| |
| |||||||
Log-Analyse und Auswertung: Sprechblase für Windowsupdater(nicht von Microsoft) geht aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.02.2015, 08:27
| #1 |
 |  Sprechblase für Windowsupdater(nicht von Microsoft) geht auf Hallo Forum =) Habe seit einiger Zeit das Problem, dass sich unten rechts ein Fenster für ein angebliches Windowsupdate öffnet. Klicke ich darauf um das Fenster zu schliessen, soll ich iwelchen AGB`s zustimmen und ein Programm runterladen. Dieses Fenster lässt sich auch nur über den Taskmanager schliessen... Ich hoffe mir kann hier jemand weiterhelfen  MfG GGnis Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Adrian (administrator) on ADRIAN-PC on 05-02-2015 07:55:33
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.234\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.18\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.127\deploy\LolClient.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-06] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {b9e95629-6a8c-11e4-96a5-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {e738d354-2979-11e4-b5ff-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {f1df56f7-47c6-11e4-8f77-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [7937840 2015-01-21] (Avira Operations GmbH & Co. KG)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\abs@avira.com [2015-02-03]
FF Extension: Firefox improver - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-01-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [807672 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-03-06] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-21] ()
R2 serversu; C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe [120832 2015-01-28] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-05 07:55 - 2015-02-05 07:55 - 00013701 _____ () C:\Users\Adrian\Downloads\FRST.txt
2015-02-05 07:55 - 2015-02-05 07:55 - 00000000 ____D () C:\FRST
2015-02-05 07:54 - 2015-02-05 07:54 - 02131968 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-02-05 07:53 - 2015-02-05 07:53 - 00000544 _____ () C:\Users\Adrian\Downloads\defogger_disable.log
2015-02-05 07:53 - 2015-02-05 07:53 - 00000168 _____ () C:\Users\Adrian\defogger_reenable
2015-02-05 07:52 - 2015-02-05 07:52 - 00050477 _____ () C:\Users\Adrian\Downloads\Defogger.exe
2015-01-30 02:39 - 2015-01-30 02:39 - 00001222 _____ () C:\DelFix.txt
2015-01-30 02:39 - 2015-01-30 02:39 - 00000000 ____D () C:\Windows\ERUNT
2015-01-30 01:15 - 2015-01-30 01:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 01:15 - 2015-01-30 01:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 01:15 - 2015-01-30 01:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe
2015-01-29 18:33 - 2015-01-29 18:33 - 00001221 _____ () C:\Users\Public\Desktop\Avira System Speedup.lnk
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 __RHD () C:\MSOCache
2015-01-28 15:04 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\Documents\Benutzerdefinierte Office-Vorlagen
2015-01-28 14:58 - 2015-01-28 14:58 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Microsoft Help
2015-01-28 14:51 - 2015-01-28 14:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\MicrosoftFixit.wu.LB.134588027784228.1.1.Run.exe
2015-01-28 14:41 - 2015-01-28 14:50 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\SoftwareUpdater
2015-01-28 14:40 - 2015-01-28 14:40 - 00000000 ____D () C:\ProgramData\737bcb150000081b
2015-01-28 14:38 - 2015-02-02 02:43 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player
2015-01-28 14:38 - 2015-02-02 02:43 - 00000000 ____D () C:\Program Files (x86)\GU Player
2015-01-28 14:38 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Firefox-improver
2015-01-28 14:37 - 2015-01-28 14:37 - 00523856 _____ () C:\Users\Adrian\Downloads\Microsoft%20Word.exe
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-01-28 14:31 - 2015-01-28 15:00 - 00002210 _____ () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ___RD () C:\Users\Adrian\OneDrive
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-28 14:30 - 2015-01-28 18:45 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-28 14:30 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-28 14:29 - 2015-01-28 14:30 - 01064632 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\Setup.X86.de-DE_O365HomePremRetail_c45264ce-a25c-46e7-ab4e-e8f594a0467d_TX_DB_.exe
2015-01-28 14:21 - 2015-01-28 14:21 - 00668376 _____ (Blue Labs, LLC) C:\Users\Adrian\Downloads\FreeEditor.exe
2015-01-28 13:20 - 2015-01-28 13:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-28 02:49 - 2015-01-28 02:49 - 00009094 _____ () C:\Users\Adrian\Documents\a.txt
2015-01-28 02:22 - 2015-01-28 02:41 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-28 02:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-28 02:21 - 2015-01-28 02:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-27 23:41 - 2015-01-27 23:42 - 00014648 _____ () C:\Users\Adrian\Documents\Ereignisse.txt
2015-01-27 23:23 - 2015-01-27 23:23 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1 (1).exe
2015-01-27 23:23 - 2015-01-27 23:23 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 23:22 - 2015-01-27 23:22 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1.exe
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-01-27 05:14 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-26 02:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 02:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 02:15 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 02:15 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 02:15 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 02:15 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 02:15 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-26 02:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-05 07:53 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian
2015-02-05 07:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-05 07:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-05 07:06 - 2011-04-12 08:43 - 00700146 _____ () C:\Windows\system32\perfh007.dat
2015-02-05 07:06 - 2011-04-12 08:43 - 00149784 _____ () C:\Windows\system32\perfc007.dat
2015-02-05 07:06 - 2009-07-14 06:13 - 01622778 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 07:00 - 2014-10-03 13:39 - 00061521 _____ () C:\Windows\setupact.log
2015-02-05 07:00 - 2014-08-15 08:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-05 07:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-05 06:59 - 2014-08-19 19:53 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Battle.net
2015-02-04 19:19 - 2014-08-19 18:57 - 01095753 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 18:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-03 00:44 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2015-01-30 02:31 - 2014-11-10 00:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-29 18:33 - 2014-10-01 18:23 - 00000000 ____D () C:\Users\Adrian\AppData\Local\AviraSpeedup
2015-01-29 18:33 - 2014-10-01 18:21 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2015-01-29 18:33 - 2014-10-01 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-01-29 18:33 - 2014-10-01 18:16 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-29 18:33 - 2014-04-03 06:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-29 12:19 - 2014-10-24 06:49 - 00015250 _____ () C:\Windows\PFRO.log
2015-01-28 14:45 - 2009-07-14 05:45 - 00438272 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-28 14:38 - 2014-08-19 18:59 - 00111400 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 14:30 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian\AppData\Local\VirtualStore
2015-01-28 14:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-28 02:55 - 2014-08-19 19:29 - 00000000 ___RD () C:\Users\Adrian\Desktop\Programme
2015-01-28 02:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-01-26 03:01 - 2014-08-20 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 03:00 - 2014-08-20 23:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2014-08-15 08:24 - 2014-08-15 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 21:02
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by Adrian at 2015-02-05 07:55:51
Running from C:\Users\Adrian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira System Speedup 1.6 (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6 - 2000 - 2014 Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Firefox-improver (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\Firefox-improver) (Version: 2 - Appli LLC)
GU Player (remove only) (HKLM-x32\...\GU Player) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.2.1000 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Software Updater Ltd)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Warcraft 3 (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\Warcraft 3) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
04-02-2015 17:44:42 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {56B11E81-0B0E-477B-B5AF-9EF7E3C27156} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {7B482FF0-9CD7-48FC-ADBE-2D675006F35D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-28] (Microsoft Corporation)
Task: {A3262DA4-E76F-4CD0-ABCE-90AFBBA0BBDD} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-01-21] (Avira Operations GmbH & Co. KG)
Task: {BC6DF72C-1398-4199-91BA-1CC067908112} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
==================== Loaded Modules (whitelisted) ==============
2015-01-28 14:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-21 03:02 - 2014-08-21 03:02 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-01-28 14:41 - 2015-01-28 14:41 - 00120832 _____ () C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe
2014-08-15 08:25 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-06-12 17:11 - 2014-08-19 19:43 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-08-19 19:43 - 2015-02-04 17:56 - 02445816 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.234\deploy\LoLLauncher.exe
2015-02-04 17:56 - 2015-02-04 17:56 - 04234232 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.18\deploy\LoLPatcher.exe
2014-08-19 20:09 - 2014-08-19 20:09 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.127\deploy\LolClient.exe
2015-02-04 17:56 - 2015-02-04 17:56 - 01618424 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.18\deploy\RiotLauncher.dll
2014-08-19 20:09 - 2014-08-19 20:09 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.127\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-01-27 23:23 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3579592859-3594887549-3632172591-500 - Administrator - Disabled)
Adrian (S-1-5-21-3579592859-3594887549-3632172591-1000 - Administrator - Enabled) => C:\Users\Adrian
Gast (S-1-5-21-3579592859-3594887549-3632172591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3579592859-3594887549-3632172591-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2015 07:02:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/05/2015 07:00:49 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/04/2015 10:15:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2015 10:13:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/04/2015 05:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2015 05:40:33 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/02/2015 11:20:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/02/2015 11:19:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/02/2015 04:53:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/02/2015 04:51:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
System errors:
=============
Error: (02/05/2015 07:00:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.02.2015 um 06:58:27 unerwartet heruntergefahren.
Error: (01/29/2015 11:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/28/2015 05:32:01 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (01/28/2015 05:02:58 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Compatibility Verify" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (02/05/2015 07:02:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/05/2015 07:00:49 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/04/2015 10:15:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2015 10:13:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/04/2015 05:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/04/2015 05:40:33 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/02/2015 11:20:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/02/2015 11:19:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
Error: (02/02/2015 04:53:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/02/2015 04:51:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Percentage of memory in use: 28%
Total physical RAM: 8120.02 MB
Available physical RAM: 5795.46 MB
Total Pagefile: 16238.21 MB
Available Pagefile: 13507.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:111.79 GB) (Free:9.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data1) (Fixed) (Total:931.51 GB) (Free:931.31 GB) NTFS
Drive g: () (CDROM) (Total:1.07 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 50489017)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 50489002)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-05 08:24:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000064 Samsung_ rev.EXT0 111,79GB
Running: vpl5fhzr.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\ugliqpod.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000769d1401 2 bytes JMP 767fb21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000769d1419 2 bytes JMP 767fb346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000769d1431 2 bytes JMP 76878ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000769d144a 2 bytes CALL 767d48ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000769d14dd 2 bytes JMP 768787a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000769d14f5 2 bytes JMP 76878978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000769d150d 2 bytes JMP 76878698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000769d1525 2 bytes JMP 76878a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000769d153d 2 bytes JMP 767efca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000769d1555 2 bytes JMP 767f68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000769d156d 2 bytes JMP 76878f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000769d1585 2 bytes JMP 76878ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000769d159d 2 bytes JMP 7687865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000769d15b5 2 bytes JMP 767efd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000769d15cd 2 bytes JMP 767fb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000769d16b2 2 bytes JMP 76878e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000769d16bd 2 bytes JMP 768785f1 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [3832:4416] 000007fefac22bf8
---- Processes - GMER 2.1 ----
Process C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe (*** suspicious ***) @ C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe [2024](2015-01-28 13:41:51) 0000000001300000
---- EOF - GMER 2.1 ----
|
|
05.02.2015, 08:36
| #2 |
| /// the machine /// TB-Ausbilder    | Sprechblase für Windowsupdater(nicht von Microsoft) geht auf hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
05.02.2015, 18:53
| #3 |
| | Sprechblase für Windowsupdater(nicht von Microsoft) geht aufCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.02.05.08
rootkit: v2015.02.03.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Adrian :: ADRIAN-PC [administrator]
05.02.2015 18:24:17
mbar-log-2015-02-05 (18-24-17).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 330854
Time elapsed: 5 minute(s), 49 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 18:32:12.0578 0x1190 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:32:19.0522 0x1190 ============================================================
18:32:19.0522 0x1190 Current date / time: 2015/02/05 18:32:19.0522
18:32:19.0522 0x1190 SystemInfo:
18:32:19.0522 0x1190
18:32:19.0522 0x1190 OS Version: 6.1.7601 ServicePack: 1.0
18:32:19.0522 0x1190 Product type: Workstation
18:32:19.0522 0x1190 ComputerName: ADRIAN-PC
18:32:19.0523 0x1190 UserName: Adrian
18:32:19.0523 0x1190 Windows directory: C:\Windows
18:32:19.0523 0x1190 System windows directory: C:\Windows
18:32:19.0523 0x1190 Running under WOW64
18:32:19.0523 0x1190 Processor architecture: Intel x64
18:32:19.0523 0x1190 Number of processors: 4
18:32:19.0523 0x1190 Page size: 0x1000
18:32:19.0523 0x1190 Boot type: Normal boot
18:32:19.0523 0x1190 ============================================================
18:32:19.0745 0x1190 KLMD registered as C:\Windows\system32\drivers\03075249.sys
18:32:20.0049 0x1190 System UUID: {EA3AF40E-A93A-5705-77FF-56025B71591C}
18:32:20.0873 0x1190 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:20.0874 0x1190 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:20.0877 0x1190 ============================================================
18:32:20.0877 0x1190 \Device\Harddisk0\DR0:
18:32:20.0877 0x1190 MBR partitions:
18:32:20.0877 0x1190 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93BB0
18:32:20.0877 0x1190 \Device\Harddisk1\DR1:
18:32:20.0877 0x1190 MBR partitions:
18:32:20.0877 0x1190 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
18:32:20.0877 0x1190 ============================================================
18:32:20.0878 0x1190 C: <-> \Device\Harddisk0\DR0\Partition1
18:32:20.0905 0x1190 D: <-> \Device\Harddisk1\DR1\Partition1
18:32:20.0905 0x1190 ============================================================
18:32:20.0905 0x1190 Initialize success
18:32:20.0905 0x1190 ============================================================
18:34:15.0712 0x0e34 ============================================================
18:34:15.0712 0x0e34 Scan started
18:34:15.0712 0x0e34 Mode: Manual; SigCheck; TDLFS;
18:34:15.0712 0x0e34 ============================================================
18:34:15.0712 0x0e34 KSN ping started
18:34:29.0529 0x0e34 KSN ping finished: true
18:34:29.0816 0x0e34 ================ Scan system memory ========================
18:34:29.0816 0x0e34 System memory - ok
18:34:29.0817 0x0e34 ================ Scan services =============================
18:34:29.0831 0x0e34 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:34:29.0855 0x0e34 1394ohci - ok
18:34:29.0866 0x0e34 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:34:29.0875 0x0e34 ACPI - ok
18:34:29.0877 0x0e34 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:34:29.0890 0x0e34 AcpiPmi - ok
18:34:29.0899 0x0e34 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:34:29.0910 0x0e34 adp94xx - ok
18:34:29.0918 0x0e34 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:34:29.0927 0x0e34 adpahci - ok
18:34:29.0932 0x0e34 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:34:29.0939 0x0e34 adpu320 - ok
18:34:29.0947 0x0e34 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:34:30.0035 0x0e34 AeLookupSvc - ok
18:34:30.0058 0x0e34 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:34:30.0080 0x0e34 AFD - ok
18:34:30.0084 0x0e34 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:34:30.0090 0x0e34 agp440 - ok
18:34:30.0095 0x0e34 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:34:30.0109 0x0e34 ALG - ok
18:34:30.0111 0x0e34 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:34:30.0117 0x0e34 aliide - ok
18:34:30.0119 0x0e34 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:34:30.0124 0x0e34 amdide - ok
18:34:30.0127 0x0e34 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:34:30.0134 0x0e34 AmdK8 - ok
18:34:30.0137 0x0e34 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:34:30.0143 0x0e34 AmdPPM - ok
18:34:30.0147 0x0e34 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:34:30.0153 0x0e34 amdsata - ok
18:34:30.0158 0x0e34 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:34:30.0165 0x0e34 amdsbs - ok
18:34:30.0167 0x0e34 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:34:30.0172 0x0e34 amdxata - ok
18:34:30.0188 0x0e34 [ D0F2BD42CD3AC015BD93A81638210BC7, 87C4DD26623959A8D7A5F2031D57BCBA68F02EEA2F6D0016D6AD06F4EADC4C7A ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:34:30.0203 0x0e34 AntiVirMailService - ok
18:34:30.0211 0x0e34 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:34:30.0220 0x0e34 AntiVirSchedulerService - ok
18:34:30.0228 0x0e34 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:34:30.0237 0x0e34 AntiVirService - ok
18:34:30.0252 0x0e34 [ 027820FE847A7B4245234A4E6E825BE1, EB5638C22C52D0B07F9782B7660BBA730A10A80DC138B7DAD20F849221DEF80B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:34:30.0268 0x0e34 AntiVirWebService - ok
18:34:30.0271 0x0e34 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
18:34:30.0281 0x0e34 AppID - ok
18:34:30.0283 0x0e34 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:34:30.0289 0x0e34 AppIDSvc - ok
18:34:30.0294 0x0e34 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:34:30.0305 0x0e34 Appinfo - ok
18:34:30.0308 0x0e34 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:34:30.0314 0x0e34 arc - ok
18:34:30.0317 0x0e34 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:34:30.0323 0x0e34 arcsas - ok
18:34:30.0331 0x0e34 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:34:30.0337 0x0e34 aspnet_state - ok
18:34:30.0340 0x0e34 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:34:30.0357 0x0e34 AsyncMac - ok
18:34:30.0360 0x0e34 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:34:30.0365 0x0e34 atapi - ok
18:34:30.0376 0x0e34 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:34:30.0394 0x0e34 AudioEndpointBuilder - ok
18:34:30.0404 0x0e34 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:34:30.0418 0x0e34 AudioSrv - ok
18:34:30.0422 0x0e34 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:34:30.0433 0x0e34 avgntflt - ok
18:34:30.0436 0x0e34 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:34:30.0442 0x0e34 avipbb - ok
18:34:30.0447 0x0e34 [ 523EBA6B6124EC416FF35A37BB47C30A, D2C545BB78E91ECCD3FFACFB524D03DFD5E277871A2500164F3602445A8A86FA ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
18:34:30.0453 0x0e34 Avira.OE.ServiceHost - ok
18:34:30.0455 0x0e34 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:34:30.0460 0x0e34 avkmgr - ok
18:34:30.0463 0x0e34 [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
18:34:30.0468 0x0e34 avnetflt - ok
18:34:30.0475 0x0e34 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:34:30.0489 0x0e34 AxInstSV - ok
18:34:30.0499 0x0e34 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:34:30.0512 0x0e34 b06bdrv - ok
18:34:30.0527 0x0e34 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:34:30.0536 0x0e34 b57nd60a - ok
18:34:30.0542 0x0e34 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:34:30.0552 0x0e34 BDESVC - ok
18:34:30.0554 0x0e34 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:34:30.0571 0x0e34 Beep - ok
18:34:30.0601 0x0e34 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:34:30.0620 0x0e34 BFE - ok
18:34:30.0686 0x0e34 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:34:30.0743 0x0e34 BITS - ok
18:34:30.0747 0x0e34 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:34:30.0753 0x0e34 blbdrive - ok
18:34:30.0760 0x0e34 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:34:30.0769 0x0e34 bowser - ok
18:34:30.0771 0x0e34 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:34:30.0779 0x0e34 BrFiltLo - ok
18:34:30.0781 0x0e34 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:34:30.0789 0x0e34 BrFiltUp - ok
18:34:30.0796 0x0e34 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:34:30.0806 0x0e34 Browser - ok
18:34:30.0812 0x0e34 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:34:30.0823 0x0e34 Brserid - ok
18:34:30.0826 0x0e34 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:34:30.0833 0x0e34 BrSerWdm - ok
18:34:30.0836 0x0e34 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:34:30.0842 0x0e34 BrUsbMdm - ok
18:34:30.0845 0x0e34 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:34:30.0850 0x0e34 BrUsbSer - ok
18:34:30.0853 0x0e34 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:34:30.0861 0x0e34 BTHMODEM - ok
18:34:30.0867 0x0e34 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:34:30.0885 0x0e34 bthserv - ok
18:34:30.0905 0x0e34 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:34:30.0929 0x0e34 c2cautoupdatesvc - ok
18:34:30.0956 0x0e34 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:34:30.0984 0x0e34 c2cpnrsvc - ok
18:34:30.0993 0x0e34 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:34:31.0011 0x0e34 cdfs - ok
18:34:31.0016 0x0e34 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:34:31.0023 0x0e34 cdrom - ok
18:34:31.0029 0x0e34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:34:31.0046 0x0e34 CertPropSvc - ok
18:34:31.0048 0x0e34 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:34:31.0056 0x0e34 circlass - ok
18:34:31.0079 0x0e34 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:34:31.0089 0x0e34 CLFS - ok
18:34:31.0125 0x0e34 [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:34:31.0162 0x0e34 ClickToRunSvc - ok
18:34:31.0169 0x0e34 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:34:31.0175 0x0e34 clr_optimization_v2.0.50727_32 - ok
18:34:31.0179 0x0e34 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:34:31.0185 0x0e34 clr_optimization_v2.0.50727_64 - ok
18:34:31.0194 0x0e34 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:31.0201 0x0e34 clr_optimization_v4.0.30319_32 - ok
18:34:31.0209 0x0e34 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:34:31.0217 0x0e34 clr_optimization_v4.0.30319_64 - ok
18:34:31.0219 0x0e34 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:34:31.0224 0x0e34 CmBatt - ok
18:34:31.0226 0x0e34 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:34:31.0231 0x0e34 cmdide - ok
18:34:31.0250 0x0e34 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
18:34:31.0264 0x0e34 CNG - ok
18:34:31.0266 0x0e34 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:34:31.0271 0x0e34 Compbatt - ok
18:34:31.0273 0x0e34 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:34:31.0281 0x0e34 CompositeBus - ok
18:34:31.0283 0x0e34 COMSysApp - ok
18:34:31.0285 0x0e34 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:34:31.0290 0x0e34 crcdisk - ok
18:34:31.0296 0x0e34 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:34:31.0306 0x0e34 CryptSvc - ok
18:34:31.0334 0x0e34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:34:31.0357 0x0e34 DcomLaunch - ok
18:34:31.0376 0x0e34 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:34:31.0396 0x0e34 defragsvc - ok
18:34:31.0404 0x0e34 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:34:31.0421 0x0e34 DfsC - ok
18:34:31.0438 0x0e34 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:34:31.0452 0x0e34 Dhcp - ok
18:34:31.0456 0x0e34 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:34:31.0474 0x0e34 discache - ok
18:34:31.0477 0x0e34 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:34:31.0483 0x0e34 Disk - ok
18:34:31.0491 0x0e34 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:34:31.0502 0x0e34 Dnscache - ok
18:34:31.0513 0x0e34 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:34:31.0532 0x0e34 dot3svc - ok
18:34:31.0541 0x0e34 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:34:31.0559 0x0e34 DPS - ok
18:34:31.0562 0x0e34 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:34:31.0570 0x0e34 drmkaud - ok
18:34:31.0576 0x0e34 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:34:31.0584 0x0e34 dtsoftbus01 - ok
18:34:31.0616 0x0e34 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:34:31.0633 0x0e34 DXGKrnl - ok
18:34:31.0644 0x0e34 [ A6DB3A7828B456A574243066E2E77D8C, 852F14E5FD77A47BF901E0A27F6D21BD9236275135C33ABB30589D0346341179 ] E100B C:\Windows\system32\DRIVERS\efe5b32e.sys
18:34:31.0652 0x0e34 E100B - ok
18:34:31.0660 0x0e34 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:34:31.0679 0x0e34 EapHost - ok
18:34:31.0723 0x0e34 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:34:31.0771 0x0e34 ebdrv - ok
18:34:31.0778 0x0e34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
18:34:31.0787 0x0e34 EFS - ok
18:34:31.0824 0x0e34 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:34:31.0841 0x0e34 ehRecvr - ok
18:34:31.0845 0x0e34 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:34:31.0852 0x0e34 ehSched - ok
18:34:31.0861 0x0e34 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:34:31.0873 0x0e34 elxstor - ok
18:34:31.0875 0x0e34 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:34:31.0881 0x0e34 ErrDev - ok
18:34:31.0901 0x0e34 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:34:31.0923 0x0e34 EventSystem - ok
18:34:31.0932 0x0e34 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:34:31.0951 0x0e34 exfat - ok
18:34:31.0963 0x0e34 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:34:31.0982 0x0e34 fastfat - ok
18:34:32.0012 0x0e34 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:34:32.0028 0x0e34 Fax - ok
18:34:32.0031 0x0e34 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:34:32.0037 0x0e34 fdc - ok
18:34:32.0041 0x0e34 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:34:32.0058 0x0e34 fdPHost - ok
18:34:32.0063 0x0e34 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:34:32.0081 0x0e34 FDResPub - ok
18:34:32.0087 0x0e34 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:34:32.0093 0x0e34 FileInfo - ok
18:34:32.0095 0x0e34 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:34:32.0112 0x0e34 Filetrace - ok
18:34:32.0115 0x0e34 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:34:32.0120 0x0e34 flpydisk - ok
18:34:32.0137 0x0e34 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:34:32.0145 0x0e34 FltMgr - ok
18:34:32.0179 0x0e34 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:34:32.0205 0x0e34 FontCache - ok
18:34:32.0210 0x0e34 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:34:32.0215 0x0e34 FontCache3.0.0.0 - ok
18:34:32.0219 0x0e34 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:34:32.0225 0x0e34 FsDepends - ok
18:34:32.0228 0x0e34 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:34:32.0233 0x0e34 Fs_Rec - ok
18:34:32.0245 0x0e34 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:34:32.0254 0x0e34 fvevol - ok
18:34:32.0257 0x0e34 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:34:32.0262 0x0e34 gagp30kx - ok
18:34:32.0265 0x0e34 [ F5D15F93007259AFD6FC2DEC420132A1, EB1B5D0478861AC038A7E0CD7317EFA836DDBD66B1419067B5DD75CE924421BA ] GameKB C:\Windows\system32\drivers\GameKB.sys
18:34:32.0271 0x0e34 GameKB - ok
18:34:32.0318 0x0e34 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:34:32.0358 0x0e34 gpsvc - ok
18:34:32.0362 0x0e34 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:34:32.0371 0x0e34 hcw85cir - ok
18:34:32.0394 0x0e34 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:34:32.0405 0x0e34 HdAudAddService - ok
18:34:32.0409 0x0e34 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:34:32.0417 0x0e34 HDAudBus - ok
18:34:32.0419 0x0e34 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:34:32.0425 0x0e34 HidBatt - ok
18:34:32.0428 0x0e34 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:34:32.0436 0x0e34 HidBth - ok
18:34:32.0439 0x0e34 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:34:32.0446 0x0e34 HidIr - ok
18:34:32.0450 0x0e34 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:34:32.0467 0x0e34 hidserv - ok
18:34:32.0470 0x0e34 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:34:32.0477 0x0e34 HidUsb - ok
18:34:32.0484 0x0e34 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:34:32.0501 0x0e34 hkmsvc - ok
18:34:32.0513 0x0e34 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:34:32.0524 0x0e34 HomeGroupListener - ok
18:34:32.0536 0x0e34 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:34:32.0544 0x0e34 HomeGroupProvider - ok
18:34:32.0547 0x0e34 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:34:32.0553 0x0e34 HpSAMD - ok
18:34:32.0588 0x0e34 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:34:32.0614 0x0e34 HTTP - ok
18:34:32.0617 0x0e34 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:34:32.0622 0x0e34 hwpolicy - ok
18:34:32.0625 0x0e34 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:34:32.0632 0x0e34 i8042prt - ok
18:34:32.0642 0x0e34 [ 96FBFC177A603840FFDF059EEB804176, A83FB1DF4B3DF774D44305B6CA566338FD95D937CA53E266A40E2DE19EFC6AB6 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
18:34:32.0655 0x0e34 iaStorA - ok
18:34:32.0659 0x0e34 [ ED45EB18204F5211310E2596B7418BED, 407929394175454DDBE87A34D53EC19E1D56A162BF868A1CF9F2DE776789FBFC ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:34:32.0663 0x0e34 IAStorDataMgrSvc - ok
18:34:32.0665 0x0e34 [ 7B9E39DB30155E0A71B97AAB038E5F24, D56BC1D31A5B9555AA4E7AB2CAC224361F9F74263E2D6969292893184689D430 ] iaStorF C:\Windows\system32\drivers\iaStorF.sys
18:34:32.0670 0x0e34 iaStorF - ok
18:34:32.0678 0x0e34 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:34:32.0688 0x0e34 iaStorV - ok
18:34:32.0701 0x0e34 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:34:32.0717 0x0e34 idsvc - ok
18:34:32.0720 0x0e34 IEEtwCollectorService - ok
18:34:32.0722 0x0e34 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:34:32.0728 0x0e34 iirsp - ok
18:34:32.0777 0x0e34 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:34:32.0794 0x0e34 IKEEXT - ok
18:34:32.0986 0x0e34 [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:34:33.0042 0x0e34 IntcAzAudAddService - ok
18:34:33.0049 0x0e34 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:34:33.0054 0x0e34 intelide - ok
18:34:33.0057 0x0e34 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:34:33.0064 0x0e34 intelppm - ok
18:34:33.0071 0x0e34 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:34:33.0089 0x0e34 IPBusEnum - ok
18:34:33.0096 0x0e34 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:34:33.0103 0x1100 Object required for P2P: [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI
18:34:33.0115 0x0e34 IpFilterDriver - ok
18:34:33.0153 0x0e34 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:34:33.0181 0x0e34 iphlpsvc - ok
18:34:33.0184 0x0e34 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:34:33.0191 0x0e34 IPMIDRV - ok
18:34:33.0198 0x0e34 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:34:33.0216 0x0e34 IPNAT - ok
18:34:33.0219 0x0e34 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:34:33.0227 0x0e34 IRENUM - ok
18:34:33.0229 0x0e34 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:34:33.0234 0x0e34 isapnp - ok
18:34:33.0239 0x0e34 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:34:33.0248 0x0e34 iScsiPrt - ok
18:34:33.0250 0x0e34 [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT C:\Windows\system32\drivers\ISCTD64.sys
18:34:33.0255 0x0e34 ISCT - ok
18:34:33.0257 0x0e34 [ 3AD2F2F5D891FD49F9305D394BCF7A54, 7567F0DF0E527BAC1651A4A39B5252AF2B1F186B5FD4F0122B3B30207972F0E4 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
18:34:33.0262 0x0e34 iusb3hcs - ok
18:34:33.0271 0x0e34 [ F7248248D3F126E07E22193F3E5DDF77, A11FD50CFE329B4AE07387A31581BC01A972917F451C4257CDB45F818074EE9B ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
18:34:33.0280 0x0e34 iusb3hub - ok
18:34:33.0293 0x0e34 [ AF7F994D4E9C37D54E9CDB6880D83205, A74F99786BC302101B4BEDEF543DBE85D75A2B1FEC6B4513626E6B941EF8D6A9 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
18:34:33.0308 0x0e34 iusb3xhc - ok
18:34:33.0311 0x0e34 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:34:33.0317 0x0e34 kbdclass - ok
18:34:33.0319 0x0e34 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:34:33.0324 0x0e34 kbdhid - ok
18:34:33.0328 0x0e34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
18:34:33.0334 0x0e34 KeyIso - ok
18:34:33.0340 0x0e34 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:34:33.0346 0x0e34 KSecDD - ok
18:34:33.0350 0x0e34 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:34:33.0356 0x0e34 KSecPkg - ok
18:34:33.0360 0x0e34 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:34:33.0377 0x0e34 ksthunk - ok
18:34:33.0399 0x0e34 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:34:33.0421 0x0e34 KtmRm - ok
18:34:33.0433 0x0e34 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:34:33.0452 0x0e34 LanmanServer - ok
18:34:33.0459 0x0e34 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:34:33.0477 0x0e34 LanmanWorkstation - ok
18:34:33.0484 0x0e34 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:34:33.0502 0x0e34 lltdio - ok
18:34:33.0524 0x0e34 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:34:33.0545 0x0e34 lltdsvc - ok
18:34:33.0549 0x0e34 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:34:33.0566 0x0e34 lmhosts - ok
18:34:33.0571 0x0e34 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:34:33.0577 0x0e34 LSI_FC - ok
18:34:33.0580 0x0e34 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:34:33.0586 0x0e34 LSI_SAS - ok
18:34:33.0589 0x0e34 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:34:33.0595 0x0e34 LSI_SAS2 - ok
18:34:33.0598 0x0e34 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:34:33.0604 0x0e34 LSI_SCSI - ok
18:34:33.0611 0x0e34 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:34:33.0630 0x0e34 luafv - ok
18:34:33.0636 0x0e34 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:34:33.0643 0x0e34 Mcx2Svc - ok
18:34:33.0646 0x0e34 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:34:33.0651 0x0e34 megasas - ok
18:34:33.0657 0x0e34 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:34:33.0666 0x0e34 MegaSR - ok
18:34:33.0669 0x0e34 [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64 C:\Windows\system32\drivers\TeeDriverx64.sys
18:34:33.0676 0x0e34 MEIx64 - ok
18:34:33.0680 0x0e34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:34:33.0698 0x0e34 MMCSS - ok
18:34:33.0702 0x0e34 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:34:33.0720 0x0e34 Modem - ok
18:34:33.0723 0x0e34 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:34:33.0731 0x0e34 monitor - ok
18:34:33.0733 0x0e34 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:34:33.0738 0x0e34 mouclass - ok
18:34:33.0740 0x0e34 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:34:33.0747 0x0e34 mouhid - ok
18:34:33.0753 0x0e34 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:34:33.0759 0x0e34 mountmgr - ok
18:34:33.0763 0x0e34 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:34:33.0769 0x0e34 MozillaMaintenance - ok
18:34:33.0773 0x0e34 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:34:33.0780 0x0e34 mpio - ok
18:34:33.0787 0x0e34 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:34:33.0804 0x0e34 mpsdrv - ok
18:34:33.0850 0x0e34 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:34:33.0885 0x0e34 MpsSvc - ok
18:34:33.0890 0x0e34 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:34:33.0898 0x0e34 MRxDAV - ok
18:34:33.0916 0x0e34 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:34:33.0925 0x0e34 mrxsmb - ok
18:34:33.0941 0x0e34 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:33.0949 0x0e34 mrxsmb10 - ok
18:34:33.0953 0x0e34 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:33.0960 0x0e34 mrxsmb20 - ok
18:34:33.0962 0x0e34 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:34:33.0967 0x0e34 msahci - ok
18:34:33.0971 0x0e34 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:34:33.0977 0x0e34 msdsm - ok
18:34:33.0985 0x0e34 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:34:33.0993 0x0e34 MSDTC - ok
18:34:33.0997 0x0e34 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:34:34.0014 0x0e34 Msfs - ok
18:34:34.0017 0x0e34 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:34:34.0034 0x0e34 mshidkmdf - ok
18:34:34.0036 0x0e34 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:34:34.0041 0x0e34 msisadrv - ok
18:34:34.0051 0x0e34 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:34:34.0070 0x0e34 MSiSCSI - ok
18:34:34.0072 0x0e34 msiserver - ok
18:34:34.0074 0x0e34 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:34:34.0092 0x0e34 MSKSSRV - ok
18:34:34.0095 0x0e34 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:34:34.0112 0x0e34 MSPCLOCK - ok
18:34:34.0114 0x0e34 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:34:34.0131 0x0e34 MSPQM - ok
18:34:34.0147 0x0e34 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:34:34.0157 0x0e34 MsRPC - ok
18:34:34.0160 0x0e34 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:34:34.0165 0x0e34 mssmbios - ok
18:34:34.0168 0x0e34 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:34:34.0185 0x0e34 MSTEE - ok
18:34:34.0187 0x0e34 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:34:34.0192 0x0e34 MTConfig - ok
18:34:34.0197 0x0e34 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:34:34.0202 0x0e34 Mup - ok
18:34:34.0230 0x0e34 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:34:34.0253 0x0e34 napagent - ok
18:34:34.0272 0x0e34 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:34:34.0284 0x0e34 NativeWifiP - ok
18:34:34.0347 0x0e34 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:34:34.0370 0x0e34 NDIS - ok
18:34:34.0374 0x0e34 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:34:34.0391 0x0e34 NdisCap - ok
18:34:34.0395 0x0e34 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:34:34.0412 0x0e34 NdisTapi - ok
18:34:34.0416 0x0e34 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:34:34.0433 0x0e34 Ndisuio - ok
18:34:34.0442 0x0e34 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:34.0462 0x0e34 NdisWan - ok
18:34:34.0465 0x0e34 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:34:34.0482 0x0e34 NDProxy - ok
18:34:34.0485 0x0e34 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:34:34.0503 0x0e34 NetBIOS - ok
18:34:34.0515 0x0e34 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:34:34.0535 0x0e34 NetBT - ok
18:34:34.0539 0x0e34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
18:34:34.0545 0x0e34 Netlogon - ok
18:34:34.0565 0x0e34 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:34:34.0587 0x0e34 Netman - ok
18:34:34.0596 0x0e34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0603 0x0e34 NetMsmqActivator - ok
18:34:34.0611 0x0e34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0619 0x0e34 NetPipeActivator - ok
18:34:34.0643 0x0e34 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:34:34.0666 0x0e34 netprofm - ok
18:34:34.0675 0x0e34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0682 0x0e34 NetTcpActivator - ok
18:34:34.0691 0x0e34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0698 0x0e34 NetTcpPortSharing - ok
18:34:34.0701 0x0e34 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:34:34.0707 0x0e34 nfrd960 - ok
18:34:34.0713 0x0e34 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:34:34.0723 0x0e34 NlaSvc - ok
18:34:34.0728 0x0e34 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:34:34.0747 0x0e34 Npfs - ok
18:34:34.0750 0x0e34 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:34:34.0768 0x0e34 nsi - ok
18:34:34.0771 0x0e34 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:34:34.0789 0x0e34 nsiproxy - ok
18:34:34.0885 0x0e34 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:34:34.0912 0x0e34 Ntfs - ok
18:34:34.0916 0x0e34 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:34:34.0933 0x0e34 Null - ok
18:34:34.0946 0x0e34 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:34:34.0953 0x0e34 NVHDA - ok
18:34:35.0497 0x0e34 [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:34:35.0670 0x0e34 nvlddmkm - ok
18:34:35.0706 0x0e34 [ D3791C720DDEE697C0933B14DC135D9C, BE10585887F3C48464A856AC3510AF30D14849EEC1556D9E356A506784CB02A5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:34:35.0734 0x0e34 NvNetworkService - ok
18:34:35.0739 0x0e34 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:34:35.0746 0x0e34 nvraid - ok
18:34:35.0750 0x0e34 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:34:35.0757 0x0e34 nvstor - ok
18:34:35.0760 0x0e34 [ 89C5BFA394D65CD305A35D3C4884265E, AA7C2007C7668817408CC56A593700FAA1D618607F71445C2D039A0BE5DE1DD1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:34:35.0765 0x0e34 NvStreamKms - ok
18:34:35.0821 0x0d6c Object required for P2P: [ 975761C778E33CD22498059B91E7373A ] HdAudAddService
18:34:36.0037 0x0e34 [ 5E7DD556394FA56B3C2AAB6B4C624DAC, 11364E6F5B98B21DBAAC3567687C49254CBBDEED666CEF830C4BC7F294FDB245 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:34:36.0040 0x1100 Object send P2P result: true
18:34:36.0299 0x0e34 NvStreamSvc - ok
18:34:36.0332 0x0e34 [ C210DB4776C094D9A7A0EAAE8E45A5DE, AA4E0C011C2D7E27D634A68A9BB5A124D1EC2F43B42B67FB2076781379A00F29 ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
18:34:36.0342 0x0e34 NvStUSB - ok
18:34:36.0382 0x0e34 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:34:36.0399 0x0e34 nvsvc - ok
18:34:36.0403 0x0e34 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:34:36.0408 0x0e34 nvvad_WaveExtensible - ok
18:34:36.0412 0x0e34 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:34:36.0418 0x0e34 nv_agp - ok
18:34:36.0420 0x0e34 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:34:36.0427 0x0e34 ohci1394 - ok
18:34:36.0455 0x0e34 [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:34:36.0483 0x0e34 Origin Client Service - ok
18:34:36.0489 0x0e34 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:36.0496 0x0e34 ose - ok
18:34:36.0563 0x0e34 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:34:36.0634 0x0e34 osppsvc - ok
18:34:36.0657 0x0e34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:34:36.0670 0x0e34 p2pimsvc - ok
18:34:36.0691 0x0e34 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:34:36.0702 0x0e34 p2psvc - ok
18:34:36.0705 0x0e34 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:34:36.0712 0x0e34 Parport - ok
18:34:36.0719 0x0e34 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:34:36.0724 0x0e34 partmgr - ok
18:34:36.0730 0x0e34 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:34:36.0739 0x0e34 PcaSvc - ok
18:34:36.0743 0x0e34 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:34:36.0751 0x0e34 pci - ok
18:34:36.0753 0x0e34 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:34:36.0758 0x0e34 pciide - ok
18:34:36.0763 0x0e34 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:34:36.0770 0x0e34 pcmcia - ok
18:34:36.0775 0x0e34 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:34:36.0780 0x0e34 pcw - ok
18:34:36.0793 0x0e34 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:34:36.0806 0x0e34 PEAUTH - ok
18:34:36.0816 0x0e34 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:34:36.0822 0x0e34 PerfHost - ok
18:34:36.0914 0x0e34 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:34:36.0953 0x0e34 pla - ok
18:34:36.0975 0x0e34 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:34:36.0989 0x0e34 PlugPlay - ok
18:34:36.0993 0x0e34 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
18:34:36.0999 0x0e34 PnkBstrA - ok
18:34:37.0003 0x0e34 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:34:37.0008 0x0e34 PNRPAutoReg - ok
18:34:37.0027 0x0e34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:34:37.0036 0x0e34 PNRPsvc - ok
18:34:37.0062 0x0e34 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:34:37.0085 0x0e34 PolicyAgent - ok
18:34:37.0095 0x0e34 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:34:37.0116 0x0e34 Power - ok
18:34:37.0123 0x0e34 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:34:37.0140 0x0e34 PptpMiniport - ok
18:34:37.0143 0x0e34 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:34:37.0150 0x0e34 Processor - ok
18:34:37.0154 0x0e34 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:34:37.0164 0x0e34 ProfSvc - ok
18:34:37.0168 0x0e34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:34:37.0173 0x0e34 ProtectedStorage - ok
18:34:37.0182 0x0e34 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:34:37.0200 0x0e34 Psched - ok
18:34:37.0223 0x0e34 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:34:37.0249 0x0e34 ql2300 - ok
18:34:37.0254 0x0e34 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:34:37.0261 0x0e34 ql40xx - ok
18:34:37.0274 0x0e34 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:34:37.0286 0x0e34 QWAVE - ok
18:34:37.0291 0x0e34 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:34:37.0300 0x0e34 QWAVEdrv - ok
18:34:37.0302 0x0e34 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:34:37.0319 0x0e34 RasAcd - ok
18:34:37.0323 0x0e34 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:34:37.0340 0x0e34 RasAgileVpn - ok
18:34:37.0347 0x0e34 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:34:37.0366 0x0e34 RasAuto - ok
18:34:37.0373 0x0e34 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:34:37.0391 0x0e34 Rasl2tp - ok
18:34:37.0415 0x0e34 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:34:37.0437 0x0e34 RasMan - ok
18:34:37.0442 0x0e34 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:37.0460 0x0e34 RasPppoe - ok
18:34:37.0466 0x0e34 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:34:37.0484 0x0e34 RasSstp - ok
18:34:37.0501 0x0e34 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:34:37.0521 0x0e34 rdbss - ok
18:34:37.0523 0x0e34 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:34:37.0530 0x0e34 rdpbus - ok
18:34:37.0533 0x0e34 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:37.0550 0x0e34 RDPCDD - ok
18:34:37.0553 0x0e34 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:34:37.0570 0x0e34 RDPENCDD - ok
18:34:37.0573 0x0e34 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:34:37.0590 0x0e34 RDPREFMP - ok
18:34:37.0594 0x0e34 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:34:37.0601 0x0e34 RdpVideoMiniport - ok
18:34:37.0606 0x0e34 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:34:37.0616 0x0e34 RDPWD - ok
18:34:37.0631 0x0e34 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:34:37.0638 0x0e34 rdyboost - ok
18:34:37.0645 0x0e34 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:34:37.0664 0x0e34 RemoteAccess - ok
18:34:37.0673 0x0e34 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:34:37.0692 0x0e34 RemoteRegistry - ok
18:34:37.0697 0x0e34 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:34:37.0716 0x0e34 RpcEptMapper - ok
18:34:37.0719 0x0e34 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:34:37.0725 0x0e34 RpcLocator - ok
18:34:37.0751 0x0e34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:34:37.0773 0x0e34 RpcSs - ok
18:34:37.0780 0x0e34 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:34:37.0798 0x0e34 rspndr - ok
18:34:37.0814 0x0e34 [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:34:37.0830 0x0e34 RTL8167 - ok
18:34:37.0848 0x0e34 [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
18:34:37.0864 0x0e34 RTL8192cu - ok
18:34:37.0869 0x0e34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
18:34:37.0874 0x0e34 SamSs - ok
18:34:37.0878 0x0e34 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:34:37.0884 0x0e34 sbp2port - ok
18:34:37.0896 0x0e34 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:34:37.0915 0x0e34 SCardSvr - ok
18:34:37.0918 0x0e34 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:34:37.0935 0x0e34 scfilter - ok
18:34:38.0011 0x0e34 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:34:38.0052 0x0e34 Schedule - ok
18:34:38.0059 0x0e34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:34:38.0077 0x0e34 SCPolicySvc - ok
18:34:38.0088 0x0e34 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:34:38.0098 0x0e34 SDRSVC - ok
18:34:38.0102 0x0e34 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:34:38.0120 0x0e34 secdrv - ok
18:34:38.0125 0x0e34 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:34:38.0143 0x0e34 seclogon - ok
18:34:38.0148 0x0e34 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:34:38.0166 0x0e34 SENS - ok
18:34:38.0170 0x0e34 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:34:38.0178 0x0e34 SensrSvc - ok
18:34:38.0181 0x0e34 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:34:38.0186 0x0e34 Serenum - ok
18:34:38.0189 0x0e34 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:34:38.0196 0x0e34 Serial - ok
18:34:38.0198 0x0e34 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:34:38.0204 0x0e34 sermouse - ok
18:34:38.0208 0x0e34 [ 5F9D855554A29427B2C2F594D4594B8C, 7FC769E154F0038830E1625529065587C1D7CFE9858E02B496B15D8E6EA35C85 ] serversu C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe
18:34:38.0212 0x0e34 serversu - detected UnsignedFile.Multi.Generic ( 1 )
18:34:38.0579 0x0d6c Object send P2P result: true
18:34:40.0945 0x0e34 serversu ( UnsignedFile.Multi.Generic ) - warning
18:34:43.0636 0x0e34 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:34:43.0676 0x0e34 SessionEnv - ok
18:34:43.0679 0x0e34 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:34:43.0685 0x0e34 sffdisk - ok
18:34:43.0687 0x0e34 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:34:43.0694 0x0e34 sffp_mmc - ok
18:34:43.0696 0x0e34 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:34:43.0703 0x0e34 sffp_sd - ok
18:34:43.0705 0x0e34 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:34:43.0711 0x0e34 sfloppy - ok
18:34:43.0733 0x0e34 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:34:43.0755 0x0e34 SharedAccess - ok
18:34:43.0776 0x0e34 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:34:43.0798 0x0e34 ShellHWDetection - ok
18:34:43.0800 0x0e34 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:34:43.0806 0x0e34 SiSRaid2 - ok
18:34:43.0808 0x0e34 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:34:43.0814 0x0e34 SiSRaid4 - ok
18:34:43.0821 0x0e34 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:34:43.0830 0x0e34 SkypeUpdate - ok
18:34:43.0838 0x0e34 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:34:43.0856 0x0e34 Smb - ok
18:34:43.0860 0x0e34 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:34:43.0867 0x0e34 SNMPTRAP - ok
18:34:43.0870 0x0e34 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:34:43.0875 0x0e34 spldr - ok
18:34:43.0902 0x0e34 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:34:43.0916 0x0e34 Spooler - ok
18:34:44.0097 0x0e34 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:34:44.0159 0x0e34 sppsvc - ok
18:34:44.0168 0x0e34 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:34:44.0187 0x0e34 sppuinotify - ok
18:34:44.0215 0x0e34 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:34:44.0229 0x0e34 srv - ok
18:34:44.0247 0x0e34 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:34:44.0258 0x0e34 srv2 - ok
18:34:44.0265 0x0e34 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:34:44.0273 0x0e34 srvnet - ok
18:34:44.0283 0x0e34 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:34:44.0304 0x0e34 SSDPSRV - ok
18:34:44.0311 0x0e34 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:34:44.0330 0x0e34 SstpSvc - ok
18:34:44.0343 0x0e34 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:34:44.0357 0x0e34 Steam Client Service - ok
18:34:44.0376 0x0e34 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:34:44.0386 0x0e34 Stereo Service - ok
18:34:44.0388 0x0e34 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:34:44.0394 0x0e34 stexstor - ok
18:34:44.0425 0x0e34 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:34:44.0441 0x0e34 stisvc - ok
18:34:44.0444 0x0e34 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:34:44.0449 0x0e34 swenum - ok
18:34:44.0468 0x0e34 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:34:44.0492 0x0e34 swprv - ok
18:34:44.0591 0x0e34 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:34:44.0627 0x0e34 SysMain - ok
18:34:44.0635 0x0e34 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:34:44.0644 0x0e34 TabletInputService - ok
18:34:44.0659 0x0e34 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:34:44.0680 0x0e34 TapiSrv - ok
18:34:44.0686 0x0e34 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:34:44.0704 0x0e34 TBS - ok
18:34:44.0835 0x0e34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:34:44.0869 0x0e34 Tcpip - ok
18:34:44.0996 0x0e34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:34:45.0025 0x0e34 TCPIP6 - ok
18:34:45.0032 0x0e34 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:34:45.0038 0x0e34 tcpipreg - ok
18:34:45.0041 0x0e34 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:34:45.0048 0x0e34 TDPIPE - ok
18:34:45.0051 0x0e34 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:34:45.0056 0x0e34 TDTCP - ok
18:34:45.0064 0x0e34 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:34:45.0082 0x0e34 tdx - ok
18:34:45.0084 0x0e34 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:34:45.0090 0x0e34 TermDD - ok
18:34:45.0092 0x0e34 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
18:34:45.0099 0x0e34 terminpt - ok
18:34:45.0112 0x0e34 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:34:45.0129 0x0e34 TermService - ok
18:34:45.0133 0x0e34 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:34:45.0142 0x0e34 Themes - ok
18:34:45.0147 0x0e34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:34:45.0165 0x0e34 THREADORDER - ok
18:34:45.0171 0x0e34 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:34:45.0190 0x0e34 TrkWks - ok
18:34:45.0196 0x0e34 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:34:45.0214 0x0e34 TrustedInstaller - ok
18:34:45.0217 0x0e34 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:45.0223 0x0e34 tssecsrv - ok
18:34:45.0230 0x0e34 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:34:45.0238 0x0e34 TsUsbFlt - ok
18:34:45.0241 0x0e34 [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:34:45.0247 0x0e34 TsUsbGD - ok
18:34:45.0254 0x0e34 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:34:45.0272 0x0e34 tunnel - ok
18:34:45.0275 0x0e34 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:34:45.0281 0x0e34 uagp35 - ok
18:34:45.0301 0x0e34 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:34:45.0321 0x0e34 udfs - ok
18:34:45.0329 0x0e34 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:34:45.0336 0x0e34 UI0Detect - ok
18:34:45.0338 0x0e34 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:34:45.0344 0x0e34 uliagpkx - ok
18:34:45.0346 0x0e34 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:34:45.0352 0x0e34 umbus - ok
18:34:45.0354 0x0e34 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:34:45.0360 0x0e34 UmPass - ok
18:34:45.0390 0x0e34 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:34:45.0411 0x0e34 upnphost - ok
18:34:45.0414 0x0e34 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:45.0423 0x0e34 usbccgp - ok
18:34:45.0427 0x0e34 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:34:45.0434 0x0e34 usbcir - ok
18:34:45.0437 0x0e34 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:34:45.0443 0x0e34 usbehci - ok
18:34:45.0450 0x0e34 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\drivers\usbhub.sys
18:34:45.0459 0x0e34 usbhub - ok
18:34:45.0462 0x0e34 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:34:45.0467 0x0e34 usbohci - ok
18:34:45.0469 0x0e34 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:34:45.0476 0x0e34 usbprint - ok
18:34:45.0479 0x0e34 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:45.0488 0x0e34 USBSTOR - ok
18:34:45.0490 0x0e34 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:34:45.0495 0x0e34 usbuhci - ok
18:34:45.0499 0x0e34 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:34:45.0517 0x0e34 UxSms - ok
18:34:45.0521 0x0e34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
18:34:45.0527 0x0e34 VaultSvc - ok
18:34:45.0529 0x0e34 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:34:45.0534 0x0e34 vdrvroot - ok
18:34:45.0563 0x0e34 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:34:45.0615 0x0e34 vds - ok
18:34:45.0621 0x0e34 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:45.0631 0x0e34 vga - ok
18:34:45.0635 0x0e34 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:34:45.0653 0x0e34 VgaSave - ok
18:34:45.0658 0x0e34 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:34:45.0666 0x0e34 vhdmp - ok
18:34:45.0668 0x0e34 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:34:45.0673 0x0e34 viaide - ok
18:34:45.0676 0x0e34 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:34:45.0681 0x0e34 volmgr - ok
18:34:45.0701 0x0e34 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:34:45.0711 0x0e34 volmgrx - ok
18:34:45.0717 0x0e34 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:34:45.0725 0x0e34 volsnap - ok
18:34:45.0729 0x0e34 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:34:45.0736 0x0e34 vsmraid - ok
18:34:45.0840 0x0e34 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:34:45.0885 0x0e34 VSS - ok
18:34:45.0890 0x0e34 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:34:45.0898 0x0e34 vwifibus - ok
18:34:45.0902 0x0e34 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:34:45.0911 0x0e34 vwififlt - ok
18:34:45.0928 0x0e34 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:34:45.0950 0x0e34 W32Time - ok
18:34:45.0953 0x0e34 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:34:45.0959 0x0e34 WacomPen - ok
18:34:45.0966 0x0e34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:34:45.0984 0x0e34 WANARP - ok
18:34:45.0989 0x0e34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:34:46.0007 0x0e34 Wanarpv6 - ok
18:34:46.0087 0x0e34 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:34:46.0119 0x0e34 wbengine - ok
18:34:46.0130 0x0e34 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:34:46.0141 0x0e34 WbioSrvc - ok
18:34:46.0157 0x0e34 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:34:46.0171 0x0e34 wcncsvc - ok
18:34:46.0176 0x0e34 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:34:46.0185 0x0e34 WcsPlugInService - ok
18:34:46.0187 0x0e34 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:34:46.0192 0x0e34 Wd - ok
18:34:46.0252 0x0e34 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:34:46.0281 0x0e34 Wdf01000 - ok
18:34:46.0289 0x0e34 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:34:46.0329 0x0e34 WdiServiceHost - ok
18:34:46.0334 0x0e34 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:34:46.0344 0x0e34 WdiSystemHost - ok
18:34:46.0357 0x0e34 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:34:46.0369 0x0e34 WebClient - ok
18:34:46.0382 0x0e34 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:34:46.0404 0x0e34 Wecsvc - ok
18:34:46.0410 0x0e34 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:34:46.0430 0x0e34 wercplsupport - ok
18:34:46.0436 0x0e34 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:34:46.0454 0x0e34 WerSvc - ok
18:34:46.0457 0x0e34 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:34:46.0475 0x0e34 WfpLwf - ok
18:34:46.0478 0x0e34 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:34:46.0483 0x0e34 WIMMount - ok
18:34:46.0484 0x0e34 WinDefend - ok
18:34:46.0487 0x0e34 WinHttpAutoProxySvc - ok
18:34:46.0500 0x0e34 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:34:46.0520 0x0e34 Winmgmt - ok
18:34:46.0637 0x0e34 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
18:34:46.0683 0x0e34 WinRM - ok
18:34:46.0689 0x0e34 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:34:46.0696 0x0e34 WinUsb - ok
18:34:46.0731 0x0e34 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:34:46.0751 0x0e34 Wlansvc - ok
18:34:46.0755 0x0e34 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:34:46.0760 0x0e34 WmiAcpi - ok
18:34:46.0771 0x0e34 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:34:46.0779 0x0e34 wmiApSrv - ok
18:34:46.0781 0x0e34 WMPNetworkSvc - ok
18:34:46.0783 0x0e34 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:34:46.0791 0x0e34 WPCSvc - ok
18:34:46.0798 0x0e34 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:34:46.0810 0x0e34 WPDBusEnum - ok
18:34:46.0814 0x0e34 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:34:46.0831 0x0e34 ws2ifsl - ok
18:34:46.0838 0x0e34 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:34:46.0848 0x0e34 wscsvc - ok
18:34:46.0849 0x0e34 WSearch - ok
18:34:46.0884 0x0e34 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:34:46.0922 0x0e34 wuauserv - ok
18:34:46.0930 0x0e34 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:34:46.0938 0x0e34 WudfPf - ok
18:34:46.0950 0x0e34 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:34:46.0958 0x0e34 WUDFRd - ok
18:34:46.0964 0x0e34 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:34:46.0971 0x0e34 wudfsvc - ok
18:34:46.0982 0x0e34 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:34:46.0993 0x0e34 WwanSvc - ok
18:34:46.0996 0x0e34 ================ Scan global ===============================
18:34:47.0000 0x0e34 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:34:47.0011 0x0e34 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:34:47.0024 0x0e34 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:34:47.0030 0x0e34 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:34:47.0047 0x0e34 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:34:47.0051 0x0e34 [ Global ] - ok
18:34:47.0051 0x0e34 ================ Scan MBR ==================================
18:34:47.0052 0x0e34 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:34:47.0083 0x0e34 \Device\Harddisk0\DR0 - ok
18:34:47.0084 0x0e34 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:34:47.0116 0x0e34 \Device\Harddisk1\DR1 - ok
18:34:47.0116 0x0e34 ================ Scan VBR ==================================
18:34:47.0117 0x0e34 [ 2585DC6C759B9B96F209E52FAB334A31 ] \Device\Harddisk0\DR0\Partition1
18:34:47.0118 0x0e34 \Device\Harddisk0\DR0\Partition1 - ok
18:34:47.0119 0x0e34 [ 879D84E81C2D29159C3750996CDB6DF3 ] \Device\Harddisk1\DR1\Partition1
18:34:47.0176 0x0e34 \Device\Harddisk1\DR1\Partition1 - ok
18:34:47.0177 0x0e34 ================ Scan generic autorun ======================
18:34:47.0445 0x0e34 [ 2C1AF8733700FF54C48187797809DC35, AB8BD1BFAF4AB981EB98DDAF357EA77DFC1F434DD7DBDB5DB46649A794F8A309 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:34:47.0545 0x0e34 RTHDVCPL - ok
18:34:47.0555 0x0e34 [ ABB77FA17794F584967E364A09AF207F, D80A455AAB523481950508927E24FCCB7AEBE3976B64AA932FABEC93077F0FB6 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:34:47.0558 0x0e34 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
18:34:50.0219 0x0e34 Detect skipped due to KSN trusted
18:34:50.0219 0x0e34 IAStorIcon - ok
18:34:50.0288 0x0e34 [ 51F760F54E2CBDE649B342DA35B713D2, EDE61A7F2D5C015404264521FD0578B18B079844B5BEC093D421E44BD87AB28E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:34:50.0325 0x0e34 NvBackend - ok
18:34:50.0331 0x0e34 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:34:50.0338 0x0e34 ShadowPlay - ok
18:34:50.0367 0x0e34 [ 2EA91CA041F7A50D3C1BCFF9A9B6E103, EF00E0102E2CA8AFC1D2B3F4CA4B8A126B9DD413E9B0B7B100F9FDF291544FD6 ] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
18:34:50.0392 0x0e34 GamingKeyboard - detected UnsignedFile.Multi.Generic ( 1 )
18:34:53.0136 0x0e34 GamingKeyboard ( UnsignedFile.Multi.Generic ) - warning
18:34:53.0136 0x0e34 Force sending object to P2P due to detect: C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
18:34:56.0085 0x0e34 Object send P2P result: true
18:34:58.0819 0x0e34 [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:34:58.0843 0x0e34 avgnt - ok
18:34:58.0848 0x0e34 [ 22283306E9A33D4EB10F8B6C7499C30E, F527A3ED9816EE5C5A191A26A7D29A2CAFAB7DA3BAA3295FE0E8A2D44F0F5F45 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
18:34:58.0856 0x0e34 Avira Systray - ok
18:34:58.0932 0x0e34 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:34:58.0960 0x0e34 Sidebar - ok
18:34:58.0966 0x0e34 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:34:58.0976 0x0e34 mctadmin - ok
18:34:59.0051 0x0e34 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:34:59.0078 0x0e34 Sidebar - ok
18:34:59.0084 0x0e34 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:34:59.0093 0x0e34 mctadmin - ok
18:34:59.0093 0x0e34 Waiting for KSN requests completion. In queue: 141
18:35:00.0093 0x0e34 Waiting for KSN requests completion. In queue: 141
18:35:01.0101 0x0e34 Waiting for KSN requests completion. In queue: 141
18:35:02.0146 0x0e34 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
18:35:02.0177 0x0e34 Win FW state via NFP2: enabled
18:35:04.0907 0x0e34 ============================================================
18:35:04.0907 0x0e34 Scan finished
18:35:04.0907 0x0e34 ============================================================
18:35:04.0907 0x13ec Detected object count: 2
18:35:04.0907 0x13ec Actual detected object count: 2
18:40:21.0026 0x13ec serversu ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:21.0026 0x13ec serversu ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:40:21.0026 0x13ec GamingKeyboard ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:21.0026 0x13ec GamingKeyboard ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:52:15.0429 0x1354 Deinitialize success
|
|
06.02.2015, 07:48
| #4 | |
| /// the machine /// TB-Ausbilder | Sprechblase für Windowsupdater(nicht von Microsoft) geht aufZitat:
Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.02.2015, 16:50
| #5 |
| | Sprechblase für Windowsupdater(nicht von Microsoft) geht aufCode:
ATTFilter 16:41:50.0928 0x0c40 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:41:54.0735 0x0c40 ============================================================
16:41:54.0735 0x0c40 Current date / time: 2015/02/06 16:41:54.0735
16:41:54.0735 0x0c40 SystemInfo:
16:41:54.0735 0x0c40
16:41:54.0735 0x0c40 OS Version: 6.1.7601 ServicePack: 1.0
16:41:54.0735 0x0c40 Product type: Workstation
16:41:54.0735 0x0c40 ComputerName: ADRIAN-PC
16:41:54.0735 0x0c40 UserName: Adrian
16:41:54.0735 0x0c40 Windows directory: C:\Windows
16:41:54.0735 0x0c40 System windows directory: C:\Windows
16:41:54.0735 0x0c40 Running under WOW64
16:41:54.0735 0x0c40 Processor architecture: Intel x64
16:41:54.0735 0x0c40 Number of processors: 4
16:41:54.0735 0x0c40 Page size: 0x1000
16:41:54.0735 0x0c40 Boot type: Normal boot
16:41:54.0735 0x0c40 ============================================================
16:41:54.0969 0x0c40 KLMD registered as C:\Windows\system32\drivers\39809809.sys
16:41:55.0062 0x0c40 System UUID: {EA3AF40E-A93A-5705-77FF-56025B71591C}
16:41:55.0281 0x0c40 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:55.0281 0x0c40 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:55.0281 0x0c40 ============================================================
16:41:55.0281 0x0c40 \Device\Harddisk0\DR0:
16:41:55.0281 0x0c40 MBR partitions:
16:41:55.0281 0x0c40 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93BB0
16:41:55.0281 0x0c40 \Device\Harddisk1\DR1:
16:41:55.0281 0x0c40 MBR partitions:
16:41:55.0281 0x0c40 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:41:55.0281 0x0c40 ============================================================
16:41:55.0281 0x0c40 C: <-> \Device\Harddisk0\DR0\Partition1
16:41:55.0281 0x0c40 D: <-> \Device\Harddisk1\DR1\Partition1
16:41:55.0281 0x0c40 ============================================================
16:41:55.0281 0x0c40 Initialize success
16:41:55.0281 0x0c40 ============================================================
16:42:28.0618 0x10f4 ============================================================
16:42:28.0618 0x10f4 Scan started
16:42:28.0618 0x10f4 Mode: Manual;
16:42:28.0618 0x10f4 ============================================================
16:42:28.0618 0x10f4 KSN ping started
16:42:42.0424 0x10f4 KSN ping finished: true
16:42:42.0549 0x10f4 ================ Scan system memory ========================
16:42:42.0549 0x10f4 System memory - ok
16:42:42.0549 0x10f4 ================ Scan services =============================
16:42:42.0564 0x10f4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:42:42.0564 0x10f4 1394ohci - ok
16:42:42.0580 0x10f4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:42:42.0580 0x10f4 ACPI - ok
16:42:42.0580 0x10f4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:42:42.0580 0x10f4 AcpiPmi - ok
16:42:42.0596 0x10f4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:42:42.0596 0x10f4 adp94xx - ok
16:42:42.0611 0x10f4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:42:42.0611 0x10f4 adpahci - ok
16:42:42.0611 0x10f4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:42:42.0611 0x10f4 adpu320 - ok
16:42:42.0627 0x10f4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:42:42.0627 0x10f4 AeLookupSvc - ok
16:42:42.0642 0x10f4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:42:42.0642 0x10f4 AFD - ok
16:42:42.0642 0x10f4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:42:42.0642 0x10f4 agp440 - ok
16:42:42.0658 0x10f4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:42:42.0658 0x10f4 ALG - ok
16:42:42.0658 0x10f4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:42:42.0658 0x10f4 aliide - ok
16:42:42.0658 0x10f4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:42:42.0658 0x10f4 amdide - ok
16:42:42.0658 0x10f4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:42:42.0658 0x10f4 AmdK8 - ok
16:42:42.0658 0x10f4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:42:42.0658 0x10f4 AmdPPM - ok
16:42:42.0674 0x10f4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:42:42.0674 0x10f4 amdsata - ok
16:42:42.0674 0x10f4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:42:42.0674 0x10f4 amdsbs - ok
16:42:42.0674 0x10f4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:42:42.0674 0x10f4 amdxata - ok
16:42:42.0689 0x10f4 [ D0F2BD42CD3AC015BD93A81638210BC7, 87C4DD26623959A8D7A5F2031D57BCBA68F02EEA2F6D0016D6AD06F4EADC4C7A ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:42:42.0705 0x10f4 AntiVirMailService - ok
16:42:42.0705 0x10f4 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:42:42.0720 0x10f4 AntiVirSchedulerService - ok
16:42:42.0720 0x10f4 [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:42:42.0720 0x10f4 AntiVirService - ok
16:42:42.0736 0x10f4 [ 027820FE847A7B4245234A4E6E825BE1, EB5638C22C52D0B07F9782B7660BBA730A10A80DC138B7DAD20F849221DEF80B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:42:42.0752 0x10f4 AntiVirWebService - ok
16:42:42.0752 0x10f4 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
16:42:42.0752 0x10f4 AppID - ok
16:42:42.0752 0x10f4 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:42:42.0752 0x10f4 AppIDSvc - ok
16:42:42.0767 0x10f4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:42:42.0767 0x10f4 Appinfo - ok
16:42:42.0767 0x10f4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:42:42.0767 0x10f4 arc - ok
16:42:42.0767 0x10f4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:42:42.0767 0x10f4 arcsas - ok
16:42:42.0783 0x10f4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:42:42.0783 0x10f4 aspnet_state - ok
16:42:42.0783 0x10f4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:42.0783 0x10f4 AsyncMac - ok
16:42:42.0783 0x10f4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:42:42.0783 0x10f4 atapi - ok
16:42:42.0798 0x10f4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:42.0798 0x10f4 AudioEndpointBuilder - ok
16:42:42.0814 0x10f4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:42:42.0814 0x10f4 AudioSrv - ok
16:42:42.0830 0x10f4 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:42:42.0830 0x10f4 avgntflt - ok
16:42:42.0830 0x10f4 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:42:42.0830 0x10f4 avipbb - ok
16:42:42.0830 0x10f4 [ 523EBA6B6124EC416FF35A37BB47C30A, D2C545BB78E91ECCD3FFACFB524D03DFD5E277871A2500164F3602445A8A86FA ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
16:42:42.0830 0x10f4 Avira.OE.ServiceHost - ok
16:42:42.0845 0x10f4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:42:42.0845 0x10f4 avkmgr - ok
16:42:42.0845 0x10f4 [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
16:42:42.0845 0x10f4 avnetflt - ok
16:42:42.0845 0x10f4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:42:42.0845 0x10f4 AxInstSV - ok
16:42:42.0861 0x10f4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:42:42.0861 0x10f4 b06bdrv - ok
16:42:42.0876 0x10f4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:42:42.0876 0x10f4 b57nd60a - ok
16:42:42.0892 0x10f4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:42:42.0892 0x10f4 BDESVC - ok
16:42:42.0892 0x10f4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:42:42.0892 0x10f4 Beep - ok
16:42:42.0923 0x10f4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:42:42.0923 0x10f4 BFE - ok
16:42:42.0970 0x10f4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:42:43.0001 0x10f4 BITS - ok
16:42:43.0001 0x10f4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:42:43.0001 0x10f4 blbdrive - ok
16:42:43.0001 0x10f4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:42:43.0017 0x10f4 bowser - ok
16:42:43.0017 0x10f4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:42:43.0017 0x10f4 BrFiltLo - ok
16:42:43.0017 0x10f4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:42:43.0017 0x10f4 BrFiltUp - ok
16:42:43.0017 0x10f4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:42:43.0017 0x10f4 Browser - ok
16:42:43.0032 0x10f4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:42:43.0032 0x10f4 Brserid - ok
16:42:43.0032 0x10f4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:43.0032 0x10f4 BrSerWdm - ok
16:42:43.0048 0x10f4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:43.0048 0x10f4 BrUsbMdm - ok
16:42:43.0048 0x10f4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:43.0048 0x10f4 BrUsbSer - ok
16:42:43.0048 0x10f4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:42:43.0048 0x10f4 BTHMODEM - ok
16:42:43.0048 0x10f4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:42:43.0064 0x10f4 bthserv - ok
16:42:43.0079 0x10f4 [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
16:42:43.0095 0x10f4 c2cautoupdatesvc - ok
16:42:43.0126 0x10f4 [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
16:42:43.0142 0x10f4 c2cpnrsvc - ok
16:42:43.0142 0x10f4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:42:43.0142 0x10f4 cdfs - ok
16:42:43.0157 0x10f4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:42:43.0157 0x10f4 cdrom - ok
16:42:43.0157 0x10f4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:42:43.0157 0x10f4 CertPropSvc - ok
16:42:43.0157 0x10f4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:42:43.0157 0x10f4 circlass - ok
16:42:43.0188 0x10f4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:42:43.0188 0x10f4 CLFS - ok
16:42:43.0220 0x10f4 [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:42:43.0251 0x10f4 ClickToRunSvc - ok
16:42:43.0251 0x10f4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:43.0251 0x10f4 clr_optimization_v2.0.50727_32 - ok
16:42:43.0266 0x10f4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:42:43.0266 0x10f4 clr_optimization_v2.0.50727_64 - ok
16:42:43.0266 0x10f4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:42:43.0266 0x10f4 clr_optimization_v4.0.30319_32 - ok
16:42:43.0282 0x10f4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:42:43.0282 0x10f4 clr_optimization_v4.0.30319_64 - ok
16:42:43.0282 0x10f4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:42:43.0282 0x10f4 CmBatt - ok
16:42:43.0282 0x10f4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:42:43.0282 0x10f4 cmdide - ok
16:42:43.0298 0x10f4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:42:43.0313 0x10f4 CNG - ok
16:42:43.0313 0x10f4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:42:43.0313 0x10f4 Compbatt - ok
16:42:43.0313 0x10f4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:42:43.0313 0x10f4 CompositeBus - ok
16:42:43.0313 0x10f4 COMSysApp - ok
16:42:43.0313 0x10f4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:42:43.0313 0x10f4 crcdisk - ok
16:42:43.0329 0x10f4 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:42:43.0329 0x10f4 CryptSvc - ok
16:42:43.0360 0x10f4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:42:43.0360 0x10f4 DcomLaunch - ok
16:42:43.0376 0x10f4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:42:43.0376 0x10f4 defragsvc - ok
16:42:43.0391 0x10f4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:42:43.0391 0x10f4 DfsC - ok
16:42:43.0407 0x10f4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:42:43.0407 0x10f4 Dhcp - ok
16:42:43.0422 0x10f4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:42:43.0422 0x10f4 discache - ok
16:42:43.0422 0x10f4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:42:43.0422 0x10f4 Disk - ok
16:42:43.0422 0x10f4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:42:43.0422 0x10f4 Dnscache - ok
16:42:43.0438 0x10f4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:42:43.0438 0x10f4 dot3svc - ok
16:42:43.0454 0x10f4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:42:43.0454 0x10f4 DPS - ok
16:42:43.0454 0x10f4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:42:43.0454 0x10f4 drmkaud - ok
16:42:43.0469 0x10f4 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:42:43.0469 0x10f4 dtsoftbus01 - ok
16:42:43.0500 0x10f4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:42:43.0500 0x10f4 DXGKrnl - ok
16:42:43.0516 0x10f4 [ A6DB3A7828B456A574243066E2E77D8C, 852F14E5FD77A47BF901E0A27F6D21BD9236275135C33ABB30589D0346341179 ] E100B C:\Windows\system32\DRIVERS\efe5b32e.sys
16:42:43.0516 0x10f4 E100B - ok
16:42:43.0532 0x10f4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:42:43.0532 0x10f4 EapHost - ok
16:42:43.0578 0x10f4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:42:43.0610 0x10f4 ebdrv - ok
16:42:43.0610 0x10f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:42:43.0610 0x10f4 EFS - ok
16:42:43.0656 0x10f4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:42:43.0656 0x10f4 ehRecvr - ok
16:42:43.0656 0x10f4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:42:43.0656 0x10f4 ehSched - ok
16:42:43.0672 0x10f4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:42:43.0672 0x10f4 elxstor - ok
16:42:43.0672 0x10f4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:42:43.0672 0x10f4 ErrDev - ok
16:42:43.0703 0x10f4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:42:43.0703 0x10f4 EventSystem - ok
16:42:43.0719 0x10f4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:42:43.0719 0x10f4 exfat - ok
16:42:43.0719 0x10f4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:42:43.0734 0x10f4 fastfat - ok
16:42:43.0750 0x10f4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:42:43.0766 0x10f4 Fax - ok
16:42:43.0766 0x10f4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:42:43.0766 0x10f4 fdc - ok
16:42:43.0766 0x10f4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:42:43.0766 0x10f4 fdPHost - ok
16:42:43.0781 0x10f4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:42:43.0781 0x10f4 FDResPub - ok
16:42:43.0781 0x10f4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:42:43.0781 0x10f4 FileInfo - ok
16:42:43.0781 0x10f4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:42:43.0781 0x10f4 Filetrace - ok
16:42:43.0781 0x10f4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:42:43.0781 0x10f4 flpydisk - ok
16:42:43.0797 0x10f4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:42:43.0812 0x10f4 FltMgr - ok
16:42:43.0844 0x10f4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:42:43.0859 0x10f4 FontCache - ok
16:42:43.0859 0x10f4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:42:43.0859 0x10f4 FontCache3.0.0.0 - ok
16:42:43.0859 0x10f4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:42:43.0859 0x10f4 FsDepends - ok
16:42:43.0859 0x10f4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:42:43.0859 0x10f4 Fs_Rec - ok
16:42:43.0875 0x10f4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:42:43.0875 0x10f4 fvevol - ok
16:42:43.0875 0x10f4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:42:43.0875 0x10f4 gagp30kx - ok
16:42:43.0890 0x10f4 [ F5D15F93007259AFD6FC2DEC420132A1, EB1B5D0478861AC038A7E0CD7317EFA836DDBD66B1419067B5DD75CE924421BA ] GameKB C:\Windows\system32\drivers\GameKB.sys
16:42:43.0890 0x10f4 GameKB - ok
16:42:43.0922 0x10f4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:42:43.0922 0x10f4 gpsvc - ok
16:42:43.0937 0x10f4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:42:43.0937 0x10f4 hcw85cir - ok
16:42:43.0953 0x10f4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:43.0953 0x10f4 HdAudAddService - ok
16:42:43.0953 0x10f4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:42:43.0953 0x10f4 HDAudBus - ok
16:42:43.0968 0x10f4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:42:43.0968 0x10f4 HidBatt - ok
16:42:43.0968 0x10f4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:42:43.0968 0x10f4 HidBth - ok
16:42:43.0968 0x10f4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:42:43.0968 0x10f4 HidIr - ok
16:42:43.0968 0x10f4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:42:43.0968 0x10f4 hidserv - ok
16:42:43.0968 0x10f4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:42:43.0984 0x10f4 HidUsb - ok
16:42:43.0984 0x10f4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:42:43.0984 0x10f4 hkmsvc - ok
16:42:44.0000 0x10f4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:44.0000 0x10f4 HomeGroupListener - ok
16:42:44.0015 0x10f4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:44.0015 0x10f4 HomeGroupProvider - ok
16:42:44.0015 0x10f4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:42:44.0015 0x10f4 HpSAMD - ok
16:42:44.0046 0x10f4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:42:44.0062 0x10f4 HTTP - ok
16:42:44.0062 0x10f4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:42:44.0062 0x10f4 hwpolicy - ok
16:42:44.0062 0x10f4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:42:44.0062 0x10f4 i8042prt - ok
16:42:44.0078 0x10f4 [ 96FBFC177A603840FFDF059EEB804176, A83FB1DF4B3DF774D44305B6CA566338FD95D937CA53E266A40E2DE19EFC6AB6 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
16:42:44.0078 0x10f4 iaStorA - ok
16:42:44.0078 0x10f4 [ ED45EB18204F5211310E2596B7418BED, 407929394175454DDBE87A34D53EC19E1D56A162BF868A1CF9F2DE776789FBFC ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:42:44.0078 0x10f4 IAStorDataMgrSvc - ok
16:42:44.0093 0x10f4 [ 7B9E39DB30155E0A71B97AAB038E5F24, D56BC1D31A5B9555AA4E7AB2CAC224361F9F74263E2D6969292893184689D430 ] iaStorF C:\Windows\system32\drivers\iaStorF.sys
16:42:44.0093 0x10f4 iaStorF - ok
16:42:44.0093 0x10f4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:42:44.0093 0x10f4 iaStorV - ok
16:42:44.0109 0x10f4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:42:44.0124 0x10f4 idsvc - ok
16:42:44.0124 0x10f4 IEEtwCollectorService - ok
16:42:44.0124 0x10f4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:42:44.0124 0x10f4 iirsp - ok
16:42:44.0202 0x10f4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:42:44.0218 0x10f4 IKEEXT - ok
16:42:44.0405 0x10f4 [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:42:44.0452 0x10f4 IntcAzAudAddService - ok
16:42:44.0468 0x10f4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:42:44.0468 0x10f4 intelide - ok
16:42:44.0468 0x10f4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:42:44.0468 0x10f4 intelppm - ok
16:42:44.0468 0x10f4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:42:44.0468 0x10f4 IPBusEnum - ok
16:42:44.0483 0x10f4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:44.0483 0x10f4 IpFilterDriver - ok
16:42:44.0514 0x10f4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:42:44.0514 0x10f4 iphlpsvc - ok
16:42:44.0514 0x10f4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:42:44.0514 0x10f4 IPMIDRV - ok
16:42:44.0530 0x10f4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:42:44.0530 0x10f4 IPNAT - ok
16:42:44.0530 0x10f4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:42:44.0530 0x10f4 IRENUM - ok
16:42:44.0530 0x10f4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:42:44.0530 0x10f4 isapnp - ok
16:42:44.0546 0x10f4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:42:44.0546 0x10f4 iScsiPrt - ok
16:42:44.0546 0x10f4 [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT C:\Windows\system32\drivers\ISCTD64.sys
16:42:44.0546 0x10f4 ISCT - ok
16:42:44.0546 0x10f4 [ 3AD2F2F5D891FD49F9305D394BCF7A54, 7567F0DF0E527BAC1651A4A39B5252AF2B1F186B5FD4F0122B3B30207972F0E4 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
16:42:44.0546 0x10f4 iusb3hcs - ok
16:42:44.0561 0x10f4 [ F7248248D3F126E07E22193F3E5DDF77, A11FD50CFE329B4AE07387A31581BC01A972917F451C4257CDB45F818074EE9B ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
16:42:44.0561 0x10f4 iusb3hub - ok
16:42:44.0577 0x10f4 [ AF7F994D4E9C37D54E9CDB6880D83205, A74F99786BC302101B4BEDEF543DBE85D75A2B1FEC6B4513626E6B941EF8D6A9 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
16:42:44.0577 0x10f4 iusb3xhc - ok
16:42:44.0577 0x10f4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:42:44.0577 0x10f4 kbdclass - ok
16:42:44.0592 0x10f4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:42:44.0592 0x10f4 kbdhid - ok
16:42:44.0592 0x10f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:42:44.0592 0x10f4 KeyIso - ok
16:42:44.0592 0x10f4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:42:44.0592 0x10f4 KSecDD - ok
16:42:44.0608 0x10f4 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:42:44.0608 0x10f4 KSecPkg - ok
16:42:44.0608 0x10f4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:42:44.0608 0x10f4 ksthunk - ok
16:42:44.0624 0x10f4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:42:44.0639 0x10f4 KtmRm - ok
16:42:44.0639 0x10f4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:42:44.0639 0x10f4 LanmanServer - ok
16:42:44.0655 0x10f4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:44.0655 0x10f4 LanmanWorkstation - ok
16:42:44.0655 0x10f4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:42:44.0655 0x10f4 lltdio - ok
16:42:44.0686 0x10f4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:42:44.0686 0x10f4 lltdsvc - ok
16:42:44.0686 0x10f4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:42:44.0686 0x10f4 lmhosts - ok
16:42:44.0686 0x10f4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:42:44.0702 0x10f4 LSI_FC - ok
16:42:44.0702 0x10f4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:42:44.0702 0x10f4 LSI_SAS - ok
16:42:44.0702 0x10f4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:42:44.0702 0x10f4 LSI_SAS2 - ok
16:42:44.0702 0x10f4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:42:44.0702 0x10f4 LSI_SCSI - ok
16:42:44.0717 0x10f4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:42:44.0717 0x10f4 luafv - ok
16:42:44.0717 0x10f4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:42:44.0717 0x10f4 Mcx2Svc - ok
16:42:44.0717 0x10f4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:42:44.0717 0x10f4 megasas - ok
16:42:44.0733 0x10f4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:42:44.0733 0x10f4 MegaSR - ok
16:42:44.0733 0x10f4 [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64 C:\Windows\system32\drivers\TeeDriverx64.sys
16:42:44.0733 0x10f4 MEIx64 - ok
16:42:44.0748 0x10f4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:42:44.0748 0x10f4 MMCSS - ok
16:42:44.0748 0x10f4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:42:44.0748 0x10f4 Modem - ok
16:42:44.0748 0x10f4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:42:44.0748 0x10f4 monitor - ok
16:42:44.0748 0x10f4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:42:44.0748 0x10f4 mouclass - ok
16:42:44.0748 0x10f4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:42:44.0748 0x10f4 mouhid - ok
16:42:44.0764 0x10f4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:42:44.0764 0x10f4 mountmgr - ok
16:42:44.0764 0x10f4 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:42:44.0764 0x10f4 MozillaMaintenance - ok
16:42:44.0780 0x10f4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:42:44.0780 0x10f4 mpio - ok
16:42:44.0780 0x10f4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:42:44.0780 0x10f4 mpsdrv - ok
16:42:44.0826 0x10f4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:42:44.0842 0x10f4 MpsSvc - ok
16:42:44.0842 0x10f4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:42:44.0842 0x10f4 MRxDAV - ok
16:42:44.0858 0x10f4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:44.0858 0x10f4 mrxsmb - ok
16:42:44.0873 0x10f4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:42:44.0873 0x10f4 mrxsmb10 - ok
16:42:44.0873 0x10f4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:44.0873 0x10f4 mrxsmb20 - ok
16:42:44.0873 0x10f4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:42:44.0889 0x10f4 msahci - ok
16:42:44.0889 0x10f4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:42:44.0889 0x10f4 msdsm - ok
16:42:44.0889 0x10f4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:42:44.0889 0x10f4 MSDTC - ok
16:42:44.0904 0x10f4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:42:44.0904 0x10f4 Msfs - ok
16:42:44.0904 0x10f4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:42:44.0904 0x10f4 mshidkmdf - ok
16:42:44.0904 0x10f4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:42:44.0904 0x10f4 msisadrv - ok
16:42:44.0920 0x10f4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:42:44.0920 0x10f4 MSiSCSI - ok
16:42:44.0920 0x10f4 msiserver - ok
16:42:44.0920 0x10f4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:42:44.0920 0x10f4 MSKSSRV - ok
16:42:44.0920 0x10f4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:42:44.0920 0x10f4 MSPCLOCK - ok
16:42:44.0920 0x10f4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:42:44.0936 0x10f4 MSPQM - ok
16:42:44.0951 0x10f4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:42:44.0951 0x10f4 MsRPC - ok
16:42:44.0951 0x10f4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:42:44.0951 0x10f4 mssmbios - ok
16:42:44.0951 0x10f4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:42:44.0951 0x10f4 MSTEE - ok
16:42:44.0951 0x10f4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:42:44.0951 0x10f4 MTConfig - ok
16:42:44.0967 0x10f4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:42:44.0967 0x10f4 Mup - ok
16:42:44.0982 0x10f4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:42:44.0998 0x10f4 napagent - ok
16:42:45.0014 0x10f4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:42:45.0014 0x10f4 NativeWifiP - ok
16:42:45.0060 0x10f4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:42:45.0060 0x10f4 NDIS - ok
16:42:45.0060 0x10f4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:42:45.0060 0x10f4 NdisCap - ok
16:42:45.0076 0x10f4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:45.0076 0x10f4 NdisTapi - ok
16:42:45.0076 0x10f4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:42:45.0076 0x10f4 Ndisuio - ok
16:42:45.0076 0x10f4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:45.0092 0x10f4 NdisWan - ok
16:42:45.0092 0x10f4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:42:45.0092 0x10f4 NDProxy - ok
16:42:45.0092 0x10f4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:42:45.0092 0x10f4 NetBIOS - ok
16:42:45.0107 0x10f4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:42:45.0107 0x10f4 NetBT - ok
16:42:45.0107 0x10f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:42:45.0107 0x10f4 Netlogon - ok
16:42:45.0123 0x10f4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:42:45.0138 0x10f4 Netman - ok
16:42:45.0138 0x10f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0138 0x10f4 NetMsmqActivator - ok
16:42:45.0154 0x10f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0154 0x10f4 NetPipeActivator - ok
16:42:45.0185 0x10f4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:42:45.0185 0x10f4 netprofm - ok
16:42:45.0185 0x10f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0201 0x10f4 NetTcpActivator - ok
16:42:45.0201 0x10f4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0201 0x10f4 NetTcpPortSharing - ok
16:42:45.0201 0x10f4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:42:45.0201 0x10f4 nfrd960 - ok
16:42:45.0216 0x10f4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:42:45.0216 0x10f4 NlaSvc - ok
16:42:45.0216 0x10f4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:42:45.0216 0x10f4 Npfs - ok
16:42:45.0232 0x10f4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:42:45.0232 0x10f4 nsi - ok
16:42:45.0232 0x10f4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:42:45.0232 0x10f4 nsiproxy - ok
16:42:45.0326 0x10f4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:42:45.0357 0x10f4 Ntfs - ok
16:42:45.0357 0x10f4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:42:45.0357 0x10f4 Null - ok
16:42:45.0372 0x10f4 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:42:45.0372 0x10f4 NVHDA - ok
16:42:45.0918 0x10f4 [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:42:45.0996 0x11d8 Object required for P2P: [ DE3E38431B00C2EA247C53675DCF01A0 ] AudioEndpointBuilder
16:42:46.0043 0x10f4 nvlddmkm - ok
16:42:46.0090 0x10f4 [ D3791C720DDEE697C0933B14DC135D9C, BE10585887F3C48464A856AC3510AF30D14849EEC1556D9E356A506784CB02A5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:42:46.0106 0x10f4 NvNetworkService - ok
16:42:46.0106 0x10f4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:42:46.0106 0x10f4 nvraid - ok
16:42:46.0106 0x10f4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:42:46.0106 0x10f4 nvstor - ok
16:42:46.0121 0x10f4 [ 89C5BFA394D65CD305A35D3C4884265E, AA7C2007C7668817408CC56A593700FAA1D618607F71445C2D039A0BE5DE1DD1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:42:46.0121 0x10f4 NvStreamKms - ok
16:42:46.0355 0x10f4 [ 5E7DD556394FA56B3C2AAB6B4C624DAC, 11364E6F5B98B21DBAAC3567687C49254CBBDEED666CEF830C4BC7F294FDB245 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:42:46.0542 0x10f4 NvStreamSvc - ok
16:42:46.0574 0x10f4 [ C210DB4776C094D9A7A0EAAE8E45A5DE, AA4E0C011C2D7E27D634A68A9BB5A124D1EC2F43B42B67FB2076781379A00F29 ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
16:42:46.0574 0x10f4 NvStUSB - ok
16:42:46.0620 0x10f4 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:42:46.0620 0x10f4 nvsvc - ok
16:42:46.0620 0x10f4 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:42:46.0620 0x10f4 nvvad_WaveExtensible - ok
16:42:46.0636 0x10f4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:42:46.0636 0x10f4 nv_agp - ok
16:42:46.0636 0x10f4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:42:46.0636 0x10f4 ohci1394 - ok
16:42:46.0667 0x10f4 [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:42:46.0683 0x10f4 Origin Client Service - ok
16:42:46.0683 0x10f4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:42:46.0683 0x10f4 ose - ok
16:42:46.0761 0x10f4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:42:46.0808 0x10f4 osppsvc - ok
16:42:46.0839 0x10f4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:42:46.0839 0x10f4 p2pimsvc - ok
16:42:46.0854 0x10f4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:42:46.0854 0x10f4 p2psvc - ok
16:42:46.0870 0x10f4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:42:46.0870 0x10f4 Parport - ok
16:42:46.0870 0x10f4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:42:46.0870 0x10f4 partmgr - ok
16:42:46.0886 0x10f4 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:42:46.0886 0x10f4 PcaSvc - ok
16:42:46.0886 0x10f4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:42:46.0886 0x10f4 pci - ok
16:42:46.0886 0x10f4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:42:46.0886 0x10f4 pciide - ok
16:42:46.0886 0x10f4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:42:46.0901 0x10f4 pcmcia - ok
16:42:46.0901 0x10f4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:42:46.0901 0x10f4 pcw - ok
16:42:46.0917 0x10f4 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:42:46.0917 0x10f4 PEAUTH - ok
16:42:46.0932 0x10f4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:42:46.0932 0x10f4 PerfHost - ok
16:42:47.0010 0x10f4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:42:47.0026 0x10f4 pla - ok
16:42:47.0057 0x10f4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:42:47.0057 0x10f4 PlugPlay - ok
16:42:47.0057 0x10f4 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
16:42:47.0057 0x10f4 PnkBstrA - ok
16:42:47.0057 0x10f4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:42:47.0073 0x10f4 PNRPAutoReg - ok
16:42:47.0088 0x10f4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:42:47.0088 0x10f4 PNRPsvc - ok
16:42:47.0120 0x10f4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:42:47.0120 0x10f4 PolicyAgent - ok
16:42:47.0135 0x10f4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:42:47.0135 0x10f4 Power - ok
16:42:47.0135 0x10f4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:42:47.0135 0x10f4 PptpMiniport - ok
16:42:47.0135 0x10f4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:42:47.0135 0x10f4 Processor - ok
16:42:47.0151 0x10f4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:42:47.0151 0x10f4 ProfSvc - ok
16:42:47.0151 0x10f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:42:47.0151 0x10f4 ProtectedStorage - ok
16:42:47.0166 0x10f4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:42:47.0166 0x10f4 Psched - ok
16:42:47.0182 0x10f4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:42:47.0198 0x10f4 ql2300 - ok
16:42:47.0198 0x10f4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:42:47.0213 0x10f4 ql40xx - ok
16:42:47.0213 0x10f4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:42:47.0229 0x10f4 QWAVE - ok
16:42:47.0229 0x10f4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:42:47.0229 0x10f4 QWAVEdrv - ok
16:42:47.0229 0x10f4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:42:47.0229 0x10f4 RasAcd - ok
16:42:47.0229 0x10f4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:42:47.0229 0x10f4 RasAgileVpn - ok
16:42:47.0244 0x10f4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:42:47.0244 0x10f4 RasAuto - ok
16:42:47.0244 0x10f4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:42:47.0244 0x10f4 Rasl2tp - ok
16:42:47.0276 0x10f4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:42:47.0276 0x10f4 RasMan - ok
16:42:47.0276 0x10f4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:42:47.0291 0x10f4 RasPppoe - ok
16:42:47.0291 0x10f4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:42:47.0291 0x10f4 RasSstp - ok
16:42:47.0307 0x10f4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:42:47.0307 0x10f4 rdbss - ok
16:42:47.0307 0x10f4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:42:47.0307 0x10f4 rdpbus - ok
16:42:47.0307 0x10f4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:42:47.0307 0x10f4 RDPCDD - ok
16:42:47.0322 0x10f4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:42:47.0322 0x10f4 RDPENCDD - ok
16:42:47.0322 0x10f4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:42:47.0322 0x10f4 RDPREFMP - ok
16:42:47.0322 0x10f4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:42:47.0322 0x10f4 RdpVideoMiniport - ok
16:42:47.0322 0x10f4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:42:47.0322 0x10f4 RDPWD - ok
16:42:47.0338 0x10f4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:42:47.0354 0x10f4 rdyboost - ok
16:42:47.0354 0x10f4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:42:47.0354 0x10f4 RemoteAccess - ok
16:42:47.0369 0x10f4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:42:47.0369 0x10f4 RemoteRegistry - ok
16:42:47.0369 0x10f4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:42:47.0369 0x10f4 RpcEptMapper - ok
16:42:47.0369 0x10f4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:42:47.0385 0x10f4 RpcLocator - ok
16:42:47.0400 0x10f4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:42:47.0416 0x10f4 RpcSs - ok
16:42:47.0416 0x10f4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:42:47.0416 0x10f4 rspndr - ok
16:42:47.0432 0x10f4 [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:42:47.0447 0x10f4 RTL8167 - ok
16:42:47.0463 0x10f4 [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
16:42:47.0463 0x10f4 RTL8192cu - ok
16:42:47.0463 0x10f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:42:47.0463 0x10f4 SamSs - ok
16:42:47.0478 0x10f4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:42:47.0478 0x10f4 sbp2port - ok
16:42:47.0478 0x10f4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:42:47.0494 0x10f4 SCardSvr - ok
16:42:47.0494 0x10f4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:42:47.0494 0x10f4 scfilter - ok
16:42:47.0525 0x073c Object required for P2P: [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV
16:42:47.0541 0x10f4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:42:47.0556 0x10f4 Schedule - ok
16:42:47.0556 0x10f4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:42:47.0556 0x10f4 SCPolicySvc - ok
16:42:47.0572 0x10f4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:42:47.0572 0x10f4 SDRSVC - ok
16:42:47.0572 0x10f4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:42:47.0572 0x10f4 secdrv - ok
16:42:47.0588 0x10f4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:42:47.0588 0x10f4 seclogon - ok
16:42:47.0588 0x10f4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:42:47.0588 0x10f4 SENS - ok
16:42:47.0588 0x10f4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:42:47.0588 0x10f4 SensrSvc - ok
16:42:47.0588 0x10f4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:42:47.0588 0x10f4 Serenum - ok
16:42:47.0603 0x10f4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
16:42:47.0603 0x10f4 Serial - ok
16:42:47.0603 0x10f4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:42:47.0603 0x10f4 sermouse - ok
16:42:47.0603 0x10f4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:42:47.0603 0x10f4 SessionEnv - ok
16:42:47.0619 0x10f4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:42:47.0619 0x10f4 sffdisk - ok
16:42:47.0619 0x10f4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:42:47.0619 0x10f4 sffp_mmc - ok
16:42:47.0619 0x10f4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:42:47.0619 0x10f4 sffp_sd - ok
16:42:47.0619 0x10f4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:42:47.0619 0x10f4 sfloppy - ok
16:42:47.0634 0x10f4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:42:47.0650 0x10f4 SharedAccess - ok
16:42:47.0666 0x10f4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:42:47.0666 0x10f4 ShellHWDetection - ok
16:42:47.0666 0x10f4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:42:47.0666 0x10f4 SiSRaid2 - ok
16:42:47.0681 0x10f4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:42:47.0681 0x10f4 SiSRaid4 - ok
16:42:47.0681 0x10f4 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:42:47.0681 0x10f4 SkypeUpdate - ok
16:42:47.0697 0x10f4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:42:47.0697 0x10f4 Smb - ok
16:42:47.0697 0x10f4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:42:47.0697 0x10f4 SNMPTRAP - ok
16:42:47.0697 0x10f4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:42:47.0697 0x10f4 spldr - ok
16:42:47.0728 0x10f4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:42:47.0744 0x10f4 Spooler - ok
16:42:47.0931 0x10f4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:42:47.0962 0x10f4 sppsvc - ok
16:42:47.0978 0x10f4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:42:47.0978 0x10f4 sppuinotify - ok
16:42:48.0024 0x10f4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:42:48.0040 0x10f4 srv - ok
16:42:48.0056 0x10f4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:42:48.0056 0x10f4 srv2 - ok
16:42:48.0071 0x10f4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:42:48.0071 0x10f4 srvnet - ok
16:42:48.0087 0x10f4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:42:48.0087 0x10f4 SSDPSRV - ok
16:42:48.0087 0x10f4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:42:48.0087 0x10f4 SstpSvc - ok
16:42:48.0102 0x10f4 [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:42:48.0118 0x10f4 Steam Client Service - ok
16:42:48.0134 0x10f4 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:42:48.0134 0x10f4 Stereo Service - ok
16:42:48.0134 0x10f4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:42:48.0134 0x10f4 stexstor - ok
16:42:48.0165 0x10f4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:42:48.0180 0x10f4 stisvc - ok
16:42:48.0180 0x10f4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:42:48.0180 0x10f4 swenum - ok
16:42:48.0196 0x10f4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:42:48.0212 0x10f4 swprv - ok
16:42:48.0305 0x10f4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:42:48.0321 0x10f4 SysMain - ok
16:42:48.0336 0x10f4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:42:48.0336 0x10f4 TabletInputService - ok
16:42:48.0352 0x10f4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:42:48.0352 0x10f4 TapiSrv - ok
16:42:48.0368 0x10f4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:42:48.0368 0x10f4 TBS - ok
16:42:48.0492 0x10f4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:42:48.0524 0x10f4 Tcpip - ok
16:42:48.0648 0x10f4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:42:48.0680 0x10f4 TCPIP6 - ok
16:42:48.0680 0x10f4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:42:48.0680 0x10f4 tcpipreg - ok
16:42:48.0695 0x10f4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:42:48.0695 0x10f4 TDPIPE - ok
16:42:48.0695 0x10f4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:42:48.0695 0x10f4 TDTCP - ok
16:42:48.0695 0x10f4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:42:48.0695 0x10f4 tdx - ok
16:42:48.0711 0x10f4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:42:48.0711 0x10f4 TermDD - ok
16:42:48.0711 0x10f4 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
16:42:48.0711 0x10f4 terminpt - ok
16:42:48.0711 0x10f4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:42:48.0726 0x10f4 TermService - ok
16:42:48.0726 0x10f4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:42:48.0726 0x10f4 Themes - ok
16:42:48.0742 0x10f4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:42:48.0742 0x10f4 THREADORDER - ok
16:42:48.0742 0x10f4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:42:48.0742 0x10f4 TrkWks - ok
16:42:48.0742 0x10f4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:42:48.0758 0x10f4 TrustedInstaller - ok
16:42:48.0758 0x10f4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:42:48.0758 0x10f4 tssecsrv - ok
16:42:48.0758 0x10f4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:42:48.0758 0x10f4 TsUsbFlt - ok
16:42:48.0758 0x10f4 [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:42:48.0758 0x10f4 TsUsbGD - ok
16:42:48.0773 0x10f4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:42:48.0773 0x10f4 tunnel - ok
16:42:48.0773 0x10f4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:42:48.0773 0x10f4 uagp35 - ok
16:42:48.0789 0x10f4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:42:48.0804 0x10f4 udfs - ok
16:42:48.0804 0x10f4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:42:48.0804 0x10f4 UI0Detect - ok
16:42:48.0804 0x10f4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:42:48.0804 0x10f4 uliagpkx - ok
16:42:48.0804 0x10f4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:42:48.0820 0x10f4 umbus - ok
16:42:48.0820 0x10f4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:42:48.0820 0x10f4 UmPass - ok
16:42:48.0836 0x10f4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:42:48.0836 0x10f4 upnphost - ok
16:42:48.0836 0x10f4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:42:48.0836 0x10f4 usbccgp - ok
16:42:48.0836 0x10f4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:42:48.0851 0x10f4 usbcir - ok
16:42:48.0851 0x10f4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:42:48.0851 0x10f4 usbehci - ok
16:42:48.0851 0x10f4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\drivers\usbhub.sys
16:42:48.0851 0x10f4 usbhub - ok
16:42:48.0851 0x10f4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:42:48.0867 0x10f4 usbohci - ok
16:42:48.0867 0x10f4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:42:48.0867 0x10f4 usbprint - ok
16:42:48.0867 0x10f4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:42:48.0867 0x10f4 USBSTOR - ok
16:42:48.0867 0x10f4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:42:48.0867 0x10f4 usbuhci - ok
16:42:48.0867 0x10f4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:42:48.0867 0x10f4 UxSms - ok
16:42:48.0882 0x10f4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:42:48.0882 0x10f4 VaultSvc - ok
16:42:48.0882 0x10f4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:42:48.0882 0x10f4 vdrvroot - ok
16:42:48.0898 0x10f4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:42:48.0914 0x10f4 vds - ok
16:42:48.0914 0x10f4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:42:48.0914 0x10f4 vga - ok
16:42:48.0914 0x10f4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:42:48.0914 0x10f4 VgaSave - ok
16:42:48.0929 0x10f4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:42:48.0929 0x10f4 vhdmp - ok
16:42:48.0929 0x10f4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:42:48.0929 0x10f4 viaide - ok
16:42:48.0929 0x10f4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:42:48.0929 0x10f4 volmgr - ok
16:42:48.0945 0x10f4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:42:48.0960 0x10f4 volmgrx - ok
16:42:48.0960 0x10f4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:42:48.0960 0x10f4 volsnap - ok
16:42:48.0976 0x10f4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:42:48.0976 0x10f4 vsmraid - ok
16:42:49.0023 0x11d8 Object send P2P result: true
16:42:49.0023 0x11d8 Object required for P2P: [ DE3E38431B00C2EA247C53675DCF01A0 ] AudioSrv
16:42:49.0054 0x10f4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:42:49.0070 0x10f4 VSS - ok
16:42:49.0085 0x10f4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:42:49.0085 0x10f4 vwifibus - ok
16:42:49.0085 0x10f4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:42:49.0085 0x10f4 vwififlt - ok
16:42:49.0101 0x10f4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:42:49.0101 0x10f4 W32Time - ok
16:42:49.0116 0x10f4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:42:49.0116 0x10f4 WacomPen - ok
16:42:49.0116 0x10f4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:42:49.0116 0x10f4 WANARP - ok
16:42:49.0116 0x10f4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:42:49.0116 0x10f4 Wanarpv6 - ok
16:42:49.0210 0x10f4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:42:49.0241 0x10f4 wbengine - ok
16:42:49.0257 0x10f4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:42:49.0257 0x10f4 WbioSrvc - ok
16:42:49.0272 0x10f4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:42:49.0272 0x10f4 wcncsvc - ok
16:42:49.0272 0x10f4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:42:49.0288 0x10f4 WcsPlugInService - ok
16:42:49.0288 0x10f4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:42:49.0288 0x10f4 Wd - ok
16:42:49.0319 0x10f4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:42:49.0335 0x10f4 Wdf01000 - ok
16:42:49.0335 0x10f4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:42:49.0335 0x10f4 WdiServiceHost - ok
16:42:49.0335 0x10f4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:42:49.0350 0x10f4 WdiSystemHost - ok
16:42:49.0350 0x10f4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:42:49.0366 0x10f4 WebClient - ok
16:42:49.0382 0x10f4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:42:49.0382 0x10f4 Wecsvc - ok
16:42:49.0382 0x10f4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:42:49.0382 0x10f4 wercplsupport - ok
16:42:49.0397 0x10f4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:42:49.0397 0x10f4 WerSvc - ok
16:42:49.0397 0x10f4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:42:49.0397 0x10f4 WfpLwf - ok
16:42:49.0397 0x10f4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:42:49.0397 0x10f4 WIMMount - ok
16:42:49.0397 0x10f4 WinDefend - ok
16:42:49.0397 0x10f4 WinHttpAutoProxySvc - ok
16:42:49.0413 0x10f4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:42:49.0413 0x10f4 Winmgmt - ok
16:42:49.0538 0x10f4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:42:49.0569 0x10f4 WinRM - ok
16:42:49.0569 0x10f4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:42:49.0569 0x10f4 WinUsb - ok
16:42:49.0600 0x10f4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:42:49.0616 0x10f4 Wlansvc - ok
16:42:49.0616 0x10f4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:42:49.0616 0x10f4 WmiAcpi - ok
16:42:49.0631 0x10f4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:42:49.0631 0x10f4 wmiApSrv - ok
16:42:49.0631 0x10f4 WMPNetworkSvc - ok
16:42:49.0631 0x10f4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:42:49.0631 0x10f4 WPCSvc - ok
16:42:49.0647 0x10f4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:42:49.0647 0x10f4 WPDBusEnum - ok
16:42:49.0647 0x10f4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:42:49.0647 0x10f4 ws2ifsl - ok
16:42:49.0647 0x10f4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:42:49.0662 0x10f4 wscsvc - ok
16:42:49.0662 0x10f4 WSearch - ok
16:42:49.0694 0x10f4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
16:42:49.0725 0x10f4 wuauserv - ok
16:42:49.0725 0x10f4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:42:49.0725 0x10f4 WudfPf - ok
16:42:49.0740 0x10f4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:42:49.0740 0x10f4 WUDFRd - ok
16:42:49.0740 0x10f4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:42:49.0756 0x10f4 wudfsvc - ok
16:42:49.0756 0x10f4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:42:49.0772 0x10f4 WwanSvc - ok
16:42:49.0772 0x10f4 ================ Scan global ===============================
16:42:49.0772 0x10f4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:42:49.0787 0x10f4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:42:49.0803 0x10f4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:42:49.0803 0x10f4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:42:49.0818 0x10f4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:42:49.0818 0x10f4 [ Global ] - ok
16:42:49.0818 0x10f4 ================ Scan MBR ==================================
16:42:49.0818 0x10f4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:42:49.0850 0x10f4 \Device\Harddisk0\DR0 - ok
16:42:49.0850 0x10f4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:42:49.0850 0x10f4 \Device\Harddisk1\DR1 - ok
16:42:49.0850 0x10f4 ================ Scan VBR ==================================
16:42:49.0850 0x10f4 [ 2585DC6C759B9B96F209E52FAB334A31 ] \Device\Harddisk0\DR0\Partition1
16:42:49.0850 0x10f4 \Device\Harddisk0\DR0\Partition1 - ok
16:42:49.0850 0x10f4 [ 879D84E81C2D29159C3750996CDB6DF3 ] \Device\Harddisk1\DR1\Partition1
16:42:49.0850 0x10f4 \Device\Harddisk1\DR1\Partition1 - ok
16:42:49.0850 0x10f4 ================ Scan generic autorun ======================
16:42:50.0115 0x10f4 [ 2C1AF8733700FF54C48187797809DC35, AB8BD1BFAF4AB981EB98DDAF357EA77DFC1F434DD7DBDB5DB46649A794F8A309 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:42:50.0193 0x10f4 RTHDVCPL - ok
16:42:50.0208 0x10f4 [ ABB77FA17794F584967E364A09AF207F, D80A455AAB523481950508927E24FCCB7AEBE3976B64AA932FABEC93077F0FB6 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
16:42:50.0208 0x10f4 IAStorIcon - ok
16:42:50.0240 0x10f4 [ 51F760F54E2CBDE649B342DA35B713D2, EDE61A7F2D5C015404264521FD0578B18B079844B5BEC093D421E44BD87AB28E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:42:50.0255 0x10f4 NvBackend - ok
16:42:50.0271 0x10f4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:42:50.0271 0x10f4 ShadowPlay - ok
16:42:50.0286 0x10f4 [ 2EA91CA041F7A50D3C1BCFF9A9B6E103, EF00E0102E2CA8AFC1D2B3F4CA4B8A126B9DD413E9B0B7B100F9FDF291544FD6 ] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
16:42:50.0318 0x10f4 GamingKeyboard - ok
16:42:50.0318 0x10f4 [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:42:50.0333 0x10f4 avgnt - ok
16:42:50.0333 0x10f4 [ 22283306E9A33D4EB10F8B6C7499C30E, F527A3ED9816EE5C5A191A26A7D29A2CAFAB7DA3BAA3295FE0E8A2D44F0F5F45 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
16:42:50.0333 0x10f4 Avira Systray - ok
16:42:50.0427 0x10f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:42:50.0442 0x10f4 Sidebar - ok
16:42:50.0442 0x10f4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:42:50.0442 0x10f4 mctadmin - ok
16:42:50.0536 0x10f4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:42:50.0567 0x10f4 Sidebar - ok
16:42:50.0567 0x10f4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:42:50.0567 0x10f4 mctadmin - ok
16:42:50.0567 0x10f4 Waiting for KSN requests completion. In queue: 228
16:42:51.0581 0x10f4 Waiting for KSN requests completion. In queue: 228
16:42:52.0595 0x10f4 Waiting for KSN requests completion. In queue: 228
16:42:53.0328 0x0e60 Object required for P2P: [ B6A58491307B4CADA572583D863DC602 ] ProfSvc
16:42:53.0609 0x10f4 Waiting for KSN requests completion. In queue: 193
16:42:54.0623 0x10f4 Waiting for KSN requests completion. In queue: 193
16:42:55.0637 0x10f4 Waiting for KSN requests completion. In queue: 193
16:42:56.0214 0x0e60 Object send P2P result: true
16:42:56.0230 0x0e60 Object required for P2P: [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid
16:42:56.0651 0x10f4 Waiting for KSN requests completion. In queue: 81
16:42:57.0665 0x10f4 Waiting for KSN requests completion. In queue: 81
16:42:58.0679 0x10f4 Waiting for KSN requests completion. In queue: 81
16:42:59.0100 0x0e60 Object send P2P result: true
16:42:59.0693 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:00.0707 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:01.0721 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:02.0735 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:03.0749 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:04.0763 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:05.0777 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:06.0791 0x10f4 Waiting for KSN requests completion. In queue: 33
16:43:07.0540 0x073c Object send P2P result: false
16:43:07.0805 0x10f4 Waiting for KSN requests completion. In queue: 26
16:43:08.0819 0x10f4 Waiting for KSN requests completion. In queue: 26
16:43:09.0038 0x11d8 Object send P2P result: false
16:43:09.0849 0x10f4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
16:43:09.0849 0x10f4 Win FW state via NFP2: enabled
16:43:12.0626 0x10f4 ============================================================
16:43:12.0626 0x10f4 Scan finished
16:43:12.0626 0x10f4 ============================================================
16:43:12.0626 0x0764 Detected object count: 0
16:43:12.0626 0x0764 Actual detected object count: 0
16:43:20.0940 0x117c Deinitialize success
 Habe es gelöscht und seitdem keine Probleme mehr, jedenfalls keine die mir AuffallenPS: Hab da weder ein Häkchen mit Cure gefunden noch gabs nen reboot nachdem ich auf continue geklickt habe |
|
07.02.2015, 11:30
| #6 |
| /// the machine /// TB-Ausbilder | Sprechblase für Windowsupdater(nicht von Microsoft) geht auf Wir sind noch nicht fertig  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Sprechblase für Windowsupdater(nicht von Microsoft) geht auf |
|
07.02.2015, 23:38
| #7 |
| | Sprechblase für Windowsupdater(nicht von Microsoft) geht aufCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 07.02.2015 Suchlauf-Zeit: 22:57:24 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.02.07.10 Rootkit Datenbank: v2015.02.03.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Adrian Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 332525 Verstrichene Zeit: 7 Min, 1 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 1 PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, In Quarantäne, [14fe42d80e7cbd7913d48d1ef50e6898], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 19 PUP.Optional.SmootherWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\jetpack\jid1-U7omKQ6kQfxMaQ@jetpack, In Quarantäne, [b16199811377aa8c21c1e4971ee5cb35], PUP.Optional.SmootherWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\jetpack\jid1-U7omKQ6kQfxMaQ@jetpack\simple-storage, In Quarantäne, [b16199811377aa8c21c1e4971ee5cb35], PUP.Optional.GUPlayer.A, C:\PROGRAM FILES (X86)\GU Player, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player, In Quarantäne, [a07235e58dfd0234aaa67015a0636c94], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\defaults, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\defaults\preferences, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\locale, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\addon-sdk, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\addon-sdk\lib, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity\data, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity\data\fonts, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity\data\img, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\data, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\lib, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\tests, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], Dateien: 29 PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\Uninstaller.exe, In Quarantäne, [d73b31e94c3e0333fa8328f130d2c739], PUP.Optional.Solimba, C:\Users\Adrian\Downloads\Microsoft%20Word.exe, In Quarantäne, [1200d446fa9070c650cc779e5ba7ec14], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avcodec-54.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avdevice-54.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avformat-54.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avutil-51.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\GuPlayer.exe, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\libfreetype-6.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\libpng15-15.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\postproc-52.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\SDL.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\SDL_image.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\SDL_ttf.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\swresample-0.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\swscale-2.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\zlib1.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], PUP.Optional.GUPlayer.A, C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player\GU Player.lnk, In Quarantäne, [a07235e58dfd0234aaa67015a0636c94], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\.buildpath, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\.project, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\bootstrap.js, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\harness-options.json, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\icon.png, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\icon64.png, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\install.rdf, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\locales.json, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\defaults\preferences\prefs.js, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\data\easylist.txt, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\lib\main.js, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\lib\main.js-backup, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.110 - Bericht erstellt 07/02/2015 um 23:25:23
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Adrian - ADRIAN-PC
# Gestarted von : C:\Users\Adrian\Downloads\AdwCleaner_4.110.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\737bcb150000081b
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Super Optimizer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0.1 (x86 de)
*************************
AdwCleaner[R0].txt - [1375 Bytes] - [07/02/2015 23:08:24]
AdwCleaner[R1].txt - [1434 Bytes] - [07/02/2015 23:24:54]
AdwCleaner[S0].txt - [1242 Bytes] - [07/02/2015 23:25:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1301 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Adrian on 07.02.2015 at 23:28:38,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ FireFox
Successfully deleted: [File] C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\nw9ljsvn.default\searchplugins\avira-safesearch.xml
Successfully deleted the following from C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\nw9ljsvn.default\prefs.js
user_pref("avira.safe_search.search_was_active", "true");
Emptied folder: C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\nw9ljsvn.default\minidumps [26 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.02.2015 at 23:30:05,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Adrian (administrator) on ADRIAN-PC on 07-02-2015 23:30:49
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-06] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {b9e95629-6a8c-11e4-96a5-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {e738d354-2979-11e4-b5ff-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {f1df56f7-47c6-11e4-8f77-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\abs@avira.com [2015-02-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [807672 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-03-06] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-21] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 23:30 - 2015-02-07 23:30 - 00001153 _____ () C:\Users\Adrian\Desktop\JRT.txt
2015-02-07 23:30 - 2015-02-07 23:30 - 00000000 ____D () C:\Users\Adrian\Downloads\FRST-OlderVersion
2015-02-07 23:26 - 2015-02-07 23:26 - 00001381 _____ () C:\Users\Adrian\Desktop\AdwCleaner[S0].txt
2015-02-07 23:06 - 2015-02-07 23:06 - 00009937 _____ () C:\Users\Adrian\Desktop\mbam.txt
2015-02-07 23:03 - 2015-02-07 23:03 - 01388274 _____ (Thisisu) C:\Users\Adrian\Downloads\JRT.exe
2015-02-07 23:01 - 2015-02-07 23:25 - 00000000 ____D () C:\AdwCleaner
2015-02-07 23:01 - 2015-02-07 23:01 - 02112512 _____ () C:\Users\Adrian\Downloads\AdwCleaner_4.110.exe
2015-02-07 22:56 - 2015-02-07 22:56 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-07 22:55 - 2015-02-07 22:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028(1).exe
2015-02-05 18:32 - 2015-02-05 18:32 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Downloads\tdsskiller.exe
2015-02-05 18:23 - 2015-02-07 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-05 18:22 - 2015-02-05 18:30 - 00000000 ____D () C:\Users\Adrian\Desktop\mbar
2015-02-05 18:22 - 2015-02-05 18:22 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Adrian\Downloads\mbar-1.08.3.1004.exe
2015-02-05 07:56 - 2015-02-05 07:56 - 00380416 _____ () C:\Users\Adrian\Downloads\vpl5fhzr.exe
2015-02-05 07:55 - 2015-02-07 23:30 - 00012969 _____ () C:\Users\Adrian\Downloads\FRST.txt
2015-02-05 07:55 - 2015-02-07 23:30 - 00000000 ____D () C:\FRST
2015-02-05 07:55 - 2015-02-05 07:56 - 00021961 _____ () C:\Users\Adrian\Downloads\Addition.txt
2015-02-05 07:54 - 2015-02-07 23:30 - 02132992 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-02-05 07:53 - 2015-02-05 07:53 - 00000544 _____ () C:\Users\Adrian\Downloads\defogger_disable.log
2015-02-05 07:53 - 2015-02-05 07:53 - 00000168 _____ () C:\Users\Adrian\defogger_reenable
2015-02-05 07:52 - 2015-02-05 07:52 - 00050477 _____ () C:\Users\Adrian\Downloads\Defogger.exe
2015-01-30 02:39 - 2015-01-30 02:39 - 00001222 _____ () C:\DelFix.txt
2015-01-30 02:39 - 2015-01-30 02:39 - 00000000 ____D () C:\Windows\ERUNT
2015-01-30 01:15 - 2015-02-06 16:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 01:15 - 2015-02-06 16:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 01:15 - 2015-01-30 01:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 __RHD () C:\MSOCache
2015-01-28 15:04 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\Documents\Benutzerdefinierte Office-Vorlagen
2015-01-28 14:58 - 2015-01-28 14:58 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Microsoft Help
2015-01-28 14:51 - 2015-01-28 14:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\MicrosoftFixit.wu.LB.134588027784228.1.1.Run.exe
2015-01-28 14:38 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Firefox-improver
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-01-28 14:31 - 2015-01-28 15:00 - 00002210 _____ () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ___RD () C:\Users\Adrian\OneDrive
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-28 14:30 - 2015-01-28 18:45 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-28 14:30 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-28 14:29 - 2015-01-28 14:30 - 01064632 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\Setup.X86.de-DE_O365HomePremRetail_c45264ce-a25c-46e7-ab4e-e8f594a0467d_TX_DB_.exe
2015-01-28 14:21 - 2015-01-28 14:21 - 00668376 _____ (Blue Labs, LLC) C:\Users\Adrian\Downloads\FreeEditor.exe
2015-01-28 13:20 - 2015-01-28 13:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-28 02:49 - 2015-01-28 02:49 - 00009094 _____ () C:\Users\Adrian\Documents\a.txt
2015-01-28 02:22 - 2015-02-07 22:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 02:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-28 02:21 - 2015-01-28 02:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-27 23:41 - 2015-01-27 23:42 - 00014648 _____ () C:\Users\Adrian\Documents\Ereignisse.txt
2015-01-27 23:23 - 2015-01-27 23:23 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1 (1).exe
2015-01-27 23:23 - 2015-01-27 23:23 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 23:22 - 2015-01-27 23:22 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1.exe
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-01-27 05:14 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-26 02:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 02:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 02:15 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 02:15 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 02:15 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 02:15 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 02:15 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-26 02:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 23:26 - 2014-10-03 13:39 - 00062865 _____ () C:\Windows\setupact.log
2015-02-07 23:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 23:25 - 2014-10-24 06:49 - 00031580 _____ () C:\Windows\PFRO.log
2015-02-07 23:25 - 2014-08-19 18:57 - 01204429 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 23:25 - 2014-08-15 08:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-07 22:38 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-07 22:38 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-07 01:13 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2015-02-07 00:06 - 2014-08-19 19:53 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Battle.net
2015-02-06 23:11 - 2011-04-12 08:43 - 00700146 _____ () C:\Windows\system32\perfh007.dat
2015-02-06 23:11 - 2011-04-12 08:43 - 00149784 _____ () C:\Windows\system32\perfc007.dat
2015-02-06 23:11 - 2009-07-14 06:13 - 01622778 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 19:56 - 2014-08-19 19:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-02-06 16:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-05 07:53 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian
2015-01-30 02:31 - 2014-11-10 00:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-29 18:33 - 2014-10-01 18:16 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-29 18:33 - 2014-04-03 06:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-28 14:45 - 2009-07-14 05:45 - 00438272 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-28 14:38 - 2014-08-19 18:59 - 00111400 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 14:30 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian\AppData\Local\VirtualStore
2015-01-28 14:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-28 02:55 - 2014-08-19 19:29 - 00000000 ___RD () C:\Users\Adrian\Desktop\Programme
2015-01-28 02:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-01-26 03:01 - 2014-08-20 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 03:00 - 2014-08-20 23:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2014-08-15 08:24 - 2014-08-15 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\avgnt.exe
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-05 19:32
==================== End Of Log ============================
--- --- --- Code:
ATTFilter
Antivirus Pro
Erstellungsdatum der Reportdatei: Samstag, 7. Februar 2015 23:05
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Adrian Stachowski
Seriennummer : 2229046492-PEPWE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : ADRIAN-PC
Versionsinformationen:
BUILD.DAT : 14.0.7.468 94169 Bytes 24.11.2014 10:23:00
AVSCAN.EXE : 14.0.7.462 1015544 Bytes 16.12.2014 18:47:55
AVSCANRC.DLL : 14.0.7.308 64304 Bytes 06.11.2014 08:37:56
LUKE.DLL : 14.0.7.462 60664 Bytes 16.12.2014 18:48:03
AVSCPLR.DLL : 14.0.7.440 93488 Bytes 16.12.2014 18:47:55
REPAIR.DLL : 14.0.7.412 366328 Bytes 16.12.2014 18:47:54
REPAIR.RDF : 1.0.4.60 704786 Bytes 05.02.2015 17:20:56
AVREG.DLL : 14.0.7.310 264952 Bytes 06.11.2014 08:37:56
AVLODE.DLL : 14.0.7.440 561456 Bytes 16.12.2014 18:47:51
AVLODE.RDF : 14.0.4.54 78895 Bytes 05.12.2014 20:41:15
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:33
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:34
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 23:08:35
XBV00073.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00074.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00075.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00076.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00077.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00078.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00079.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00080.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00081.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00082.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00083.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00084.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00085.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00086.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00087.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00088.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00089.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00090.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00091.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00092.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00093.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00094.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00095.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00096.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00097.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00098.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00099.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00100.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:39
XBV00101.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00102.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00103.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00104.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00105.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00106.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00107.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00108.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00109.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00110.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00111.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00112.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00113.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00114.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00115.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00116.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00117.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00118.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00119.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00120.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00121.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00122.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00123.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00124.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00125.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00126.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00127.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00128.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00129.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00130.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00131.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00132.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00133.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00134.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00135.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00136.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00137.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00138.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:40
XBV00139.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00140.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00141.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00142.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00143.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00144.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00145.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00146.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00147.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00148.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00149.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00150.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00151.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00152.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00153.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00154.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00155.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00156.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00157.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00158.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00159.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00160.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00161.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00162.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00163.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00164.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00165.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00166.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00167.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00168.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00169.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00170.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00171.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00172.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00173.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00174.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00175.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:41
XBV00176.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00177.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00178.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00179.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00180.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00181.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00182.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00183.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00184.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00185.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00186.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00187.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00188.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00189.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00190.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00191.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00192.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00193.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00194.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00195.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00196.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00197.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00198.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00199.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00200.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00201.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00202.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00203.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00204.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00205.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00206.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00207.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00208.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00209.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00210.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00211.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00212.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00213.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:42
XBV00214.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00215.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00216.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00217.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00218.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00219.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00220.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00221.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00222.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00223.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00224.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00225.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00226.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00227.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00228.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00229.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00230.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00231.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00232.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00233.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00234.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00235.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00236.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00237.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00238.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00239.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00240.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00241.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00242.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00243.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00244.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00245.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00246.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00247.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00248.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00249.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00250.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00251.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00252.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:43
XBV00253.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:44
XBV00254.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:44
XBV00255.VDF : 8.11.206.252 2048 Bytes 04.02.2015 16:45:44
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 11:29:41
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 11:29:41
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 11:29:41
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 11:29:41
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 11:29:41
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 11:29:41
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 11:29:41
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 11:29:41
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 23:08:32
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 01:11:57
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 18:53:53
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 11:48:02
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 11:34:38
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 01:04:33
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 16:45:38
XBV00042.VDF : 8.11.207.24 43520 Bytes 04.02.2015 21:18:19
XBV00043.VDF : 8.11.207.50 2048 Bytes 04.02.2015 21:18:19
XBV00044.VDF : 8.11.207.52 2048 Bytes 04.02.2015 21:18:19
XBV00045.VDF : 8.11.207.78 20480 Bytes 04.02.2015 23:18:19
XBV00046.VDF : 8.11.207.104 5632 Bytes 04.02.2015 17:20:52
XBV00047.VDF : 8.11.207.106 2048 Bytes 05.02.2015 17:20:52
XBV00048.VDF : 8.11.207.108 23040 Bytes 05.02.2015 17:20:52
XBV00049.VDF : 8.11.207.110 34304 Bytes 05.02.2015 17:20:52
XBV00050.VDF : 8.11.207.112 2048 Bytes 05.02.2015 17:20:52
XBV00051.VDF : 8.11.207.134 15360 Bytes 05.02.2015 17:20:52
XBV00052.VDF : 8.11.207.154 9728 Bytes 05.02.2015 17:20:52
XBV00053.VDF : 8.11.207.178 39936 Bytes 05.02.2015 21:42:29
XBV00054.VDF : 8.11.207.200 32256 Bytes 05.02.2015 16:54:38
XBV00055.VDF : 8.11.207.204 2560 Bytes 05.02.2015 16:54:38
XBV00056.VDF : 8.11.207.208 57856 Bytes 06.02.2015 16:54:38
XBV00057.VDF : 8.11.207.210 2048 Bytes 06.02.2015 16:54:38
XBV00058.VDF : 8.11.207.212 5120 Bytes 06.02.2015 16:54:38
XBV00059.VDF : 8.11.207.232 18944 Bytes 06.02.2015 16:54:38
XBV00060.VDF : 8.11.207.252 24576 Bytes 06.02.2015 16:54:38
XBV00061.VDF : 8.11.208.16 9216 Bytes 06.02.2015 16:54:38
XBV00062.VDF : 8.11.208.18 4096 Bytes 06.02.2015 16:54:38
XBV00063.VDF : 8.11.208.20 2560 Bytes 06.02.2015 16:54:38
XBV00064.VDF : 8.11.208.42 54272 Bytes 06.02.2015 22:09:26
XBV00065.VDF : 8.11.208.62 2048 Bytes 06.02.2015 22:09:26
XBV00066.VDF : 8.11.208.84 28160 Bytes 06.02.2015 02:09:26
XBV00067.VDF : 8.11.208.86 2048 Bytes 06.02.2015 02:09:26
XBV00068.VDF : 8.11.208.88 2048 Bytes 07.02.2015 02:09:26
XBV00069.VDF : 8.11.208.92 61440 Bytes 07.02.2015 21:23:29
XBV00070.VDF : 8.11.208.112 2048 Bytes 07.02.2015 21:23:29
XBV00071.VDF : 8.11.208.130 40448 Bytes 07.02.2015 21:23:29
XBV00072.VDF : 8.11.208.148 2048 Bytes 07.02.2015 21:23:29
LOCAL000.VDF : 8.11.208.148 120584704 Bytes 07.02.2015 21:23:38
Engineversion : 8.3.28.16
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 18:27:55
AESCRIPT.DLL : 8.2.2.54 550824 Bytes 06.02.2015 16:54:38
AESCN.DLL : 8.3.2.2 139456 Bytes 23.07.2014 11:29:06
AESBX.DLL : 8.2.20.24 1409224 Bytes 23.07.2014 11:29:06
AERDL.DLL : 8.2.1.16 743328 Bytes 29.10.2014 16:19:10
AEPACK.DLL : 8.4.0.58 789360 Bytes 26.01.2015 01:04:32
AEOFFICE.DLL : 8.3.1.10 351088 Bytes 26.01.2015 01:04:32
AEMOBILE.DLL : 8.1.2.0 277360 Bytes 16.12.2014 18:47:48
AEHEUR.DLL : 8.1.4.1522 8071080 Bytes 06.02.2015 16:54:38
AEHELP.DLL : 8.3.1.0 278728 Bytes 23.07.2014 11:29:06
AEGEN.DLL : 8.1.7.40 456608 Bytes 20.12.2014 16:49:01
AEEXP.DLL : 8.4.2.70 255904 Bytes 06.02.2015 16:54:38
AEEMU.DLL : 8.1.3.4 399264 Bytes 19.08.2014 23:08:11
AEDROID.DLL : 8.4.3.6 850800 Bytes 16.12.2014 18:47:48
AECORE.DLL : 8.3.4.0 243624 Bytes 16.12.2014 18:47:48
AEBB.DLL : 8.1.2.0 60448 Bytes 19.08.2014 23:08:10
AVWINLL.DLL : 14.0.7.308 25904 Bytes 06.11.2014 08:37:54
AVPREF.DLL : 14.0.7.308 52016 Bytes 06.11.2014 08:37:56
AVREP.DLL : 14.0.7.308 220976 Bytes 06.11.2014 08:37:56
AVARKT.DLL : 14.0.7.308 227632 Bytes 06.11.2014 08:37:54
AVEVTLOG.DLL : 14.0.7.440 184112 Bytes 16.12.2014 18:47:50
SQLITE3.DLL : 14.0.7.308 453936 Bytes 06.11.2014 08:38:03
AVSMTP.DLL : 14.0.7.308 79096 Bytes 06.11.2014 08:37:57
NETNT.DLL : 14.0.7.308 15152 Bytes 06.11.2014 08:38:02
RCIMAGE.DLL : 14.0.7.308 4888824 Bytes 06.11.2014 08:37:54
RCTEXT.DLL : 14.0.7.318 76080 Bytes 06.11.2014 08:37:54
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Samstag, 7. Februar 2015 23:05
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'HDD1(D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '143' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CAutoUpdateSvc.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CPNRSvc.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'OfficeClickToRun.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc7.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '175' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkNGUI64.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'GameMon.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdwCleaner_4.110.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '124' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1301' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <System>
C:\Users\Adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\954G0RFK\Setup[1].exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/InstallCore.588455
Beginne mit der Suche in 'D:\' <Data1>
Beginne mit der Desinfektion:
C:\Users\Adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\954G0RFK\Setup[1].exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/InstallCore.588455
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '53493eca.qua' verschoben!
Ende des Suchlaufs: Samstag, 7. Februar 2015 23:22
Benötigte Zeit: 15:22 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
50312 Verzeichnisse wurden überprüft
600767 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
600766 Dateien ohne Befall
4503 Archive wurden durchsucht
0 Warnungen
1 Hinweise
782570 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
08.02.2015, 11:38
| #8 |
| /// the machine /// TB-Ausbilder | Sprechblase für Windowsupdater(nicht von Microsoft) geht aufESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.02.2015, 19:57
| #9 |
| | Sprechblase für Windowsupdater(nicht von Microsoft) geht aufCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=44b1e72354ebc049928bd056d4f7569f
# engine=22191
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-28 05:10:50
# local_time=2015-01-28 06:10:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7617 174094900 0 0
# scanned=157197
# found=11
# cleaned=0
# scan_time=3769
sh=B98C851D46F6F34607DEC601FF82469DA350D9EC ft=1 fh=95a049650cc65f75 vn="Variante von Win64/Adware.Adpeak.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir"
sh=8B67C4946B050285FE89EFE36AB6DC2F7B3E2D2F ft=1 fh=d91722da20002316 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"
sh=7ABFFAAC5A64F72C2675F588BFDD67C25C2A77A9 ft=1 fh=7f527dcaa4a2e4a3 vn="Variante von Win32/FirseriaInstaller.V evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe"
sh=86796560DB0AE55C365CEC423A5B78809AADC139 ft=1 fh=8c7a4ac81187f375 vn="Variante von Win32/OptimizerEliteMax.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe"
sh=68F71677C9DBAF71857BEBDF5A997C41468340B9 ft=1 fh=8936360fc9736a34 vn="Variante von Win32/FirseriaInstaller.V evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe"
sh=5BDE683A0EE1839A2E41E9CB7162EE8670FCE802 ft=1 fh=ca9f6b2171b06cd9 vn="Variante von Win32/AdWare.SpeedingUpMyPC.P Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe"
sh=701C731421B95DA078F8FB2D6942AC37C9FB83A8 ft=1 fh=2af9c47ac8a07022 vn="Variante von MSIL/Solimba.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe"
sh=701C731421B95DA078F8FB2D6942AC37C9FB83A8 ft=1 fh=2af9c47ac8a07022 vn="Variante von MSIL/Solimba.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe"
sh=9840C957D7EC5F8C4F43C018A01C7E34AE2ACFD1 ft=1 fh=38614386ad14ad13 vn="Variante von MSIL/Solimba.AK.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\Downloads\Microsoft%20Word.exe"
sh=0B547922EA789C01BAA87AA742F998F5C948A3AC ft=1 fh=1cd1321574700fd9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe"
sh=F3244CED9E174DEB4232C4517BE14F5EF2BDF21B ft=1 fh=23dcaa93e780676c vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\Windows\Temp\aaccee\aabbcc.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=44b1e72354ebc049928bd056d4f7569f
# engine=22365
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-08 06:25:53
# local_time=2015-02-08 07:25:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 159413 175049803 0 0
# scanned=153399
# found=2
# cleaned=0
# scan_time=1344
sh=6579AB75B6D1097A365AA2F2B1ED21A777AA4DF2 ft=1 fh=12b05cc00faf068d vn="Win32/VOPackage.BN evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe"
sh=0B547922EA789C01BAA87AA742F998F5C948A3AC ft=1 fh=1cd1321574700fd9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.96
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.305
Mozilla Firefox (35.0.1)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Adrian (administrator) on ADRIAN-PC on 08-02-2015 19:55:19
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3733\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5522\Battle.net.exe
() C:\Program Files (x86)\Hearthstone\Hearthstone.exe
() C:\Users\Adrian\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-06] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {b9e95629-6a8c-11e4-96a5-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {e738d354-2979-11e4-b5ff-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {f1df56f7-47c6-11e4-8f77-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\abs@avira.com [2015-02-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [807672 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-03-06] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-21] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation )
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 19:01 - 2015-02-08 19:01 - 00852594 _____ () C:\Users\Adrian\Downloads\SecurityCheck.exe
2015-02-08 19:00 - 2015-02-08 19:00 - 02347384 _____ (ESET) C:\Users\Adrian\Downloads\esetsmartinstaller_deu.exe
2015-02-07 23:30 - 2015-02-07 23:30 - 00001153 _____ () C:\Users\Adrian\Desktop\JRT.txt
2015-02-07 23:30 - 2015-02-07 23:30 - 00000000 ____D () C:\Users\Adrian\Downloads\FRST-OlderVersion
2015-02-07 23:26 - 2015-02-07 23:26 - 00001381 _____ () C:\Users\Adrian\Desktop\AdwCleaner[S0].txt
2015-02-07 23:06 - 2015-02-07 23:06 - 00009937 _____ () C:\Users\Adrian\Desktop\mbam.txt
2015-02-07 23:03 - 2015-02-07 23:03 - 01388274 _____ (Thisisu) C:\Users\Adrian\Downloads\JRT.exe
2015-02-07 23:01 - 2015-02-07 23:25 - 00000000 ____D () C:\AdwCleaner
2015-02-07 23:01 - 2015-02-07 23:01 - 02112512 _____ () C:\Users\Adrian\Downloads\AdwCleaner_4.110.exe
2015-02-07 22:56 - 2015-02-07 22:56 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-07 22:55 - 2015-02-07 22:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028(1).exe
2015-02-05 18:32 - 2015-02-05 18:32 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Downloads\tdsskiller.exe
2015-02-05 18:23 - 2015-02-07 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-05 18:22 - 2015-02-05 18:30 - 00000000 ____D () C:\Users\Adrian\Desktop\mbar
2015-02-05 18:22 - 2015-02-05 18:22 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Adrian\Downloads\mbar-1.08.3.1004.exe
2015-02-05 07:56 - 2015-02-05 07:56 - 00380416 _____ () C:\Users\Adrian\Downloads\vpl5fhzr.exe
2015-02-05 07:55 - 2015-02-08 19:55 - 00013478 _____ () C:\Users\Adrian\Downloads\FRST.txt
2015-02-05 07:55 - 2015-02-08 19:55 - 00000000 ____D () C:\FRST
2015-02-05 07:55 - 2015-02-05 07:56 - 00021961 _____ () C:\Users\Adrian\Downloads\Addition.txt
2015-02-05 07:54 - 2015-02-07 23:30 - 02132992 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-02-05 07:53 - 2015-02-05 07:53 - 00000544 _____ () C:\Users\Adrian\Downloads\defogger_disable.log
2015-02-05 07:53 - 2015-02-05 07:53 - 00000168 _____ () C:\Users\Adrian\defogger_reenable
2015-02-05 07:52 - 2015-02-05 07:52 - 00050477 _____ () C:\Users\Adrian\Downloads\Defogger.exe
2015-01-30 02:39 - 2015-01-30 02:39 - 00001222 _____ () C:\DelFix.txt
2015-01-30 02:39 - 2015-01-30 02:39 - 00000000 ____D () C:\Windows\ERUNT
2015-01-30 01:15 - 2015-02-06 16:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 01:15 - 2015-02-06 16:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 01:15 - 2015-01-30 01:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 __RHD () C:\MSOCache
2015-01-28 15:04 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\Documents\Benutzerdefinierte Office-Vorlagen
2015-01-28 14:58 - 2015-01-28 14:58 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Microsoft Help
2015-01-28 14:51 - 2015-01-28 14:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\MicrosoftFixit.wu.LB.134588027784228.1.1.Run.exe
2015-01-28 14:38 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Firefox-improver
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-01-28 14:31 - 2015-01-28 15:00 - 00002210 _____ () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ___RD () C:\Users\Adrian\OneDrive
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-28 14:30 - 2015-01-28 18:45 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-28 14:30 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-28 14:29 - 2015-01-28 14:30 - 01064632 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\Setup.X86.de-DE_O365HomePremRetail_c45264ce-a25c-46e7-ab4e-e8f594a0467d_TX_DB_.exe
2015-01-28 14:21 - 2015-01-28 14:21 - 00668376 _____ (Blue Labs, LLC) C:\Users\Adrian\Downloads\FreeEditor.exe
2015-01-28 13:20 - 2015-01-28 13:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-28 02:49 - 2015-01-28 02:49 - 00009094 _____ () C:\Users\Adrian\Documents\a.txt
2015-01-28 02:22 - 2015-02-07 22:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 02:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-28 02:21 - 2015-01-28 02:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-27 23:41 - 2015-01-27 23:42 - 00014648 _____ () C:\Users\Adrian\Documents\Ereignisse.txt
2015-01-27 23:23 - 2015-01-27 23:23 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1 (1).exe
2015-01-27 23:23 - 2015-01-27 23:23 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 23:22 - 2015-01-27 23:22 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1.exe
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-01-27 05:14 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-26 02:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 02:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 02:15 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 02:15 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 02:15 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 02:15 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 02:15 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-26 02:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-08 19:54 - 2014-08-19 19:53 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Battle.net
2015-02-08 18:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-08 18:00 - 2014-10-03 13:39 - 00063425 _____ () C:\Windows\setupact.log
2015-02-08 09:08 - 2011-04-12 08:43 - 00700146 _____ () C:\Windows\system32\perfh007.dat
2015-02-08 09:08 - 2011-04-12 08:43 - 00149784 _____ () C:\Windows\system32\perfc007.dat
2015-02-08 09:08 - 2009-07-14 06:13 - 01622778 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 09:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 09:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 09:01 - 2014-10-24 06:49 - 00031922 _____ () C:\Windows\PFRO.log
2015-02-08 09:01 - 2014-08-15 08:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-08 09:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 05:10 - 2014-08-19 18:57 - 01228485 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 01:13 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2015-02-06 19:56 - 2014-08-19 19:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-02-05 07:53 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian
2015-01-30 02:31 - 2014-11-10 00:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-29 18:33 - 2014-10-01 18:16 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-29 18:33 - 2014-04-03 06:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-28 14:45 - 2009-07-14 05:45 - 00438272 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-28 14:38 - 2014-08-19 18:59 - 00111400 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 14:30 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian\AppData\Local\VirtualStore
2015-01-28 14:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-28 02:55 - 2014-08-19 19:29 - 00000000 ___RD () C:\Users\Adrian\Desktop\Programme
2015-01-28 02:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-01-26 03:01 - 2014-08-20 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 03:00 - 2014-08-20 23:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-08-15 08:24 - 2014-08-15 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\avgnt.exe
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-05 19:32
==================== End Of Log ============================
--- --- --- Nein, jedenfalls keine mir bekannten Probleme |
|
09.02.2015, 06:46
| #10 |
| /// the machine /// TB-Ausbilder | Sprechblase für Windowsupdater(nicht von Microsoft) geht auf Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir
C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir
C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe
C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe
C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe
C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe
C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe
C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe
C:\Users\Adrian\Downloads\Microsoft%20Word.exe
C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
C:\Windows\Temp\aaccee\aabbcc.exe
C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.02.2015, 14:34
| #11 |
| | Sprechblase für Windowsupdater(nicht von Microsoft) geht aufCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Adrian at 2015-02-09 14:27:53 Run:1
Running from C:\Users\Adrian\Downloads\FRST-OlderVersion\FRST-OlderVersion
Loaded Profiles: Adrian (Available profiles: Adrian)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir
C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir
C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe
C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe
C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe
C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe
C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe
C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe
C:\Users\Adrian\Downloads\Microsoft%20Word.exe
C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
C:\Windows\Temp\aaccee\aabbcc.exe
C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe
Emptytemp:
*****************
"C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir" => File/Directory not found.
"C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir" => File/Directory not found.
"C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe" => File/Directory not found.
"C:\Users\Adrian\Downloads\Microsoft%20Word.exe" => File/Directory not found.
C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe => Moved successfully.
"C:\Windows\Temp\aaccee\aabbcc.exe" => File/Directory not found.
C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe => Moved successfully.
EmptyTemp: => Removed 706.4 MB temporary data.
The system needed a reboot.
==== End of Fixlog 14:28:16 ====
|
|
09.02.2015, 18:11
| #12 |
| /// the machine /// TB-Ausbilder | Sprechblase für Windowsupdater(nicht von Microsoft) geht auf fertig
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Sprechblase für Windowsupdater(nicht von Microsoft) geht auf |
| adware, antivir, avira, browser, cpu, defender, desktop, failed, firefox, flash player, helper, home, homepage, league of legends, mozilla, office 365, problem, programm, realtek, registry, rundll, scan, security, services.exe, svchost.exe, system, taskmanager, teredo |
Linear-Darstellung
