| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Tastertur schreibt rückwärts / Desktop spielt verrücktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.01.2015, 17:13
| #1 |
| |  Tastertur schreibt rückwärts / Desktop spielt verrückt Guten Abend Zusammen, ich bin neu hier im Forum. Also bitte seit nicht ganz so streng mit mir :-) Ich habe folgendes Problem...nach unbestimmter Zeit spielt mein PC irgendwie verrückt. Wenn ich im Browser oder sonst wo etwas schreiben will, schreibe ich plötzlich alles rückwärts (von rechts nach links) quasi in Spiegelschrift. Weiterhin beobachte ich, das wenn ich irgendein Symbol auf dem Desktop anklicken,sich immer das Programm welches hinter dem in der Linken oberen Ecke befindliche Desktopsymbol verlinkt ist öffnet. Einige Downloads werden nicht vollständig abgeschlossen... Ich nutze Kaspersky, das Programm hat nichts gefunden. Ich habe bereits diverse andere Programme benutzt um meinen PC zu überprüfen. Kein Programm findet etwas... Was könnte das sein? Nach einem PC Neustart funktioniert dann meistens alles wieder nochmal bis auf unbestimmte Zeit. Ich hoffe Ihr habt einen Tipp für mich. Gruß Stefan |
|
29.01.2015, 17:53
| #2 |
| /// the machine /// TB-Ausbilder    | Tastertur schreibt rückwärts / Desktop spielt verrückt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
29.01.2015, 18:20
| #3 |
| |  Tastertur schreibt rückwärts / Desktop spielt verrückt FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by Stefan (administrator) on STEFAN-PC on 29-01-2015 18:17:15
Running from F:\Downloads
Loaded Profiles: Stefan (Available profiles: Stefan)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Spotify Ltd) C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Mad Catz) C:\Program Files\Mad Catz\X-55 Rhino\X55_Rhino_Profiler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-11-05] (Realtek Semiconductor)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [X-55 Rhino] => C:\Program Files\Mad Catz\X-55 Rhino\X55_Rhino_Profiler.exe [86528 2014-04-11] (Mad Catz)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Run: [Spotify] => C:\Users\Stefan\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Run: [Spotify Web Helper] => C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\MountPoints2: {51d2c6ce-6504-11e4-b9d5-806e6f6e6963} - I:\DVDSetup.exe
HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\MountPoints2: {e4c72d55-6513-11e4-b495-806e6f6e6963} - I:\dvdcheck.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-304583724-483401485-1721918428-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default
FF Homepage: hxxp://www.google.de
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> H:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Media Hint - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default\Extensions\mediahint@jetpack.xpi [2014-11-18]
FF Extension: Password Exporter - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2014-11-05]
FF Extension: Adblock Plus - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\u6q5rc6m.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-11-05]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 PAExec; C:\Windows\PAExec.exe [190464 2014-11-25] (Power Admin LLC) [File not signed]
S4 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SkypeUpdate; H:\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-11-20] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2014-11-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-11-20] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 Said2215; C:\Windows\System32\DRIVERS\Said2215.sys [25280 2014-03-06] (Saitek)
R3 Saida215; C:\Windows\System32\DRIVERS\Saida215.sys [25280 2014-03-06] (Saitek)
R3 SaiG2215; C:\Windows\System32\DRIVERS\SaiG2215.sys [179904 2014-03-06] (Saitek)
R3 SaiGa215; C:\Windows\System32\DRIVERS\SaiGa215.sys [179904 2014-03-06] (Saitek)
S3 SaiK0762; C:\Windows\System32\DRIVERS\SaiK0762.sys [179872 2014-08-05] (Saitek)
S3 SaiK0836; C:\Windows\System32\DRIVERS\SaiK0836.sys [131584 2008-09-12] (Saitek)
R3 SaiK2215; C:\Windows\System32\DRIVERS\SaiK2215.sys [179904 2014-03-06] (Saitek)
R3 SaiKa215; C:\Windows\System32\DRIVERS\SaiKa215.sys [179904 2014-03-06] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24040 2014-03-06] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [51560 2014-03-06] (Saitek)
S3 MSICDSetup; \??\I:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\I:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-29 18:17 - 2015-01-29 18:17 - 00000000 ____D () C:\FRST
2015-01-29 17:00 - 2015-01-29 17:04 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-29 16:57 - 2015-01-29 17:04 - 00000000 ____D () C:\Users\Stefan\Desktop\mbar
2015-01-27 08:38 - 2015-01-27 08:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-22 23:14 - 2015-01-22 23:19 - 00000000 ____D () C:\Users\Stefan\Desktop\Char
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\Users\Stefan\Documents\Simply Super Software
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Simply Super Software
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-01-22 22:39 - 2015-01-22 22:39 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-01-22 19:42 - 2015-01-22 19:42 - 00000518 _____ () C:\Users\Stefan\Downloads\LAPD.asx
2015-01-22 19:35 - 2015-01-22 19:35 - 00042983 _____ () C:\Users\Stefan\Downloads\handling.dat
2015-01-22 18:44 - 2015-01-22 18:44 - 00000000 ____D () C:\Users\Stefan\Downloads\1ChikamruRealTraffic
2015-01-22 18:43 - 2015-01-22 18:43 - 00433384 _____ () C:\Users\Stefan\Downloads\1ChikamruRealTraffic.rar
2015-01-22 18:41 - 2015-01-22 18:41 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Take-Two_Interactive_Soft
2015-01-22 18:34 - 2015-01-22 18:34 - 00642712 _____ (Microsoft Corporation) C:\Users\Stefan\Downloads\gfwlive35setup.exe
2015-01-22 18:34 - 2015-01-22 18:34 - 00000000 ____D () C:\Users\Stefan\Documents\Games for Windows - LIVE Demos
2015-01-22 18:34 - 2015-01-22 18:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-01-21 23:29 - 2015-01-21 23:29 - 00000201 _____ () C:\Users\Stefan\Desktop\Grand Theft Auto IV.url
2015-01-21 23:07 - 2015-01-21 23:07 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2015-01-21 22:57 - 2015-01-21 22:57 - 00000000 ____D () C:\Users\Stefan\Documents\Rockstar Games
2015-01-21 22:50 - 2015-01-21 22:50 - 00000000 __SHD () C:\ProgramData\SecuROM
2015-01-21 22:49 - 2015-01-22 18:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-01-21 22:49 - 2015-01-21 22:49 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2015-01-21 22:49 - 2015-01-21 22:49 - 00000000 __RHD () C:\Users\Stefan\AppData\Roaming\SecuROM
2015-01-21 22:49 - 2015-01-21 22:49 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2015-01-21 22:49 - 2015-01-21 22:49 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Rockstar Games
2015-01-21 21:41 - 2015-01-21 21:43 - 00000000 ____D () C:\AdwCleaner
2015-01-21 21:35 - 2015-01-29 17:00 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 21:35 - 2015-01-29 16:57 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-21 21:35 - 2015-01-21 21:35 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-21 21:35 - 2015-01-21 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-21 21:35 - 2015-01-21 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 21:35 - 2015-01-21 21:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-21 21:35 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-21 21:35 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-21 17:32 - 2015-01-21 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsPassengersX
2015-01-20 22:08 - 2015-01-20 22:08 - 00001055 _____ () C:\Users\Stefan\Desktop\767-300 FSX Configuration Manager.lnk
2015-01-20 22:07 - 2015-01-20 22:07 - 00002048 _____ () C:\Windows\ld767fsx.lic
2015-01-20 15:32 - 2015-01-20 15:32 - 00003005 _____ () C:\Users\Stefan\Desktop\X-55 Rhino.lnk
2015-01-20 15:32 - 2015-01-20 15:32 - 00000000 ____D () C:\Program Files\Mad Catz
2015-01-20 13:46 - 2015-01-20 13:46 - 00000000 _____ () C:\Windows\system32\msi_drv_dmp.txt
2015-01-20 13:21 - 2015-01-20 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSDG
2015-01-19 23:10 - 2015-01-20 11:50 - 00001328 _____ () C:\FSUIPC_reg.bin
2015-01-19 22:34 - 2015-01-19 22:34 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyTampa
2015-01-19 21:53 - 2015-01-19 21:53 - 00000656 _____ () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2015-01-19 21:10 - 2015-01-19 21:10 - 00000061 ___SH () C:\Windows\cnerolf.dat
2015-01-19 21:08 - 2015-01-20 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software
2015-01-19 21:08 - 2015-01-19 21:08 - 00000879 _____ () C:\Users\Stefan\Desktop\767-300 Configuration Manager.lnk
2015-01-19 21:07 - 2015-01-19 21:07 - 00002048 _____ () C:\Windows\lvld67.lic
2015-01-19 10:05 - 2015-01-19 10:07 - 00000676 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall .lnk
2015-01-19 09:43 - 2015-01-19 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vasFMC MSFS Gauge
2015-01-19 01:08 - 2015-01-22 22:39 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-19 01:07 - 2015-01-19 01:07 - 00000199 _____ () C:\Users\Stefan\QualityWings_Ultimate 757 Collection.reg
2015-01-19 00:51 - 2015-01-19 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QualityWings
2015-01-19 00:39 - 2015-01-21 21:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-19 00:39 - 2015-01-19 00:42 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-19 00:39 - 2015-01-19 00:39 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-19 00:39 - 2015-01-19 00:39 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-19 00:39 - 2015-01-19 00:39 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-01-19 00:39 - 2015-01-19 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-19 00:39 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-01-19 00:19 - 2015-01-19 00:19 - 00000181 _____ () C:\Users\Stefan\FSDreamTeam_KLAS.reg
2015-01-19 00:14 - 2015-01-19 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlyTampa
2015-01-15 18:01 - 2015-01-15 18:01 - 00000648 _____ () C:\Users\Stefan\Desktop\FS Global Real Weather.lnk
2015-01-15 17:46 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-15 17:45 - 2015-01-15 17:45 - 00000884 _____ () C:\Users\Public\Desktop\AESHelp.lnk
2015-01-14 23:37 - 2015-01-14 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSNavigator for FS2004
2015-01-14 23:01 - 2015-01-14 23:01 - 00000185 _____ () C:\Users\Stefan\FlightBeam_San Francisco X.reg
2015-01-14 22:38 - 2015-01-14 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vasFMC FS2004 Gauge
2015-01-14 22:38 - 2015-01-14 22:38 - 00000000 ____D () C:\Panel
2015-01-14 20:13 - 2015-01-14 20:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-01-14 17:20 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:20 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 17:20 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 17:20 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 17:20 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 17:20 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 17:20 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 17:20 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 17:20 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:20 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:20 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 17:20 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 00:34 - 2015-01-14 00:34 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Synchro-Soft EA GP7200 Soundset
2015-01-14 00:34 - 2015-01-14 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synchro-Soft EA GP7200 Soundset
2015-01-13 23:48 - 2015-01-13 23:48 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\France VFR and FlightScenery
2015-01-13 23:48 - 2015-01-13 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\France VFR and FlightScenery
2015-01-13 23:19 - 2015-01-14 17:35 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\France VFR
2015-01-13 22:41 - 2015-01-13 22:41 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMS_FMMI07
2015-01-13 22:41 - 2015-01-13 22:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMS_FMMI07
2015-01-13 22:06 - 2015-01-28 15:58 - 00000000 ____D () C:\Users\Stefan\Documents\Flight Simulator-Dateien
2015-01-13 22:04 - 2015-01-28 15:58 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-13 22:04 - 2015-01-13 22:04 - 00000930 _____ () C:\Users\Stefan\Desktop\FS2004.lnk
2015-01-13 22:04 - 2015-01-13 22:04 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-01-13 20:00 - 2015-01-13 20:00 - 00000210 _____ () C:\Users\Stefan\Desktop\Neues Textdokument (2).txt
2015-01-09 17:44 - 2015-01-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H&S Design EC135 X
2015-01-08 20:33 - 2015-01-08 20:33 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\4X_DATA
2015-01-07 19:23 - 2015-01-07 19:26 - 00000000 ____D () C:\Users\Stefan\Desktop\Motorflug Rechnung
2015-01-06 17:36 - 2015-01-27 08:25 - 00062976 _____ () C:\Users\Stefan\Desktop\Stundennachweis 2015.xls
2015-01-01 17:24 - 2015-01-01 17:24 - 00000000 ____D () C:\Users\Stefan\AppData\Local\VAFinancials
2014-12-31 16:52 - 2014-12-31 16:52 - 00000521 _____ () C:\Users\Stefan\Desktop\VAFS5.lnk
2014-12-31 16:52 - 2014-12-31 16:52 - 00000000 ___HD () C:\Program Files (x86)\InstallJammer Registry
2014-12-31 16:52 - 2014-12-31 16:52 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAFS5
2014-12-30 18:24 - 2014-12-30 18:24 - 00000533 _____ () C:\Users\Stefan\Desktop\vasFMC.lnk
2014-12-30 18:24 - 2014-12-30 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vasFMC
2014-12-30 18:00 - 2014-12-30 18:00 - 00000952 _____ () C:\Users\Public\Desktop\AESHelp for FSX.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-29 18:14 - 2014-12-02 19:44 - 00000925 _____ () C:\Users\Stefan\Desktop\FTX Central.lnk
2015-01-29 18:14 - 2014-11-25 17:22 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orbx
2015-01-29 18:12 - 2014-11-05 19:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-29 17:57 - 2014-11-05 17:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-01-29 17:19 - 2014-11-29 02:04 - 00000000 ____D () C:\Users\Stefan\Documents\Flight Simulator X-Dateien
2015-01-29 17:01 - 2011-04-12 08:43 - 02779976 _____ () C:\Windows\system32\perfh007.dat
2015-01-29 17:01 - 2011-04-12 08:43 - 00796182 _____ () C:\Windows\system32\perfc007.dat
2015-01-29 17:01 - 2009-07-14 06:13 - 00006474 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-29 17:01 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-29 17:01 - 2009-07-14 05:45 - 00031680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-29 16:57 - 2014-11-05 17:00 - 01534412 _____ () C:\Windows\WindowsUpdate.log
2015-01-29 16:56 - 2014-11-05 18:56 - 00006467 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-29 16:55 - 2014-11-29 17:07 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Spotify
2015-01-29 16:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-29 16:54 - 2009-07-14 05:51 - 00184190 _____ () C:\Windows\setupact.log
2015-01-28 18:12 - 2014-12-01 20:48 - 00000000 ____D () C:\Users\Stefan\Documents\ProfileCache
2015-01-28 18:08 - 2014-12-01 20:48 - 00000000 ____D () C:\Users\Stefan\Documents\The Crew
2015-01-28 15:54 - 2014-11-05 19:13 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\TS3Client
2015-01-28 11:14 - 2014-11-27 12:28 - 00000000 ____D () C:\Users\Stefan\Documents\Plan-G Files
2015-01-28 09:45 - 2014-11-05 17:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 17:32 - 2014-11-06 00:27 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-27 17:09 - 2014-11-05 19:20 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-27 17:09 - 2014-11-05 19:20 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-27 17:09 - 2014-11-05 19:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-27 08:22 - 2014-11-29 17:08 - 00000000 ____D () C:\Users\Stefan\AppData\Local\Spotify
2015-01-22 22:27 - 2014-11-05 19:26 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\vlc
2015-01-21 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-21 22:49 - 2014-11-05 20:11 - 00706734 _____ () C:\Windows\DirectX.log
2015-01-21 22:49 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-21 22:16 - 2014-11-05 18:01 - 00019301 _____ () C:\Windows\IE11_main.log
2015-01-21 21:44 - 2010-11-21 04:47 - 00057208 _____ () C:\Windows\PFRO.log
2015-01-21 18:40 - 2014-12-28 23:45 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Skype
2015-01-20 22:08 - 2014-12-26 10:27 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software
2015-01-20 22:07 - 2014-11-05 21:27 - 00000000 ____D () C:\Flight One Software
2015-01-20 15:18 - 2014-11-06 22:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-01-19 23:04 - 2014-12-26 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimMarket
2015-01-19 17:22 - 2014-11-05 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2015-01-19 17:22 - 2014-11-05 17:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-19 09:06 - 2009-07-14 05:45 - 00302168 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-19 01:08 - 2014-11-05 17:02 - 00070232 _____ () C:\Users\Stefan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-19 01:07 - 2014-11-05 17:00 - 00000000 ____D () C:\Users\Stefan
2015-01-19 01:05 - 2014-11-05 22:16 - 00000000 ____D () C:\ProgramData\Esellerate
2015-01-15 18:06 - 2014-12-20 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IVAO
2015-01-15 00:36 - 2014-11-05 17:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 00:34 - 2014-11-05 17:20 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 17:35 - 2014-12-16 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\France VFR
2015-01-12 20:37 - 2014-11-05 23:54 - 00000000 ____D () C:\Users\Public\Documents\PFPX Data
2015-01-12 15:46 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-04 18:32 - 2014-12-16 15:07 - 00000000 ____D () C:\Users\Stefan\AppData\Roaming\RAASPRO
2015-01-04 16:37 - 2014-11-27 12:28 - 00000000 ____D () C:\Users\Stefan\AppData\Local\GMap.NET
2015-01-01 17:09 - 2014-11-24 18:26 - 00073216 _____ () C:\Users\Stefan\Desktop\Stundennachweis 2014 Bradtke.xls
==================== Files in the root of some directories =======
2014-11-05 17:07 - 2014-11-05 18:55 - 0000000 _____ () C:\Users\Stefan\AppData\Local\Driver_LOM_8161Present.flag
2014-11-27 12:28 - 2014-11-27 12:28 - 0000085 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Files to move or delete:
====================
C:\Users\Stefan\FlightBeam_San Francisco X.reg
C:\Users\Stefan\FSDreamTeam_GSX.reg
C:\Users\Stefan\FSDreamTeam_KLAS.reg
C:\Users\Stefan\QualityWings_Ultimate 757 Collection.reg
Some content of TEMP:
====================
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Stefan\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Stefan\AppData\Local\Temp\Quarantine.exe
C:\Users\Stefan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-27 09:52
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by Stefan at 2015-01-29 18:17:25
Running from F:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
777 Immersion (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\00e2719abe02a8af) (Version: 1.0.0.27 - OldProp Solutions Inc)
A2A C172 Trainer for FSX (HKLM-x32\...\A2A C172 Trainer for FSX) (Version: - )
Active Sky Next for FSX SP1B (HKLM-x32\...\{F1AE1E08-5094-46AD-AA4D-670C482723B2}_is1) (Version: 1.0.5410.16208 - HiFi Technologies, Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{755DDD59-9690-4F1A-BE9C-D39BDCFA77C9}) (Version: 12.1.3.153 - Adobe Systems, Inc)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.20 - Aerosoft)
Aerosoft's - Airbus X Extended - FSX (HKLM-x32\...\Airbus X Extended - FSX) (Version: 1.16 - Aerosoft)
Aerosoft's - Diamond DA20-100 Katana 4X (HKLM-x32\...\{974BF461-4D2C-448A-B05B-502AEA41B7FB}) (Version: 1.04 - Aerosoft)
Aerosoft's - Huey X - FSX (HKLM-x32\...\Huey X - FSX) (Version: 1.20 - )
aerosoft's - Maldives X (HKLM-x32\...\{17BA8B2D-BF89-4D10-B9D1-1CC5F322A6BB}) (Version: 1.02 - aerosoft)
aerosoft's - Mega Airport Dublin - FS9 (HKLM-x32\...\{3BCDDB83-BC42-4AEF-BBDF-E928A8368817}) (Version: 1.00 - aerosoft)
aerosoft's - Mega Airport Paris CDG (HKLM-x32\...\{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}) (Version: 1.00 - aerosoft)
aerosoft's - Professional Flight Planner X (HKLM-x32\...\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}) (Version: 1.18 - aerosoft)
Aerosoft's - Seychelles X - FSX (HKLM-x32\...\Seychelles X - FSX) (Version: 1.00 - Aerosoft)
Aerosoft's - Twin Otter X Extended - FSX (HKLM-x32\...\Twin Otter X Extended - FSX) (Version: 1.11 - Aerosoft)
Africa Greatest Airports Nairobi (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Africa Greatest Airports Nairobi) (Version: - )
Airports of REUNION (HKLM-x32\...\Airports of REUNION) (Version: - )
AivlaSoft EFB (HKLM-x32\...\AivlaSoft EFB) (Version: 1.5.1 - AivlaSoft GmbH)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
AMS_FMMI07 (HKLM-x32\...\AMS_FMMI07) (Version: - )
ASConnect for FSX Installer (HKLM-x32\...\{7E1270D4-42C4-49A4-9EC4-3300D2E47331}_is1) (Version: 1.0.5410.16224 - HiFi Technologies, Inc.)
Autogen REUNION (HKLM-x32\...\Autogen REUNION) (Version: - )
BDOaviation - Juanda FSX (HKLM-x32\...\FSX_BDOaviation_Juanda_FSX_is1) (Version: 1.0.0.0 - SimMarket)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version: - )
Carenado C208B Grand Caravan (HKLM-x32\...\Carenado C208B Grand Caravan) (Version: 1.00.00.00 - Carenado)
Death Valley (HKLM-x32\...\Death Valley) (Version: - )
Death Valley MESH (HKLM-x32\...\Death Valley MESH) (Version: - )
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
EZdok Camera for Microsoft Flight Simulator X (HKLM-x32\...\EZdok Camera for Microsoft Flight Simulator X) (Version: - )
Farming Simulator 15 (HKLM-x32\...\Steam App 313160) (Version: - Giants Software)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: - )
FlightBeam San Francisco International FS9 2.0.1 (HKLM-x32\...\FlightBeam San Francisco International FS9_is1) (Version: - )
FlightParis AutogenPack (HKLM-x32\...\FlightParis AutogenPack) (Version: - )
FlightParis BasePack (HKLM-x32\...\FlightParis BasePack) (Version: - )
FlightParis CityPack (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\FlightParis CityPack) (Version: - )
Flux Player (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Flux Player) (Version: 4.2.1.4214 - )
FS2Crew: Aerosoft Airbus X Button Control (HKLM-x32\...\FS2Crew: Aerosoft Airbus X Button Control) (Version: - )
FS2Crew: Emergency NGX! (HKLM-x32\...\FS2Crew: Emergency NGX!) (Version: - )
FS2Crew: PMDG 737 NGX Edition (HKLM-x32\...\FS2Crew: PMDG 737 NGX Edition) (Version: - )
FS2Crew: PMDG 777 (HKLM-x32\...\FS2Crew: PMDG 777) (Version: - )
FSDG's - Ayers Rock X - FSX (HKLM-x32\...\Ayers Rock X - FSX) (Version: 1.00 - FSDG)
FSDreamTeam GSX FSX (HKLM-x32\...\FSDreamTeam GSX FSX_is1) (Version: 1.9.0.3 - VIRTUALI Sagl)
FSDreamTeam Las Vegas McCarran FS9 1.1 (HKLM-x32\...\FSDreamTeam Las Vegas McCarran FS9_is1) (Version: - )
FSGenesis North America Terrain Mesh for FSX -- Eastern Rockies (HKLM-x32\...\North America Terrain Mesh for FSX -- Eastern Rockies2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Northeast (HKLM-x32\...\North America Terrain Mesh for FSX -- Northeast2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Plains (HKLM-x32\...\North America Terrain Mesh for FSX -- Plains2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Southeast (HKLM-x32\...\North America Terrain Mesh for FSX -- Southeast2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- West Coast (HKLM-x32\...\North America Terrain Mesh for FSX -- West Coast2.0.0) (Version: 2.0.0 - FSGenesis)
FSGenesis North America Terrain Mesh for FSX -- Western Rockies (HKLM-x32\...\North America Terrain Mesh for FSX -- Western Rockies2.0.0) (Version: 2.0.0 - FSGenesis)
FSNavigator (HKLM-x32\...\{2F76FF6D-B992-4FD9-8686-F09F868B2C58}) (Version: 4.7 - FSNavigator team)
Grand Canyon & KGCN V2 (HKLM-x32\...\Grand Canyon & KGCN V2) (Version: - )
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Instant Scenery (HKLM-x32\...\instant scenery2) (Version: 2.03 - Flight1 Software)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{94A137EA-92EF-441C-A7E2-6757CC08EA82}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
IvAp v1.6.0 b2785 (HKLM-x32\...\IvAp_is1) (Version: - International Virtual Aviation Organisation VZW/ASBL)
IvAp v2.0.2 (build 2773) (HKLM-x32\...\IvAp-v2_is1) (Version: - IVAO)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
KLIA FSX (HKLM-x32\...\FSX_A_A_SCENERIES_KLIA_is1) (Version: 1.0.0.0 - SimMarket)
La Réunion FullHD (HKLM-x32\...\La Réunion FullHD) (Version: - )
Level-D 767-300 for FSX (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Level-D 767-300 for FSX) (Version: - )
Level-D Simulations 767-300 (HKLM-x32\...\Level-D Simulations 767-300) (Version: - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maps2Bgl 2.6b Beta FSX-Version (HKLM-x32\...\Maps2Bgl_X_is1) (Version: - Gunnar Daehling)
Mayotte (HKLM-x32\...\Mayotte) (Version: - )
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ESP SimConnect Client v1.0.20.0 (HKLM-x32\...\{C0A9FCC1-9725-4679-8AC2-FE501B139B63}) (Version: 1.0.20.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration SDK (HKLM-x32\...\{CF56984D-35C6-4ADB-9075-394978A427FB}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NavDataPro (HKLM-x32\...\NavDataPro) (Version: 1.0.2.0 - Aerosoft GmbH)
NEXTMesh France FSX (HKLM-x32\...\NEXTMesh France FSX) (Version: - )
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Overland - World Airlines (Airbus) (HKLM-x32\...\{BA62F8D6-D795-4CD2-BECF-C7DCC3508AC5}) (Version: 1.00.0000 - Overland Co.,Ltd.)
Overland - World Airlines for FSX (Airbus) (HKLM-x32\...\{CB71DCD9-6D02-4FB4-A81F-27415DA07007}) (Version: 1.00.0000 - Overland)
Plan-G v3.1.1 Version 3.1.1 (HKLM-x32\...\{BC13ABF2-2C08-42A6-A5C4-AFCE666ABE58}_is1) (Version: 3.1.1 - TA Studio)
PMDG 737 8900 NGX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.00.3219 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PMDG 777-300ER Expansion (HKLM-x32\...\{E65EFDE6-0864-40BA-8DDF-E31F736D9000}) (Version: 1.10.6155 - PMDG Simulations, LLC.)
PrecipitFX (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\ef10d9a45bf46eb5) (Version: 1.2.0.13 - OldProp Solutions Inc)
Prepar3D v2 Academic Bundle (x32 Version: 2.4.11570.0 - Lockheed Martin) Hidden
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
QualityWings Ultimate 757 Collection FS9 1.3 (HKLM-x32\...\QualityWings Ultimate 757 Collection FS9_is1) (Version: - )
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version: - )
RAAS Professional by FS2Crew (UNLOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (UNLOCKED)) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
REX 4 - Texture Direct with SP2 (HKLM-x32\...\{438D594B-17CF-4E9F-81AA-182B0A67D7B4}) (Version: 4.2.2014.0520 - REX Game Studios, LLC.)
REX Essential Plus (HKLM-x32\...\REX Essential Plus 3.2.2013.0415) (Version: 3.2.2013.0415 - REX Game Studios)
REX Essential Plus (x32 Version: 3.2.2013.0415 - REX Game Studios) Hidden
SBuilderX313 (HKLM-x32\...\{E947C6F0-20AD-4A8F-823F-ADC1251FBE45}) (Version: 3.1.3 - PTSim)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Spotify (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synchro-Soft EA GP7200 Soundset (HKLM-x32\...\Synchro-Soft EA GP7200 Soundset) (Version: - )
T2G Orlando International Airport (HKLM-x32\...\FS9_T2G_KMCO_FS9_is1) (Version: 1.0.0.0 - SimMarket)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
TOPCAT 2.74 Beta 1 - Take-Off and Landing Performance Calculation Tool (HKLM-x32\...\TOPCAT) (Version: 2.74 Beta 1 - FSS GmbH)
Trojan Remover 6.9.1 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1 - Simply Super Software)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VAFS5 (HKLM-x32\...\309E6243-31FB-434E-9FF5-9AFEB1542DAD) (Version: 5.1.1.20 - VAFINANCIALS)
vasFMC 1.10 (HKLM-x32\...\vasFMC_is1) (Version: - Alex Wemmer <alex@wemmer.at>)
vasFMC 2.0a9 (HKLM-x32\...\vasFMC FS2004 Gauge_is1) (Version: - VAS Project <contact@vas-project.org>)
vasFMC 2.1 (HKLM-x32\...\vasFMC MSFS Gauge_is1) (Version: - VAS Project <contact@vas-project.org>)
VHHH-FSX (HKLM-x32\...\T2G_VHHH_is1) (Version: 1.0.0.0 - SimMarket)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
vPilot (HKU\S-1-5-21-304583724-483401485-1721918428-1000\...\vPilot) (Version: 1.1.5365.23193 - Ross Carlson)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WSSS Singapore FSX (HKLM-x32\...\{2093D803-387A-47D8-B271-7B53CF2EBED3}) (Version: 1.0.0 - Imagine Simulation)
X-55 Rhino (HKLM\...\{0BE6604F-766C-46AF-92C8-D4DFD65FFEBE}) (Version: 7.0.33.91 - Mad Catz Inc)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
16-01-2015 18:48:12 Installiert Mega Airport Dublin - FS9
19-01-2015 01:11:12 Installed KATL Atlanta FS2004
19-01-2015 17:22:08 Installiert Mega Airport Paris CDG
19-01-2015 17:22:15 Installiert Mega Airport Paris CDG
20-01-2015 15:16:00 Removed Saitek DirectOutput 6.2.2.4
20-01-2015 15:17:45 Removed X-55 Rhino
21-01-2015 21:39:06 Windows Update
21-01-2015 22:01:44 Windows Update
21-01-2015 22:49:06 DirectX wurde installiert
21-01-2015 22:49:18 DirectX wurde installiert
21-01-2015 22:49:27 DirectX wurde installiert
21-01-2015 23:07:05 Installed Windows Live ID Sign-in Assistant
21-01-2015 23:07:12 Installed Microsoft Games for Windows - LIVE Redistributable
29-01-2015 14:16:07 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14BE5C7E-7CEE-43AB-B27E-F59CBB641C60} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3C11E257-529F-442D-9123-93A1DA65F7B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {A0256483-D1F8-49E6-BAF5-0375E2CD817D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-27] (Adobe Systems Incorporated)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {D7B2F413-9092-43A1-A522-0FCA32E325B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {F62C351E-1321-4BD5-B0CA-CB104C0D35BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-11-25 12:14 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-25 16:01 - 2014-08-25 16:01 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-08-25 16:01 - 2014-08-25 16:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-08-25 16:01 - 2014-08-25 16:01 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-25 16:01 - 2014-08-25 16:01 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-04-17 11:02 - 2014-04-17 11:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-04-11 14:50 - 2014-04-11 14:50 - 12533760 _____ () C:\Program Files\Mad Catz\X-55 Rhino\Pr0fileEditor_Forms.dll
2014-04-11 14:50 - 2014-04-11 14:50 - 00299008 _____ () C:\Program Files\Mad Catz\X-55 Rhino\de\Pr0fileEditor_Forms.resources.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2015-01-19 00:39 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-19 00:39 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-19 00:39 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-19 00:39 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-19 00:39 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-09-03 11:03 - 2014-09-03 11:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-01-27 08:38 - 2015-01-27 08:38 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-30 17:12 - 2014-11-20 15:38 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 17:12 - 2014-11-20 15:38 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-08-30 17:12 - 2014-11-20 15:38 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:A1D5C6AA
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:EFD9810A
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-304583724-483401485-1721918428-500 - Administrator - Disabled)
Gast (S-1-5-21-304583724-483401485-1721918428-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-304583724-483401485-1721918428-1002 - Limited - Enabled)
Stefan (S-1-5-21-304583724-483401485-1721918428-1000 - Administrator - Enabled) => C:\Users\Stefan
==================== Faulty Device Manager Devices =============
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/29/2015 04:54:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2015 04:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2015 04:30:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EZCA.exe, Version: 1.1.7.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: USP10.dll, Version: 1.626.7601.18454, Zeitstempel: 0x5359c2c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00046147
ID des fehlerhaften Prozesses: 0xf14
Startzeit der fehlerhaften Anwendung: 0xEZCA.exe0
Pfad der fehlerhaften Anwendung: EZCA.exe1
Pfad des fehlerhaften Moduls: EZCA.exe2
Berichtskennung: EZCA.exe3
Error: (01/29/2015 03:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ASNext.exe, Version: 1.0.5410.16208, Zeitstempel: 0x544a85af
Name des fehlerhaften Moduls: mscorwks.dll, Version: 2.0.50727.5485, Zeitstempel: 0x53a121fa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001568cf
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xASNext.exe0
Pfad der fehlerhaften Anwendung: ASNext.exe1
Pfad des fehlerhaften Moduls: ASNext.exe2
Berichtskennung: ASNext.exe3
Error: (01/29/2015 03:54:45 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (61B6FB1E) (80131506).
Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (01/29/2015 04:56:43 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/29/2015 04:54:52 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/29/2015 04:54:51 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/29/2015 04:52:28 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/29/2015 04:52:26 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/29/2015 11:42:04 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/29/2015 11:40:43 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/28/2015 09:54:13 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/28/2015 09:54:13 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Error: (01/28/2015 09:48:00 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422
Microsoft Office Sessions:
=========================
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/29/2015 05:01:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (01/29/2015 04:54:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2015 04:52:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2015 04:30:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EZCA.exe1.1.7.02a425e19USP10.dll1.626.7601.184545359c2c9c000000500046147f1401d03bd7eeb4e075C:\Program Files (x86)\EZCA\EZCA.exeC:\Windows\syswow64\USP10.dllc5ecab1c-a7cb-11e4-8d49-448a5bcc6b74
Error: (01/29/2015 03:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASNext.exe1.0.5410.16208544a85afmscorwks.dll2.0.50727.548553a121fac0000005001568cf
Error: (01/29/2015 03:54:45 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (61B6FB1E) (80131506).
Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (01/29/2015 11:45:56 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
CodeIntegrity Errors:
===================================
Date: 2014-12-12 12:29:55.923
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 12:29:55.922
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 12:28:24.404
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-12 12:28:24.353
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 17:23:26.772
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 17:23:26.772
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 17:23:26.772
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 17:23:26.757
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 17:22:55.650
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-11-12 17:22:55.588
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 9%
Total physical RAM: 32719.71 MB
Available physical RAM: 29694.96 MB
Total Pagefile: 65437.6 MB
Available Pagefile: 62112.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.66 GB) (Free:117.49 GB) NTFS
Drive d: (FSX1) (Fixed) (Total:465.63 GB) (Free:336.32 GB) NTFS
Drive e: (FSX2) (Fixed) (Total:1000 GB) (Free:997.86 GB) NTFS
Drive f: (Daten) (Fixed) (Total:1000 GB) (Free:834.28 GB) NTFS
Drive g: (Spiele) (Fixed) (Total:1000 GB) (Free:819.14 GB) NTFS
Drive h: (Programme) (Fixed) (Total:726.02 GB) (Free:699.15 GB) NTFS
Drive i: (FSX DISK 1) (CDROM) (Total:4.2 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BC61B2CC)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Vielen Dank schonmal von mir! |
|
30.01.2015, 07:17
| #4 |
| /// the machine /// TB-Ausbilder | Tastertur schreibt rückwärts / Desktop spielt verrückt hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.01.2015, 12:32
| #5 |
| | Tastertur schreibt rückwärts / Desktop spielt verrücktCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.01.30.04
rootkit: v2015.01.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Stefan :: STEFAN-PC [administrator]
30.01.2015 12:22:01
mbar-log-2015-01-30 (12-22-01).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 355021
Time elapsed: 2 minute(s), 50 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:27:33.0162 0x17d4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:27:33.0162 0x17d4 UEFI system
12:27:37.0269 0x17d4 ============================================================
12:27:37.0270 0x17d4 Current date / time: 2015/01/30 12:27:37.0269
12:27:37.0270 0x17d4 SystemInfo:
12:27:37.0270 0x17d4
12:27:37.0270 0x17d4 OS Version: 6.1.7601 ServicePack: 1.0
12:27:37.0270 0x17d4 Product type: Workstation
12:27:37.0270 0x17d4 ComputerName: STEFAN-PC
12:27:37.0270 0x17d4 UserName: Stefan
12:27:37.0270 0x17d4 Windows directory: C:\Windows
12:27:37.0270 0x17d4 System windows directory: C:\Windows
12:27:37.0270 0x17d4 Running under WOW64
12:27:37.0270 0x17d4 Processor architecture: Intel x64
12:27:37.0270 0x17d4 Number of processors: 4
12:27:37.0270 0x17d4 Page size: 0x1000
12:27:37.0270 0x17d4 Boot type: Normal boot
12:27:37.0270 0x17d4 ============================================================
12:27:37.0659 0x17d4 KLMD registered as C:\Windows\system32\drivers\63604021.sys
12:27:37.0773 0x17d4 System UUID: {13EF58B7-F087-AE2C-91C3-39BB211E1FAF}
12:27:38.0004 0x17d4 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:27:38.0006 0x17d4 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:27:38.0007 0x17d4 Drive \Device\Harddisk2\DR2 - Size: 0x3A3817D6000 ( 3726.02 Gb ), SectorSize: 0x200, Cylinders: 0x76C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:27:38.0010 0x17d4 ============================================================
12:27:38.0010 0x17d4 \Device\Harddisk0\DR0:
12:27:38.0010 0x17d4 GPT partitions:
12:27:38.0010 0x17d4 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {26FD35FB-3E0A-4EA7-9DCC-DF8D7C6D8476}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
12:27:38.0010 0x17d4 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9C6EBDD4-A772-4745-9B0A-BFE518EF9A3A}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
12:27:38.0010 0x17d4 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BDF3D2A5-D3B3-4D3F-AA28-1D96E10D36D4}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D153000
12:27:38.0010 0x17d4 MBR partitions:
12:27:38.0010 0x17d4 \Device\Harddisk1\DR1:
12:27:38.0010 0x17d4 GPT partitions:
12:27:38.0011 0x17d4 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {46AC8BAA-B994-4BBF-A3B4-20746B5DEF0A}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:27:38.0011 0x17d4 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C21F73DE-37AC-4052-B888-9CAC15D53FD1}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x3A345000
12:27:38.0011 0x17d4 MBR partitions:
12:27:38.0011 0x17d4 \Device\Harddisk2\DR2:
12:27:38.0011 0x17d4 GPT partitions:
12:27:38.0012 0x17d4 \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {81CC1217-19FC-4238-9CD6-E6672FC12A08}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x7D000000
12:27:38.0012 0x17d4 \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E0B081CF-7CDB-431D-8E8A-033A08C79BE1}, Name: Basic data partition, StartLBA 0x7D000800, BlocksNum 0x7D000000
12:27:38.0012 0x17d4 \Device\Harddisk2\DR2\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B33F83A0-7AE1-40BA-BEA4-AA80C3D5DEAA}, Name: Basic data partition, StartLBA 0xFA000800, BlocksNum 0x7D000000
12:27:38.0012 0x17d4 \Device\Harddisk2\DR2\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D88A3E33-296E-4C6F-830C-533EDB3E96AA}, Name: Basic data partition, StartLBA 0x177000800, BlocksNum 0x5AC0A800
12:27:38.0012 0x17d4 MBR partitions:
12:27:38.0012 0x17d4 ============================================================
12:27:38.0012 0x17d4 C: <-> \Device\Harddisk0\DR0\Partition3
12:27:38.0013 0x17d4 D: <-> \Device\Harddisk1\DR1\Partition2
12:27:38.0032 0x17d4 E: <-> \Device\Harddisk2\DR2\Partition1
12:27:38.0170 0x17d4 F: <-> \Device\Harddisk2\DR2\Partition2
12:27:38.0201 0x17d4 G: <-> \Device\Harddisk2\DR2\Partition3
12:27:38.0220 0x17d4 H: <-> \Device\Harddisk2\DR2\Partition4
12:27:38.0220 0x17d4 ============================================================
12:27:38.0221 0x17d4 Initialize success
12:27:38.0221 0x17d4 ============================================================
12:28:52.0905 0x1b98 ============================================================
12:28:52.0905 0x1b98 Scan started
12:28:52.0905 0x1b98 Mode: Manual; SigCheck; TDLFS;
12:28:52.0905 0x1b98 ============================================================
12:28:52.0905 0x1b98 KSN ping started
12:29:02.0492 0x1b98 KSN ping finished: true
12:29:03.0239 0x1b98 ================ Scan system memory ========================
12:29:03.0239 0x1b98 System memory - ok
12:29:03.0239 0x1b98 ================ Scan services =============================
12:29:03.0274 0x1b98 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:29:03.0312 0x1b98 1394ohci - ok
12:29:03.0321 0x1b98 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:29:03.0329 0x1b98 ACPI - ok
12:29:03.0331 0x1b98 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:29:03.0337 0x1b98 AcpiPmi - ok
12:29:03.0340 0x1b98 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:29:03.0345 0x1b98 AdobeARMservice - ok
12:29:03.0359 0x1b98 [ A2A9C100FE1BE20A76C0B80D4CA44103, C34B4A31C8563E29EC6A3D318C40075F43C891C23D156F53EE2102C959B7887F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:29:03.0365 0x1b98 AdobeFlashPlayerUpdateSvc - ok
12:29:03.0373 0x1b98 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:29:03.0382 0x1b98 adp94xx - ok
12:29:03.0388 0x1b98 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:29:03.0396 0x1b98 adpahci - ok
12:29:03.0399 0x1b98 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:29:03.0405 0x1b98 adpu320 - ok
12:29:03.0408 0x1b98 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:29:03.0424 0x1b98 AeLookupSvc - ok
12:29:03.0432 0x1b98 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:29:03.0443 0x1b98 AFD - ok
12:29:03.0446 0x1b98 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:29:03.0451 0x1b98 agp440 - ok
12:29:03.0453 0x1b98 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:29:03.0459 0x1b98 ALG - ok
12:29:03.0461 0x1b98 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:29:03.0465 0x1b98 aliide - ok
12:29:03.0467 0x1b98 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:29:03.0471 0x1b98 amdide - ok
12:29:03.0473 0x1b98 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:29:03.0478 0x1b98 AmdK8 - ok
12:29:03.0480 0x1b98 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:29:03.0486 0x1b98 AmdPPM - ok
12:29:03.0489 0x1b98 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:29:03.0494 0x1b98 amdsata - ok
12:29:03.0498 0x1b98 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:29:03.0505 0x1b98 amdsbs - ok
12:29:03.0506 0x1b98 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:29:03.0511 0x1b98 amdxata - ok
12:29:03.0513 0x1b98 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:29:03.0528 0x1b98 AppID - ok
12:29:03.0530 0x1b98 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:29:03.0545 0x1b98 AppIDSvc - ok
12:29:03.0547 0x1b98 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:29:03.0553 0x1b98 Appinfo - ok
12:29:03.0557 0x1b98 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:29:03.0564 0x1b98 AppMgmt - ok
12:29:03.0566 0x1b98 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:29:03.0571 0x1b98 arc - ok
12:29:03.0574 0x1b98 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:29:03.0579 0x1b98 arcsas - ok
12:29:03.0586 0x1b98 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:29:03.0592 0x1b98 aspnet_state - ok
12:29:03.0594 0x1b98 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:29:03.0608 0x1b98 AsyncMac - ok
12:29:03.0610 0x1b98 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:29:03.0614 0x1b98 atapi - ok
12:29:03.0624 0x1b98 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:29:03.0638 0x1b98 AudioEndpointBuilder - ok
12:29:03.0647 0x1b98 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:29:03.0660 0x1b98 AudioSrv - ok
12:29:03.0666 0x1b98 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
12:29:03.0675 0x1b98 AVP15.0.1 - ok
12:29:03.0679 0x1b98 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:29:03.0687 0x1b98 AxInstSV - ok
12:29:03.0694 0x1b98 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:29:03.0704 0x1b98 b06bdrv - ok
12:29:03.0709 0x1b98 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:29:03.0717 0x1b98 b57nd60a - ok
12:29:03.0721 0x1b98 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:29:03.0727 0x1b98 BDESVC - ok
12:29:03.0728 0x1b98 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:29:03.0743 0x1b98 Beep - ok
12:29:03.0753 0x1b98 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:29:03.0766 0x1b98 BFE - ok
12:29:03.0769 0x1b98 [ 489F355FC5D33534195AA5E815146119, 85090C2C21353646952940D743C04C5BF1FF25CC565FE136644B565401A1C192 ] BfLwf C:\Windows\system32\DRIVERS\bflwfx64.sys
12:29:03.0774 0x1b98 BfLwf - ok
12:29:03.0785 0x1b98 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:29:03.0809 0x1b98 BITS - ok
12:29:03.0812 0x1b98 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:29:03.0818 0x1b98 blbdrive - ok
12:29:03.0820 0x1b98 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:29:03.0826 0x1b98 bowser - ok
12:29:03.0827 0x1b98 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:29:03.0833 0x1b98 BrFiltLo - ok
12:29:03.0835 0x1b98 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:29:03.0840 0x1b98 BrFiltUp - ok
12:29:03.0844 0x1b98 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:29:03.0851 0x1b98 Browser - ok
12:29:03.0856 0x1b98 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:29:03.0864 0x1b98 Brserid - ok
12:29:03.0867 0x1b98 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:29:03.0873 0x1b98 BrSerWdm - ok
12:29:03.0874 0x1b98 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:29:03.0880 0x1b98 BrUsbMdm - ok
12:29:03.0882 0x1b98 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:29:03.0886 0x1b98 BrUsbSer - ok
12:29:03.0888 0x1b98 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:29:03.0895 0x1b98 BTHMODEM - ok
12:29:03.0898 0x1b98 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:29:03.0913 0x1b98 bthserv - ok
12:29:03.0916 0x1b98 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:29:03.0931 0x1b98 cdfs - ok
12:29:03.0934 0x1b98 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:29:03.0941 0x1b98 cdrom - ok
12:29:03.0943 0x1b98 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:29:03.0958 0x1b98 CertPropSvc - ok
12:29:03.0960 0x1b98 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:29:03.0967 0x1b98 circlass - ok
12:29:03.0974 0x1b98 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:29:03.0982 0x1b98 CLFS - ok
12:29:03.0986 0x1b98 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:29:03.0990 0x1b98 clr_optimization_v2.0.50727_32 - ok
12:29:03.0994 0x1b98 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:29:03.0999 0x1b98 clr_optimization_v2.0.50727_64 - ok
12:29:04.0006 0x1b98 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:29:04.0012 0x1b98 clr_optimization_v4.0.30319_32 - ok
12:29:04.0015 0x1b98 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:29:04.0022 0x1b98 clr_optimization_v4.0.30319_64 - ok
12:29:04.0024 0x1b98 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:29:04.0029 0x1b98 CmBatt - ok
12:29:04.0031 0x1b98 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:29:04.0035 0x1b98 cmdide - ok
12:29:04.0039 0x1b98 [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
12:29:04.0045 0x1b98 cm_km_w - ok
12:29:04.0052 0x1b98 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:29:04.0063 0x1b98 CNG - ok
12:29:04.0065 0x1b98 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:29:04.0069 0x1b98 Compbatt - ok
12:29:04.0071 0x1b98 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:29:04.0077 0x1b98 CompositeBus - ok
12:29:04.0078 0x1b98 COMSysApp - ok
12:29:04.0080 0x1b98 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:29:04.0085 0x1b98 crcdisk - ok
12:29:04.0089 0x1b98 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:29:04.0096 0x1b98 CryptSvc - ok
12:29:04.0104 0x1b98 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:29:04.0115 0x1b98 CSC - ok
12:29:04.0124 0x1b98 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:29:04.0137 0x1b98 CscService - ok
12:29:04.0145 0x1b98 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:29:04.0165 0x1b98 DcomLaunch - ok
12:29:04.0171 0x1b98 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:29:04.0189 0x1b98 defragsvc - ok
12:29:04.0191 0x1b98 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:29:04.0207 0x1b98 DfsC - ok
12:29:04.0212 0x1b98 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:29:04.0221 0x1b98 Dhcp - ok
12:29:04.0223 0x1b98 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:29:04.0238 0x1b98 discache - ok
12:29:04.0240 0x1b98 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:29:04.0245 0x1b98 Disk - ok
12:29:04.0247 0x1b98 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:29:04.0253 0x1b98 dmvsc - ok
12:29:04.0256 0x1b98 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:29:04.0263 0x1b98 Dnscache - ok
12:29:04.0268 0x1b98 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:29:04.0285 0x1b98 dot3svc - ok
12:29:04.0288 0x1b98 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:29:04.0304 0x1b98 DPS - ok
12:29:04.0306 0x1b98 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:29:04.0310 0x1b98 drmkaud - ok
12:29:04.0323 0x1b98 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:29:04.0338 0x1b98 DXGKrnl - ok
12:29:04.0341 0x1b98 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:29:04.0357 0x1b98 EapHost - ok
12:29:04.0394 0x1b98 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:29:04.0439 0x1b98 ebdrv - ok
12:29:04.0443 0x1b98 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:29:04.0449 0x1b98 EFS - ok
12:29:04.0459 0x1b98 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:29:04.0473 0x1b98 ehRecvr - ok
12:29:04.0476 0x1b98 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:29:04.0482 0x1b98 ehSched - ok
12:29:04.0490 0x1b98 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:29:04.0500 0x1b98 elxstor - ok
12:29:04.0502 0x1b98 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:29:04.0506 0x1b98 ErrDev - ok
12:29:04.0514 0x1b98 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:29:04.0533 0x1b98 EventSystem - ok
12:29:04.0537 0x1b98 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:29:04.0554 0x1b98 exfat - ok
12:29:04.0558 0x1b98 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:29:04.0575 0x1b98 fastfat - ok
12:29:04.0584 0x1b98 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:29:04.0598 0x1b98 Fax - ok
12:29:04.0600 0x1b98 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:29:04.0605 0x1b98 fdc - ok
12:29:04.0606 0x1b98 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:29:04.0621 0x1b98 fdPHost - ok
12:29:04.0623 0x1b98 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:29:04.0638 0x1b98 FDResPub - ok
12:29:04.0640 0x1b98 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:29:04.0645 0x1b98 FileInfo - ok
12:29:04.0647 0x1b98 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:29:04.0662 0x1b98 Filetrace - ok
12:29:04.0677 0x1b98 [ 73081CF28F0AE20A52CA4F67CEE6E6B0, 806C769F3638D25FF1892C7223E7250AA3B9F627DF3AD83BC5AE1FEF7016F86A ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:29:04.0692 0x1b98 FLEXnet Licensing Service - ok
12:29:04.0694 0x1b98 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:29:04.0700 0x1b98 flpydisk - ok
12:29:04.0705 0x1b98 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:29:04.0712 0x1b98 FltMgr - ok
12:29:04.0727 0x1b98 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:29:04.0747 0x1b98 FontCache - ok
12:29:04.0750 0x1b98 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:29:04.0754 0x1b98 FontCache3.0.0.0 - ok
12:29:04.0756 0x1b98 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:29:04.0761 0x1b98 FsDepends - ok
12:29:04.0763 0x1b98 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:29:04.0767 0x1b98 Fs_Rec - ok
12:29:04.0772 0x1b98 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:29:04.0779 0x1b98 fvevol - ok
12:29:04.0782 0x1b98 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:29:04.0786 0x1b98 gagp30kx - ok
12:29:04.0796 0x1b98 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:29:04.0820 0x1b98 gpsvc - ok
12:29:04.0823 0x1b98 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:29:04.0828 0x1b98 hcw85cir - ok
12:29:04.0833 0x1b98 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:29:04.0843 0x1b98 HdAudAddService - ok
12:29:04.0847 0x1b98 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:29:04.0855 0x1b98 HDAudBus - ok
12:29:04.0857 0x1b98 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:29:04.0861 0x1b98 HidBatt - ok
12:29:04.0864 0x1b98 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:29:04.0871 0x1b98 HidBth - ok
12:29:04.0874 0x1b98 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:29:04.0880 0x1b98 HidIr - ok
12:29:04.0882 0x1b98 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:29:04.0897 0x1b98 hidserv - ok
12:29:04.0899 0x1b98 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:29:04.0904 0x1b98 HidUsb - ok
12:29:04.0906 0x1b98 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:29:04.0921 0x1b98 hkmsvc - ok
12:29:04.0926 0x1b98 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:29:04.0934 0x1b98 HomeGroupListener - ok
12:29:04.0937 0x1b98 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:29:04.0945 0x1b98 HomeGroupProvider - ok
12:29:04.0947 0x1b98 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:29:04.0952 0x1b98 HpSAMD - ok
12:29:04.0962 0x1b98 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:29:04.0985 0x1b98 HTTP - ok
12:29:04.0987 0x1b98 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:29:04.0992 0x1b98 hwpolicy - ok
12:29:04.0995 0x1b98 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:29:05.0000 0x1b98 i8042prt - ok
12:29:05.0010 0x1b98 [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
12:29:05.0021 0x1b98 iaStorA - ok
12:29:05.0025 0x1b98 [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:29:05.0028 0x1b98 IAStorDataMgrSvc - ok
12:29:05.0030 0x1b98 [ C018747131B4E90E9267BA5B31EB43A7, 0FA045B63500D6AA98CADD72BA8052BD2631387FD1270A9FD5A77EB7A7A14536 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
12:29:05.0034 0x1b98 iaStorF - ok
12:29:05.0040 0x1b98 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:29:05.0048 0x1b98 iaStorV - ok
12:29:05.0052 0x1b98 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:29:05.0054 0x1b98 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:29:07.0402 0x1b98 Detect skipped due to KSN trusted
12:29:07.0402 0x1b98 IDriverT - ok
12:29:07.0446 0x1b98 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:29:07.0471 0x1b98 idsvc - ok
12:29:07.0473 0x1b98 IEEtwCollectorService - ok
12:29:07.0475 0x1b98 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:29:07.0480 0x1b98 iirsp - ok
12:29:07.0482 0x1b98 [ FF604BCE2537A4734DA0CE19AD9B7B7A, E40E87961F46B374122ED2B06E79C575FCFA4D29F95763ADC7E88270D064AFE8 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
12:29:07.0486 0x1b98 ikbevent - ok
12:29:07.0497 0x1b98 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:29:07.0513 0x1b98 IKEEXT - ok
12:29:07.0515 0x1b98 [ 298E67827BE3C4403C32EAB66987A334, BE7D95E2BB0D6D60B40966305D0354CA93F773FD2FA2727F1076DC8E162D5EB1 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
12:29:07.0519 0x1b98 imsevent - ok
12:29:07.0522 0x1b98 [ 0BBE196EED750C18E5D4B3CB55EB097C, 6A67BF6CD9BBC77034AD1BBDE6FD1DE78440825E317DB7C517BD4D773FEBDA39 ] INETMON C:\Windows\System32\Drivers\INETMON.sys
12:29:07.0526 0x1b98 INETMON - ok
12:29:07.0573 0x1b98 [ CC2521C1BE66E922196431B77F765178, 07106F575F715F761E01D3788053CBA6E53DD8390CE79BD4F6FC2BCDDC34C982 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:29:07.0619 0x1b98 IntcAzAudAddService - ok
12:29:07.0635 0x1b98 [ 9A6DEB5DDF7E29728F6FEA5092AFA3F2, 21C47A0490EBA302657EF30C560E4AF83777685FFE126DCCAC310163C47401D1 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:29:07.0648 0x1b98 Intel(R) Capability Licensing Service TCP IP Interface - ok
12:29:07.0651 0x1b98 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:29:07.0655 0x1b98 intelide - ok
12:29:07.0657 0x1b98 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:29:07.0663 0x1b98 intelppm - ok
12:29:07.0665 0x1b98 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:29:07.0681 0x1b98 IPBusEnum - ok
12:29:07.0684 0x1b98 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:29:07.0699 0x1b98 IpFilterDriver - ok
12:29:07.0706 0x1b98 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:29:07.0719 0x1b98 iphlpsvc - ok
12:29:07.0721 0x1b98 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:29:07.0727 0x1b98 IPMIDRV - ok
12:29:07.0730 0x1b98 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:29:07.0745 0x1b98 IPNAT - ok
12:29:07.0747 0x1b98 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:29:07.0754 0x1b98 IRENUM - ok
12:29:07.0756 0x1b98 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:29:07.0760 0x1b98 isapnp - ok
12:29:07.0765 0x1b98 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:29:07.0772 0x1b98 iScsiPrt - ok
12:29:07.0774 0x1b98 [ 35C0995BCDB0E45D1EEBE4FB582D1563, 67B44EE25B8FF5778AC58255265536EC4CC444A5A8368D6311DEDAF58357E5ED ] ISCT C:\Windows\system32\DRIVERS\ISCTD.sys
12:29:07.0779 0x1b98 ISCT - ok
12:29:07.0784 0x1b98 [ 796A8DFCB3609C61E6AD43E551F55D9A, 20A0FF8E72238DAC64A65DEEAA84BD8D7AD45249FC87DEA11B715D0CD0DBDCBC ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
12:29:07.0790 0x1b98 ISCTAgent - ok
12:29:07.0792 0x1b98 [ 61662AFF4AF0413F461F2780167703AE, 55CCBA4F09581871B3EB81A40A3FB59013AD988CEED109E18C58609AD469117A ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:29:07.0796 0x1b98 iusb3hcs - ok
12:29:07.0802 0x1b98 [ 923030D5F4B1C801AE5219551F7B490B, C00D9CCE8D04FEFA9391725F79BBD77F03ED3E3DB53E02E80ABC008B2F179043 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
12:29:07.0810 0x1b98 iusb3hub - ok
12:29:07.0820 0x1b98 [ 234E2245AF65CFC021874F64C40E206B, 4254180327F7B58AAE1A158DADE53A06C02139F6CDD2A657E5E9B2868B96F806 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:29:07.0833 0x1b98 iusb3xhc - ok
12:29:07.0837 0x1b98 [ 9BF27BE5D9F87E556BF4269025703E4D, A4BF5514BD6FFA9FEA5AF4DCCCB92DEB93261731A4B5814177D2680883D0C09A ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:29:07.0842 0x1b98 jhi_service - ok
12:29:07.0844 0x1b98 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:29:07.0849 0x1b98 kbdclass - ok
12:29:07.0851 0x1b98 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:29:07.0856 0x1b98 kbdhid - ok
12:29:07.0859 0x1b98 [ B34C08826C081A92D7298DE23E001FB6, A63B232AAE618F8E28777892193A04828C8D07F79283C2D8AECBAEAED6C8F0E6 ] Ke2200 C:\Windows\system32\DRIVERS\e22w7x64.sys
12:29:07.0864 0x1b98 Ke2200 - ok
12:29:07.0866 0x1b98 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:29:07.0871 0x1b98 KeyIso - ok
12:29:07.0878 0x1b98 [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
12:29:07.0887 0x1b98 kl1 - ok
12:29:07.0889 0x1b98 [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
12:29:07.0894 0x1b98 kldisk - ok
12:29:07.0897 0x1b98 [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
12:29:07.0903 0x1b98 klflt - ok
12:29:07.0908 0x1b98 [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk C:\Windows\system32\DRIVERS\klhk.sys
12:29:07.0915 0x1b98 klhk - ok
12:29:07.0925 0x1b98 [ 150DEC2F6A081D2513B7428DC060B557, 7E5996530FD821D1FAF1879F1167CBDE0B562E17388FDC46939ABEFB8869D2CE ] KLIF C:\Windows\system32\DRIVERS\klif.sys
12:29:07.0938 0x1b98 KLIF - ok
12:29:07.0941 0x1b98 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
12:29:07.0945 0x1b98 KLIM6 - ok
12:29:07.0947 0x1b98 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
12:29:07.0951 0x1b98 klkbdflt - ok
12:29:07.0953 0x1b98 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
12:29:07.0957 0x1b98 klmouflt - ok
12:29:07.0958 0x1b98 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
12:29:07.0962 0x1b98 klpd - ok
12:29:07.0964 0x1b98 [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
12:29:07.0968 0x1b98 kltdi - ok
12:29:07.0971 0x1b98 [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
12:29:07.0975 0x1b98 Klwtp - ok
12:29:07.0979 0x1b98 [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
12:29:07.0984 0x1b98 kneps - ok
12:29:07.0987 0x1b98 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:29:07.0992 0x1b98 KSecDD - ok
12:29:07.0995 0x1b98 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:29:08.0001 0x1b98 KSecPkg - ok
12:29:08.0003 0x1b98 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:29:08.0018 0x1b98 ksthunk - ok
12:29:08.0024 0x1b98 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:29:08.0043 0x1b98 KtmRm - ok
12:29:08.0047 0x1b98 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:29:08.0065 0x1b98 LanmanServer - ok
12:29:08.0068 0x1b98 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:29:08.0084 0x1b98 LanmanWorkstation - ok
12:29:08.0087 0x1b98 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:29:08.0102 0x1b98 lltdio - ok
12:29:08.0107 0x1b98 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:29:08.0125 0x1b98 lltdsvc - ok
12:29:08.0127 0x1b98 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:29:08.0142 0x1b98 lmhosts - ok
12:29:08.0149 0x1b98 [ E4267604E975EF4BBB1A39A1B4F5B3CB, 4FC4D213A209F96893819EC7971BEA9651BAF4BF999304FB20556ACF98ADBB9C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:29:08.0158 0x1b98 LMS - ok
12:29:08.0161 0x1b98 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:29:08.0167 0x1b98 LSI_FC - ok
12:29:08.0169 0x1b98 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:29:08.0175 0x1b98 LSI_SAS - ok
12:29:08.0177 0x1b98 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:29:08.0181 0x1b98 LSI_SAS2 - ok
12:29:08.0184 0x1b98 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:29:08.0189 0x1b98 LSI_SCSI - ok
12:29:08.0192 0x1b98 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:29:08.0208 0x1b98 luafv - ok
12:29:08.0210 0x1b98 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:29:08.0214 0x1b98 MBAMProtector - ok
12:29:08.0235 0x1b98 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
12:29:08.0259 0x1b98 MBAMScheduler - ok
12:29:08.0272 0x1b98 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
12:29:08.0286 0x1b98 MBAMService - ok
12:29:08.0288 0x1b98 [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:29:08.0293 0x1b98 MBAMWebAccessControl - ok
12:29:08.0294 0x1b98 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
12:29:08.0298 0x1b98 MBfilt - ok
12:29:08.0301 0x1b98 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:29:08.0307 0x1b98 Mcx2Svc - ok
12:29:08.0309 0x1b98 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:29:08.0313 0x1b98 megasas - ok
12:29:08.0318 0x1b98 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:29:08.0325 0x1b98 MegaSR - ok
12:29:08.0329 0x1b98 [ A37A2ED3321A7A7BC85FA05221051A7F, 32E75126F3480DC59C480D821A717E5AC2639912D515693557EBF999B7DB0B10 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
12:29:08.0334 0x1b98 MEIx64 - ok
12:29:08.0337 0x1b98 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:29:08.0352 0x1b98 MMCSS - ok
12:29:08.0354 0x1b98 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:29:08.0369 0x1b98 Modem - ok
12:29:08.0372 0x1b98 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:29:08.0378 0x1b98 monitor - ok
12:29:08.0392 0x1b98 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:29:08.0397 0x1b98 mouclass - ok
12:29:08.0399 0x1b98 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:29:08.0404 0x1b98 mouhid - ok
12:29:08.0406 0x1b98 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:29:08.0411 0x1b98 mountmgr - ok
12:29:08.0414 0x1b98 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:29:08.0419 0x1b98 MozillaMaintenance - ok
12:29:08.0422 0x1b98 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:29:08.0428 0x1b98 mpio - ok
12:29:08.0430 0x1b98 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:29:08.0446 0x1b98 mpsdrv - ok
12:29:08.0457 0x1b98 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:29:08.0481 0x1b98 MpsSvc - ok
12:29:08.0485 0x1b98 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:29:08.0491 0x1b98 MRxDAV - ok
12:29:08.0495 0x1b98 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:29:08.0501 0x1b98 mrxsmb - ok
12:29:08.0506 0x1b98 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:29:08.0514 0x1b98 mrxsmb10 - ok
12:29:08.0517 0x1b98 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:29:08.0523 0x1b98 mrxsmb20 - ok
12:29:08.0525 0x1b98 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:29:08.0529 0x1b98 msahci - ok
12:29:08.0533 0x1b98 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:29:08.0538 0x1b98 msdsm - ok
12:29:08.0541 0x1b98 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:29:08.0548 0x1b98 MSDTC - ok
12:29:08.0551 0x1b98 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:29:08.0566 0x1b98 Msfs - ok
12:29:08.0568 0x1b98 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:29:08.0582 0x1b98 mshidkmdf - ok
12:29:08.0583 0x1b98 MSICDSetup - ok
12:29:08.0585 0x1b98 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:29:08.0589 0x1b98 msisadrv - ok
12:29:08.0593 0x1b98 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:29:08.0609 0x1b98 MSiSCSI - ok
12:29:08.0611 0x1b98 msiserver - ok
12:29:08.0612 0x1b98 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:29:08.0627 0x1b98 MSKSSRV - ok
12:29:08.0628 0x1b98 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:29:08.0643 0x1b98 MSPCLOCK - ok
12:29:08.0645 0x1b98 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:29:08.0659 0x1b98 MSPQM - ok
12:29:08.0665 0x1b98 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:29:08.0673 0x1b98 MsRPC - ok
12:29:08.0676 0x1b98 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:29:08.0680 0x1b98 mssmbios - ok
12:29:08.0682 0x1b98 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:29:08.0696 0x1b98 MSTEE - ok
12:29:08.0698 0x1b98 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:29:08.0703 0x1b98 MTConfig - ok
12:29:08.0705 0x1b98 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:29:08.0709 0x1b98 Mup - ok
12:29:08.0716 0x1b98 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:29:08.0737 0x1b98 napagent - ok
12:29:08.0742 0x1b98 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:29:08.0753 0x1b98 NativeWifiP - ok
12:29:08.0766 0x1b98 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:29:08.0780 0x1b98 NDIS - ok
12:29:08.0782 0x1b98 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:29:08.0797 0x1b98 NdisCap - ok
12:29:08.0799 0x1b98 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:29:08.0814 0x1b98 NdisTapi - ok
12:29:08.0816 0x1b98 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:29:08.0831 0x1b98 Ndisuio - ok
12:29:08.0834 0x1b98 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:29:08.0850 0x1b98 NdisWan - ok
12:29:08.0853 0x1b98 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:29:08.0867 0x1b98 NDProxy - ok
12:29:08.0869 0x1b98 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:29:08.0884 0x1b98 NetBIOS - ok
12:29:08.0889 0x1b98 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:29:08.0906 0x1b98 NetBT - ok
12:29:08.0907 0x1b98 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:29:08.0912 0x1b98 Netlogon - ok
12:29:08.0918 0x1b98 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:29:08.0937 0x1b98 Netman - ok
12:29:08.0940 0x1b98 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:08.0948 0x1b98 NetMsmqActivator - ok
12:29:08.0951 0x1b98 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:08.0957 0x1b98 NetPipeActivator - ok
12:29:08.0963 0x1b98 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:29:08.0984 0x1b98 netprofm - ok
12:29:08.0987 0x1b98 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:08.0993 0x1b98 NetTcpActivator - ok
12:29:08.0996 0x1b98 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:29:09.0002 0x1b98 NetTcpPortSharing - ok
12:29:09.0004 0x1b98 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:29:09.0008 0x1b98 nfrd960 - ok
12:29:09.0013 0x1b98 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:29:09.0022 0x1b98 NlaSvc - ok
12:29:09.0024 0x1b98 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:29:09.0039 0x1b98 Npfs - ok
12:29:09.0041 0x1b98 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:29:09.0056 0x1b98 nsi - ok
12:29:09.0058 0x1b98 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:29:09.0073 0x1b98 nsiproxy - ok
12:29:09.0094 0x1b98 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:29:09.0116 0x1b98 Ntfs - ok
12:29:09.0118 0x1b98 NTIOLib_1_0_C - ok
12:29:09.0120 0x1b98 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:29:09.0135 0x1b98 Null - ok
12:29:09.0278 0x1b98 [ 185B4FFECD886A424B57B58AE173FBBE, 7CFD51694091035639B900EC64FAD62CC1E5F3DC520F59CC27540B170A957C60 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:29:09.0423 0x1b98 nvlddmkm - ok
12:29:09.0437 0x1b98 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:29:09.0442 0x1b98 nvraid - ok
12:29:09.0446 0x1b98 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:29:09.0452 0x1b98 nvstor - ok
12:29:09.0464 0x1b98 [ E1CE82592245B9E9621F17FBF457DB4E, 98B021623B10EBF7ED370BC2516D8377C09E9E2BB49BD96F492F55006B1B8CC4 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:29:09.0479 0x1b98 nvsvc - ok
12:29:09.0482 0x1b98 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:29:09.0488 0x1b98 nv_agp - ok
12:29:09.0490 0x1b98 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:29:09.0495 0x1b98 ohci1394 - ok
12:29:09.0501 0x1b98 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:29:09.0510 0x1b98 p2pimsvc - ok
12:29:09.0517 0x1b98 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:29:09.0527 0x1b98 p2psvc - ok
12:29:09.0528 0x1b98 PAExec - ok
12:29:09.0531 0x1b98 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:29:09.0537 0x1b98 Parport - ok
12:29:09.0539 0x1b98 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:29:09.0544 0x1b98 partmgr - ok
12:29:09.0548 0x1b98 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:29:09.0557 0x1b98 PcaSvc - ok
12:29:09.0561 0x1b98 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:29:09.0567 0x1b98 pci - ok
12:29:09.0569 0x1b98 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:29:09.0573 0x1b98 pciide - ok
12:29:09.0577 0x1b98 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:29:09.0584 0x1b98 pcmcia - ok
12:29:09.0586 0x1b98 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:29:09.0590 0x1b98 pcw - ok
12:29:09.0604 0x1b98 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:29:09.0627 0x1b98 PEAUTH - ok
12:29:09.0643 0x1b98 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:29:09.0666 0x1b98 PeerDistSvc - ok
12:29:09.0677 0x1b98 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:29:09.0682 0x1b98 PerfHost - ok
12:29:09.0701 0x1b98 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:29:09.0733 0x1b98 pla - ok
12:29:09.0740 0x1b98 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:29:09.0750 0x1b98 PlugPlay - ok
12:29:09.0752 0x1b98 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:29:09.0757 0x1b98 PNRPAutoReg - ok
12:29:09.0762 0x1b98 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:29:09.0771 0x1b98 PNRPsvc - ok
12:29:09.0778 0x1b98 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:29:09.0798 0x1b98 PolicyAgent - ok
12:29:09.0803 0x1b98 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:29:09.0820 0x1b98 Power - ok
12:29:09.0823 0x1b98 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:29:09.0838 0x1b98 PptpMiniport - ok
12:29:09.0840 0x1b98 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:29:09.0846 0x1b98 Processor - ok
12:29:09.0850 0x1b98 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:29:09.0857 0x1b98 ProfSvc - ok
12:29:09.0859 0x1b98 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:29:09.0864 0x1b98 ProtectedStorage - ok
12:29:09.0867 0x1b98 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:29:09.0883 0x1b98 Psched - ok
12:29:09.0901 0x1b98 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:29:09.0922 0x1b98 ql2300 - ok
12:29:09.0925 0x1b98 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:29:09.0931 0x1b98 ql40xx - ok
12:29:09.0937 0x1b98 [ 0AF624035C3BDCFB50F500D467D50940, 421289444162C93EAB9E344B3DD3B84CADAC4DE2555A4565B63870A68B786C21 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
12:29:09.0943 0x1b98 Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
12:29:12.0291 0x1b98 Detect skipped due to KSN trusted
12:29:12.0291 0x1b98 Qualcomm Atheros Killer Service V2 - ok
12:29:12.0311 0x1b98 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:29:12.0351 0x1b98 QWAVE - ok
12:29:12.0356 0x1b98 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:29:12.0366 0x1b98 QWAVEdrv - ok
12:29:12.0368 0x1b98 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:29:12.0387 0x1b98 RasAcd - ok
12:29:12.0390 0x1b98 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:29:12.0405 0x1b98 RasAgileVpn - ok
12:29:12.0408 0x1b98 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:29:12.0424 0x1b98 RasAuto - ok
12:29:12.0426 0x1b98 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:29:12.0442 0x1b98 Rasl2tp - ok
12:29:12.0448 0x1b98 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:29:12.0467 0x1b98 RasMan - ok
12:29:12.0470 0x1b98 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:29:12.0486 0x1b98 RasPppoe - ok
12:29:12.0488 0x1b98 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:29:12.0503 0x1b98 RasSstp - ok
12:29:12.0509 0x1b98 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:29:12.0526 0x1b98 rdbss - ok
12:29:12.0528 0x1b98 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:29:12.0534 0x1b98 rdpbus - ok
12:29:12.0536 0x1b98 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:29:12.0550 0x1b98 RDPCDD - ok
12:29:12.0555 0x1b98 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:29:12.0562 0x1b98 RDPDR - ok
12:29:12.0563 0x1b98 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:29:12.0577 0x1b98 RDPENCDD - ok
12:29:12.0580 0x1b98 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:29:12.0594 0x1b98 RDPREFMP - ok
12:29:12.0597 0x1b98 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:29:12.0602 0x1b98 RdpVideoMiniport - ok
12:29:12.0607 0x1b98 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:29:12.0614 0x1b98 RDPWD - ok
12:29:12.0619 0x1b98 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:29:12.0625 0x1b98 rdyboost - ok
12:29:12.0627 0x1b98 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:29:12.0643 0x1b98 RemoteAccess - ok
12:29:12.0647 0x1b98 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:29:12.0664 0x1b98 RemoteRegistry - ok
12:29:12.0666 0x1b98 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:29:12.0682 0x1b98 RpcEptMapper - ok
12:29:12.0684 0x1b98 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:29:12.0689 0x1b98 RpcLocator - ok
12:29:12.0697 0x1b98 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:29:12.0717 0x1b98 RpcSs - ok
12:29:12.0720 0x1b98 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:29:12.0735 0x1b98 rspndr - ok
12:29:12.0737 0x1b98 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:29:12.0741 0x1b98 s3cap - ok
12:29:12.0743 0x1b98 [ A7BD09F4EE327FFF4DCFB01B5251085D, F8C86A2E4F9FC298D4DB60E1C24585A13A33145A411F3F92FDE9074D9417E351 ] Said2215 C:\Windows\system32\DRIVERS\Said2215.sys
12:29:12.0747 0x1b98 Said2215 - ok
12:29:12.0748 0x1b98 [ 51A5C75AD7B0BED5EBBCBA6F2C72DA31, 7FDBAD9E259E911713433816A08AB2880090C7BC61FCE85E69D9E52C6EC1348D ] Saida215 C:\Windows\system32\DRIVERS\Saida215.sys
12:29:12.0752 0x1b98 Saida215 - ok
12:29:12.0756 0x1b98 [ 6EFAB54D88306542861D680493CB20DB, F5A5753A52967E156E395482B58DF6D8DD110F836D981501B6B7FF7CE5B22B32 ] SaiG2215 C:\Windows\system32\DRIVERS\SaiG2215.sys
12:29:12.0762 0x1b98 SaiG2215 - ok
12:29:12.0766 0x1b98 [ B16853E9229CDC58DD0F05B6DFE22436, 9881A5F045236F3DCB0386D86900A2A39B8D78661E343F1BFA1D05844E3F4704 ] SaiGa215 C:\Windows\system32\DRIVERS\SaiGa215.sys
12:29:12.0772 0x1b98 SaiGa215 - ok
12:29:12.0778 0x1b98 [ 7820252E00EB1C75FF3FCB00FFD8B9A2, C0DAD87506D2F1A9771E77ED23AC54DD976ABB5F9E6358974E07631E1B05F6DF ] SaiK0762 C:\Windows\system32\DRIVERS\SaiK0762.sys
12:29:12.0783 0x1b98 SaiK0762 - ok
12:29:12.0787 0x1b98 [ 24099C3D4EC943F875BF29F75987A3A6, 4D114D3B6B75BB9E647884F5EFEE342AC51AB4C22EF89A22C78FA17739C9E0B7 ] SaiK0836 C:\Windows\system32\DRIVERS\SaiK0836.sys
12:29:12.0793 0x1b98 SaiK0836 - ok
12:29:12.0797 0x1b98 [ 20ADDAC042ED6CECD5033823E0C6525E, 175E4739989EA83291C5E81AA7BC2DD67BD75887D1A782F427B14CFA80DE0663 ] SaiK2215 C:\Windows\system32\DRIVERS\SaiK2215.sys
12:29:12.0802 0x1b98 SaiK2215 - ok
12:29:12.0806 0x1b98 [ F0BA475C42D46CBB2A421D4AA69DD008, EC6DA91CFF6D72451AA4D7CFA65BB5426B3268C2E4EF5753A2AC2115DD67A9E8 ] SaiKa215 C:\Windows\system32\DRIVERS\SaiKa215.sys
12:29:12.0811 0x1b98 SaiKa215 - ok
12:29:12.0814 0x1b98 [ AD505946BB6CE56BE9CB8924F8DEC7BD, 553F87A84DBCEDDAD18777FB02C4874AA4334ED9CF5D403D01A141DC5CE2BBA1 ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys
12:29:12.0818 0x1b98 SaiMini - ok
12:29:12.0820 0x1b98 [ 8BB354AA12530C4C5EE9DA90F1FC1AD9, 9C0410E4E07711F15D5B61E3FFE00A1B200F07E6737B3FD2A76061F3CF986C97 ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys
12:29:12.0824 0x1b98 SaiNtBus - ok
12:29:12.0826 0x1b98 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:29:12.0830 0x1b98 SamSs - ok
12:29:12.0833 0x1b98 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:29:12.0838 0x1b98 sbp2port - ok
12:29:12.0842 0x1b98 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:29:12.0859 0x1b98 SCardSvr - ok
12:29:12.0861 0x1b98 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:29:12.0875 0x1b98 scfilter - ok
12:29:12.0889 0x1b98 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:29:12.0917 0x1b98 Schedule - ok
12:29:12.0921 0x1b98 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:29:12.0935 0x1b98 SCPolicySvc - ok
12:29:12.0939 0x1b98 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:29:12.0946 0x1b98 SDRSVC - ok
12:29:12.0967 0x1b98 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:29:12.0989 0x1b98 SDScannerService - ok
12:29:13.0014 0x1b98 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:29:13.0040 0x1b98 SDUpdateService - ok
12:29:13.0044 0x1b98 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:29:13.0050 0x1b98 SDWSCService - ok
12:29:13.0052 0x1b98 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:29:13.0067 0x1b98 secdrv - ok
12:29:13.0069 0x1b98 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:29:13.0084 0x1b98 seclogon - ok
12:29:13.0086 0x1b98 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:29:13.0102 0x1b98 SENS - ok
12:29:13.0104 0x1b98 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:29:13.0109 0x1b98 SensrSvc - ok
12:29:13.0111 0x1b98 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:29:13.0116 0x1b98 Serenum - ok
12:29:13.0118 0x1b98 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:29:13.0124 0x1b98 Serial - ok
12:29:13.0126 0x1b98 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:29:13.0131 0x1b98 sermouse - ok
12:29:13.0135 0x1b98 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:29:13.0151 0x1b98 SessionEnv - ok
12:29:13.0153 0x1b98 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:29:13.0159 0x1b98 sffdisk - ok
12:29:13.0160 0x1b98 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:29:13.0166 0x1b98 sffp_mmc - ok
12:29:13.0168 0x1b98 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:29:13.0174 0x1b98 sffp_sd - ok
12:29:13.0175 0x1b98 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:29:13.0180 0x1b98 sfloppy - ok
12:29:13.0186 0x1b98 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:29:13.0204 0x1b98 SharedAccess - ok
12:29:13.0210 0x1b98 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:29:13.0229 0x1b98 ShellHWDetection - ok
12:29:13.0232 0x1b98 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:29:13.0236 0x1b98 SiSRaid2 - ok
12:29:13.0239 0x1b98 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:29:13.0243 0x1b98 SiSRaid4 - ok
12:29:13.0251 0x1b98 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate H:\Skype\Updater\Updater.exe
12:29:13.0259 0x1b98 SkypeUpdate - ok
12:29:13.0262 0x1b98 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:29:13.0277 0x1b98 Smb - ok
12:29:13.0280 0x1b98 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:29:13.0286 0x1b98 SNMPTRAP - ok
12:29:13.0288 0x1b98 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:29:13.0292 0x1b98 spldr - ok
12:29:13.0301 0x1b98 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:29:13.0313 0x1b98 Spooler - ok
12:29:13.0354 0x1b98 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:29:13.0413 0x1b98 sppsvc - ok
12:29:13.0417 0x1b98 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:29:13.0433 0x1b98 sppuinotify - ok
12:29:13.0436 0x1b98 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:29:13.0443 0x1b98 SQLWriter - ok
12:29:13.0449 0x1b98 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:29:13.0460 0x1b98 srv - ok
12:29:13.0466 0x1b98 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:29:13.0475 0x1b98 srv2 - ok
12:29:13.0479 0x1b98 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:29:13.0486 0x1b98 srvnet - ok
12:29:13.0489 0x1b98 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:29:13.0506 0x1b98 SSDPSRV - ok
12:29:13.0509 0x1b98 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:29:13.0525 0x1b98 SstpSvc - ok
12:29:13.0534 0x1b98 [ 15E9700890AE50AA6A8B68EBB8F82EAD, 99D909B8A20E47BBDB5902806C700EAF914192561D69182D93357C6C6F30EC0D ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:29:13.0543 0x1b98 Steam Client Service - ok
12:29:13.0545 0x1b98 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:29:13.0549 0x1b98 stexstor - ok
12:29:13.0558 0x1b98 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:29:13.0572 0x1b98 stisvc - ok
12:29:13.0575 0x1b98 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:29:13.0579 0x1b98 storflt - ok
12:29:13.0581 0x1b98 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
12:29:13.0586 0x1b98 StorSvc - ok
12:29:13.0588 0x1b98 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:29:13.0592 0x1b98 storvsc - ok
12:29:13.0594 0x1b98 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:29:13.0598 0x1b98 swenum - ok
12:29:13.0605 0x1b98 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:29:13.0627 0x1b98 swprv - ok
12:29:13.0648 0x1b98 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:29:13.0678 0x1b98 SysMain - ok
12:29:13.0681 0x1b98 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:29:13.0690 0x1b98 TabletInputService - ok
12:29:13.0695 0x1b98 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:29:13.0713 0x1b98 TapiSrv - ok
12:29:13.0715 0x1b98 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:29:13.0731 0x1b98 TBS - ok
12:29:13.0753 0x1b98 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:29:13.0778 0x1b98 Tcpip - ok
12:29:13.0801 0x1b98 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:29:13.0825 0x1b98 TCPIP6 - ok
12:29:13.0829 0x1b98 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:29:13.0834 0x1b98 tcpipreg - ok
12:29:13.0836 0x1b98 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:29:13.0841 0x1b98 TDPIPE - ok
12:29:13.0843 0x1b98 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:29:13.0847 0x1b98 TDTCP - ok
12:29:13.0850 0x1b98 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:29:13.0856 0x1b98 tdx - ok
12:29:13.0919 0x1b98 [ C0C121B537DA3AD87481C0502CACE462, E0FC2AC71B60C796DCD03217A510C47425FB7783713FCCC477130E69715D2B8D ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
12:29:13.0981 0x1b98 TeamViewer - ok
12:29:13.0987 0x1b98 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:29:13.0992 0x1b98 TermDD - ok
12:29:14.0001 0x1b98 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:29:14.0015 0x1b98 TermService - ok
12:29:14.0017 0x1b98 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:29:14.0025 0x1b98 Themes - ok
12:29:14.0027 0x1b98 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:29:14.0042 0x1b98 THREADORDER - ok
12:29:14.0045 0x1b98 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:29:14.0061 0x1b98 TrkWks - ok
12:29:14.0066 0x1b98 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:29:14.0082 0x1b98 TrustedInstaller - ok
12:29:14.0084 0x1b98 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:29:14.0089 0x1b98 tssecsrv - ok
12:29:14.0092 0x1b98 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:29:14.0097 0x1b98 TsUsbFlt - ok
12:29:14.0099 0x1b98 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:29:14.0104 0x1b98 TsUsbGD - ok
12:29:14.0107 0x1b98 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:29:14.0123 0x1b98 tunnel - ok
12:29:14.0125 0x1b98 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:29:14.0130 0x1b98 uagp35 - ok
12:29:14.0135 0x1b98 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:29:14.0153 0x1b98 udfs - ok
12:29:14.0156 0x1b98 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:29:14.0162 0x1b98 UI0Detect - ok
12:29:14.0165 0x1b98 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:29:14.0170 0x1b98 uliagpkx - ok
12:29:14.0171 0x1b98 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:29:14.0177 0x1b98 umbus - ok
12:29:14.0178 0x1b98 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:29:14.0183 0x1b98 UmPass - ok
12:29:14.0187 0x1b98 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:29:14.0194 0x1b98 UmRdpService - ok
12:29:14.0200 0x1b98 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:29:14.0219 0x1b98 upnphost - ok
12:29:14.0223 0x1b98 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:29:14.0229 0x1b98 usbaudio - ok
12:29:14.0231 0x1b98 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:29:14.0237 0x1b98 usbccgp - ok
12:29:14.0240 0x1b98 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:29:14.0245 0x1b98 usbcir - ok
12:29:14.0247 0x1b98 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:29:14.0252 0x1b98 usbehci - ok
12:29:14.0258 0x1b98 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:29:14.0267 0x1b98 usbhub - ok
12:29:14.0269 0x1b98 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:29:14.0274 0x1b98 usbohci - ok
12:29:14.0275 0x1b98 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:29:14.0281 0x1b98 usbprint - ok
12:29:14.0283 0x1b98 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:29:14.0289 0x1b98 usbscan - ok
12:29:14.0291 0x1b98 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:29:14.0297 0x1b98 USBSTOR - ok
12:29:14.0299 0x1b98 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:29:14.0304 0x1b98 usbuhci - ok
12:29:14.0306 0x1b98 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:29:14.0322 0x1b98 UxSms - ok
12:29:14.0324 0x1b98 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:29:14.0328 0x1b98 VaultSvc - ok
12:29:14.0330 0x1b98 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:29:14.0335 0x1b98 vdrvroot - ok
12:29:14.0342 0x1b98 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:29:14.0363 0x1b98 vds - ok
12:29:14.0366 0x1b98 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:29:14.0372 0x1b98 vga - ok
12:29:14.0374 0x1b98 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:29:14.0388 0x1b98 VgaSave - ok
12:29:14.0392 0x1b98 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:29:14.0399 0x1b98 vhdmp - ok
12:29:14.0401 0x1b98 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:29:14.0405 0x1b98 viaide - ok
12:29:14.0409 0x1b98 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:29:14.0415 0x1b98 vmbus - ok
12:29:14.0416 0x1b98 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:29:14.0421 0x1b98 VMBusHID - ok
12:29:14.0423 0x1b98 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:29:14.0428 0x1b98 volmgr - ok
12:29:14.0434 0x1b98 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:29:14.0442 0x1b98 volmgrx - ok
12:29:14.0447 0x1b98 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:29:14.0455 0x1b98 volsnap - ok
12:29:14.0458 0x1b98 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:29:14.0464 0x1b98 vsmraid - ok
12:29:14.0484 0x1b98 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:29:14.0518 0x1b98 VSS - ok
12:29:14.0521 0x1b98 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:29:14.0527 0x1b98 vwifibus - ok
12:29:14.0533 0x1b98 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:29:14.0553 0x1b98 W32Time - ok
12:29:14.0556 0x1b98 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:29:14.0561 0x1b98 WacomPen - ok
12:29:14.0563 0x1b98 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:29:14.0578 0x1b98 WANARP - ok
12:29:14.0580 0x1b98 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:29:14.0595 0x1b98 Wanarpv6 - ok
12:29:14.0613 0x1b98 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:29:14.0637 0x1b98 wbengine - ok
12:29:14.0642 0x1b98 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:29:14.0652 0x1b98 WbioSrvc - ok
12:29:14.0658 0x1b98 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:29:14.0670 0x1b98 wcncsvc - ok
12:29:14.0672 0x1b98 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:29:14.0678 0x1b98 WcsPlugInService - ok
12:29:14.0680 0x1b98 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:29:14.0684 0x1b98 Wd - ok
12:29:14.0694 0x1b98 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:29:14.0707 0x1b98 Wdf01000 - ok
12:29:14.0710 0x1b98 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:29:14.0719 0x1b98 WdiServiceHost - ok
12:29:14.0721 0x1b98 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:29:14.0729 0x1b98 WdiSystemHost - ok
12:29:14.0733 0x1b98 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:29:14.0742 0x1b98 WebClient - ok
12:29:14.0747 0x1b98 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:29:14.0765 0x1b98 Wecsvc - ok
12:29:14.0767 0x1b98 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:29:14.0783 0x1b98 wercplsupport - ok
12:29:14.0786 0x1b98 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:29:14.0802 0x1b98 WerSvc - ok
12:29:14.0803 0x1b98 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:29:14.0818 0x1b98 WfpLwf - ok
12:29:14.0820 0x1b98 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:29:14.0825 0x1b98 WIMMount - ok
12:29:14.0826 0x1b98 WinDefend - ok
12:29:14.0828 0x1b98 WinHttpAutoProxySvc - ok
12:29:14.0835 0x1b98 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:29:14.0852 0x1b98 Winmgmt - ok
12:29:14.0876 0x1b98 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:29:14.0906 0x1b98 WinRM - ok
12:29:14.0911 0x1b98 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:29:14.0917 0x1b98 WinUsb - ok
12:29:14.0929 0x1b98 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:29:14.0947 0x1b98 Wlansvc - ok
12:29:14.0974 0x1b98 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:29:15.0002 0x1b98 wlidsvc - ok
12:29:15.0005 0x1b98 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:29:15.0010 0x1b98 WmiAcpi - ok
12:29:15.0015 0x1b98 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:29:15.0022 0x1b98 wmiApSrv - ok
12:29:15.0024 0x1b98 WMPNetworkSvc - ok
12:29:15.0025 0x1b98 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:29:15.0031 0x1b98 WPCSvc - ok
12:29:15.0033 0x1b98 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:29:15.0041 0x1b98 WPDBusEnum - ok
12:29:15.0043 0x1b98 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:29:15.0058 0x1b98 ws2ifsl - ok
12:29:15.0061 0x1b98 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:29:15.0069 0x1b98 wscsvc - ok
12:29:15.0071 0x1b98 WSearch - ok
12:29:15.0100 0x1b98 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:29:15.0132 0x1b98 wuauserv - ok
12:29:15.0136 0x1b98 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:29:15.0141 0x1b98 WudfPf - ok
12:29:15.0146 0x1b98 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:29:15.0153 0x1b98 WUDFRd - ok
12:29:15.0156 0x1b98 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:29:15.0162 0x1b98 wudfsvc - ok
12:29:15.0167 0x1b98 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:29:15.0175 0x1b98 WwanSvc - ok
12:29:15.0176 0x1b98 ================ Scan global ===============================
12:29:15.0178 0x1b98 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:29:15.0182 0x1b98 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:29:15.0189 0x1b98 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:29:15.0193 0x1b98 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:29:15.0199 0x1b98 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:29:15.0203 0x1b98 [ Global ] - ok
12:29:15.0203 0x1b98 ================ Scan MBR ==================================
12:29:15.0204 0x1b98 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:29:15.0225 0x1b98 \Device\Harddisk0\DR0 - ok
12:29:15.0230 0x1b98 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:29:15.0271 0x1b98 \Device\Harddisk1\DR1 - ok
12:29:15.0276 0x1b98 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
12:29:15.0379 0x1b98 \Device\Harddisk2\DR2 - ok
12:29:15.0379 0x1b98 ================ Scan VBR ==================================
12:29:15.0383 0x1b98 [ BE54F67307EB287F1CA1AD3B62A1E2B4 ] \Device\Harddisk0\DR0\Partition1
12:29:15.0384 0x1b98 \Device\Harddisk0\DR0\Partition1 - ok
12:29:15.0389 0x1b98 [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
12:29:15.0389 0x1b98 \Device\Harddisk0\DR0\Partition2 - ok
12:29:15.0395 0x1b98 [ 2335EC4CF42FF034996D32BCEA048B06 ] \Device\Harddisk0\DR0\Partition3
12:29:15.0398 0x1b98 \Device\Harddisk0\DR0\Partition3 - ok
12:29:15.0406 0x1b98 [ 76D5F80B332DCD35FB513C8B2E00512F ] \Device\Harddisk1\DR1\Partition1
12:29:15.0406 0x1b98 \Device\Harddisk1\DR1\Partition1 - ok
12:29:15.0411 0x1b98 [ 9351AF2D8A933D08401FD5615D187251 ] \Device\Harddisk1\DR1\Partition2
12:29:15.0413 0x1b98 \Device\Harddisk1\DR1\Partition2 - ok
12:29:15.0416 0x1b98 [ 45035FF6019F480C176B5BE0A75437EF ] \Device\Harddisk2\DR2\Partition1
12:29:15.0440 0x1b98 \Device\Harddisk2\DR2\Partition1 - ok
12:29:15.0442 0x1b98 [ B36D48C61DDDF93D50E67E37EF02D1CF ] \Device\Harddisk2\DR2\Partition2
12:29:15.0455 0x1b98 \Device\Harddisk2\DR2\Partition2 - ok
12:29:15.0459 0x1b98 [ 701BE379903A9D017FE77328A32A544C ] \Device\Harddisk2\DR2\Partition3
12:29:15.0482 0x1b98 \Device\Harddisk2\DR2\Partition3 - ok
12:29:15.0487 0x1b98 [ ED67C20C6226E7686C0BD4FCE1D66789 ] \Device\Harddisk2\DR2\Partition4
12:29:15.0491 0x1b98 \Device\Harddisk2\DR2\Partition4 - ok
12:29:15.0491 0x1b98 ================ Scan generic autorun ======================
12:29:15.0497 0x1b98 [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
12:29:15.0506 0x1b98 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
12:29:17.0854 0x1b98 Detect skipped due to KSN trusted
12:29:17.0854 0x1b98 IAStorIcon - ok
12:29:17.0978 0x1b98 [ EEF85F53AB2B172D10629CAE1A491EC2, C0787C1F8C193BCC0577F13A503E939056AD41BC4D34BD4B62DADA7F3D0AF429 ] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
12:29:18.0043 0x1b98 ISCT Tray - ok
12:29:18.0131 0x1b98 [ E1026B2975D308D43E896A108C92F1BD, 562903C88BC3CBD86E9A813001C72576181F2470286040240BAC92E5BF1F1583 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:29:18.0214 0x1b98 RTHDVCPL - ok
12:29:18.0225 0x1b98 [ B2B879C0BA746CBB6A97212D8B5908B9, 6B38EB19064746EF42B6DABE754361377D6A460FD8E4C6B619EF4DD659F7357B ] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
12:29:18.0233 0x1b98 ProfilerU - detected UnsignedFile.Multi.Generic ( 1 )
12:29:20.0644 0x1b98 ProfilerU ( UnsignedFile.Multi.Generic ) - warning
12:29:20.0644 0x1b98 Force sending object to P2P due to detect: C:\Program Files\SmartTechnology\Software\ProfilerU.exe
12:29:23.0102 0x1b98 Object send P2P result: true
12:29:25.0506 0x1b98 [ 3371D09E5A75889B1CFAF8C05CAFC3B8, 1CAA518BDFB69062355CD10611076E3DF9196DEB7C49EA11F0F2ADDA3DA1F79F ] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
12:29:25.0526 0x1b98 SaiMfd - detected UnsignedFile.Multi.Generic ( 1 )
12:29:27.0872 0x1b98 SaiMfd ( UnsignedFile.Multi.Generic ) - warning
12:29:30.0253 0x1b98 [ F19BB9A114A0F85E6E8C4395322E7191, FDFAFE5535442031A1102F0AE2B50213BDACA291EF958DE59E9C3CD556BF5DA7 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
12:29:30.0276 0x1b98 USB3MON - ok
12:29:30.0334 0x1b98 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
12:29:30.0380 0x1b98 SDTray - ok
12:29:30.0385 0x1b98 [ 52356BC35A37001C9456757B22260B77, 6EF36E232D2CC6810D23BB926CD0636DD61B792309706812D1635A68DA044AEE ] C:\Program Files\Mad Catz\X-55 Rhino\X55_Rhino_Profiler.exe
12:29:30.0387 0x1b98 X-55 Rhino - detected UnsignedFile.Multi.Generic ( 1 )
12:29:32.0732 0x1b98 X-55 Rhino ( UnsignedFile.Multi.Generic ) - warning
12:29:35.0152 0x1b98 [ 34560253EF56416ED5F9192AA258407E, 1915FED010A852C65A4BF809D9DC8E8C96ECCABFC6707F1EBA946630F4E56CAF ] C:\Program Files (x86)\Trojan Remover\Trjscan.exe
12:29:35.0177 0x1b98 TrojanScanner - ok
12:29:35.0195 0x1b98 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:29:35.0214 0x1b98 Sidebar - ok
12:29:35.0217 0x1b98 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:29:35.0225 0x1b98 mctadmin - ok
12:29:35.0240 0x1b98 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:29:35.0259 0x1b98 Sidebar - ok
12:29:35.0262 0x1b98 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:29:35.0270 0x1b98 mctadmin - ok
12:29:35.0343 0x1b98 [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Stefan\AppData\Roaming\Spotify\Spotify.exe
12:29:35.0417 0x1b98 Spotify - ok
12:29:35.0441 0x1b98 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Stefan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:29:35.0462 0x1b98 Spotify Web Helper - ok
12:29:35.0463 0x1b98 Waiting for KSN requests completion. In queue: 9
12:29:36.0463 0x1b98 Waiting for KSN requests completion. In queue: 9
12:29:37.0463 0x1b98 Waiting for KSN requests completion. In queue: 7
12:29:38.0501 0x1b98 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
12:29:38.0505 0x1b98 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
12:29:40.0863 0x1b98 ============================================================
12:29:40.0863 0x1b98 Scan finished
12:29:40.0863 0x1b98 ============================================================
12:29:40.0878 0x0810 Detected object count: 3
12:29:40.0878 0x0810 Actual detected object count: 3
12:30:14.0691 0x0810 ProfilerU ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:14.0691 0x0810 ProfilerU ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:14.0694 0x0810 SaiMfd ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:14.0694 0x0810 SaiMfd ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:14.0695 0x0810 X-55 Rhino ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:14.0696 0x0810 X-55 Rhino ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:17.0806 0x1530 Deinitialize success
|
|
30.01.2015, 14:30
| #6 |
| /// the machine /// TB-Ausbilder | Tastertur schreibt rückwärts / Desktop spielt verrückt Ist das ein laptop oder ein Desktop PC?
__________________ --> Tastertur schreibt rückwärts / Desktop spielt verrückt |
|
30.01.2015, 18:02
| #7 |
| | Tastertur schreibt rückwärts / Desktop spielt verrückt Hi, ist ein Desktop PC. Haben die drei gefundenen Sachen eine Bedeutung? |
|
31.01.2015, 11:28
| #8 |
| /// the machine /// TB-Ausbilder | Tastertur schreibt rückwärts / Desktop spielt verrückt Nein haben sie nicht. Hast du schon mal ein anderes Keybaord getestet?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.01.2015, 11:51
| #9 |
| | Tastertur schreibt rückwärts / Desktop spielt verrückt Nein, das habe ich noch nicht gemacht... Ich nehme mal an, dass mein System erstmal okay ausschaut!? Sonst wäre doch sicherlich etwas gefunden worden!? |
|
31.01.2015, 15:52
| #10 |
| /// the machine /// TB-Ausbilder | Tastertur schreibt rückwärts / Desktop spielt verrückt genau 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Tastertur schreibt rückwärts / Desktop spielt verrückt |
| andere, browser, desktop, diverse, downloads, folge, folgendes, funktioniert, guten, kaspersky, klicke, klicken, links, neu, neustart, nichts, plötzlich, programm, programme, rechts, spiel, symbol, verrückt, vollständig, zusammen |
Linear-Darstellung
