4DE585FD3A0E58894F7C6 ] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
17:20:54.0611 0x1d0c WSHelperSetup.exe - ok
17:20:54.0639 0x1d0c Skype - ok
17:20:54.0807 0x1d0c [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
17:20:54.0905 0x1d0c CCleaner Monitoring - ok
17:20:54.0911 0x1d0c Waiting for KSN requests completion. In queue: 82
17:20:55.0916 0x1d0c Waiting for KSN requests completion. In queue: 82
17:20:56.0924 0x1d0c Waiting for KSN requests completion. In queue: 82
17:20:57.0987 0x1d0c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
17:20:57.0990 0x1d0c Win FW state via NFP2: enabled
17:21:00.0789 0x1d0c ============================================================
17:21:00.0789 0x1d0c Scan finished
17:21:00.0789 0x1d0c ============================================================
17:21:00.0789 0x1f24 Detected object count: 0
17:21:00.0789 0x1f24 Actual detected object count: 0
17:21:40.0885 0x1128 Deinitialize success
|
|
28.01.2015, 17:42
| #5 |
| | Avast RootkitCode:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17501
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.093000 GHz
Memory total: 6407757824, free: 3744739328
=======================================
Initializing...
------------ Kernel report ------------
01/28/2015 03:25:33
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\vidsflt.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vididr.sys
\SystemRoot\system32\DRIVERS\tib_mounter.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tib.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\vpcnfltr.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\vpcvmm.sys
\??\C:\Windows\system32\Treiber\vmm.sys
\SystemRoot\System32\Drivers\UimFIO.SYS
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\drivers\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\asmtxhci.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\VMNetSrv.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\pneteth.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\vpcusb.sys
\SystemRoot\system32\DRIVERS\usbrpm.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\vpchbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\dc3d.sys
\SystemRoot\system32\DRIVERS\point64.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2014.11.18.05
rootkit: v2014.11.12.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8005fa8790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005e38b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005fa8790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005e35af0, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa8005909e40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8005945050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 525C06AB
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 1072437137
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 1072643992 Numsec = 2832285800
Partition 3 type is Other (0x12)
Partition is NOT ACTIVE.
Partition starts at LBA: 3904929792 Numsec = 2097328
Disk Size: 2000398934016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xfffffa8005897060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80058986a0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005897060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80090ddc40, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa80090ffb60, DeviceName: \Device\000000a5\, DriverName: \Driver\USBSTOR\
------------ End ----------
<<<2>>>
<<<3>>>
Volume: D:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
|
|
28.01.2015, 18:52
| #6 |
| /// the machine /// TB-Ausbilder | Avast Rootkit Lass die von Avast angemeckerte Datei bitte mal bei Virustotal prüfen. Dateien online auf Viren prüfen - so geht's - Anleitungen
__________________ --> Avast Rootkit |
|
29.01.2015, 05:23
| #7 |
| | Avast Rootkit Hatte ich bereits ohne Ergebnis https://www.virustotal.com/de/file/256cf5427706912090abe67e7eaab09fee6692a610839baee233cfc403702b9c/analysis/ Der mbas Log oben ist IMHO nicht wirklich der richtige ... ging mir irgendwie zu schnell. Anbei ein neuer ... Neustart und einen erneuten Durchlauf mach ich später, da gerade ein weiterer Scanner läuft. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 28.01.2015 Scan Time: 17:51:51 Logfile: mbas.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.01.28.07 Rootkit Database: v2015.01.14.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Olaf Scan Type: Custom Scan Result: Completed Objects Scanned: 596029 Time Elapsed: 1 hr, 31 min, 59 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir, Quarantined, [b7101ce0deaba393fb5b3cae7a8754ac], Physical Sectors: 0 (No malicious items detected) (end) Gerade Neustart gemacht. Meldung von Avast mit gefundenen rootkit kommt immer noch. mbas Log nach jetzigem Neustart gibts heute Mittag. |
|
29.01.2015, 12:12
| #8 |
| /// the machine /// TB-Ausbilder | Avast Rootkit Fehlalarm von Avast.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.01.2015, 13:10
| #9 |
| | Avast Rootkit Vielen Dank. Wie bekomme ich die lässtige Meldung nach jedem Neustart weg? Das entsprechende Programm deinstallieren? Nutze es sowieso nicht. |
|
29.01.2015, 17:24
| #10 |
| /// the machine /// TB-Ausbilder | Avast Rootkit Ja, oder bei Avast melden damit die das beheben können 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2015, 17:55
| #11 |
| | Avast Rootkit Ich habe das Programm gelöscht. |
|
31.01.2015, 11:27
| #12 |
| /// the machine /// TB-Ausbilder | Avast Rootkit Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Avast Rootkit |
| antivirus, avast, browser, chromium, defender, entfernen, flash player, google, helper, home, homepage, iexplore.exe, mozilla, programm, realtek, registry, rootkit, rundll, scan, security, services.exe, software, svchost.exe, system, temp, windows |
Linear-Darstellung
