| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC hängt alle paar Sek & Programme laufen langsamerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.07.2015, 08:40
| #1 |
| |  PC hängt alle paar Sek & Programme laufen langsamer Seit ca. vorgestern hängt mein PC alle paar Sekunden und alle Programme laufen im allgemeinen langsamer. Ich hab mir in letzter Zeit über Google ein 3 Bilder gedownloadet und über Steam ein Spiel (Trove) Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-07-2015
Ran by peer (administrator) on PEER-PC on 22-07-2015 09:18:50
Running from C:\Users\peer\Desktop
Loaded Profiles: peer (Available Profiles: peer)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Users\peer\AppData\Local\BoBrowser\Application\bobrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ClaraLabs) C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe
(ClanServers Hosting LLC) C:\Program Files\GameTracker\GSInGameService.exe
() C:\Program Files\WajIntEnhance\WajIntEnhance Internet Enhancer\InternetEnhancerService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ClanServers Hosting LLC) C:\Program Files\GameTracker\GTLite.exe
(AAA Internet Publishing, Inc.) C:\Program Files\WTFast Beta\WTFast.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow32.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\plugin-nm-server.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [43871968 2015-06-26] (Dropbox, Inc.)
HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2895552 2015-07-21] (Valve Corporation)
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\...\Run: [GameTracker] => C:\Program Files\GameTracker\GTLite.exe [4019992 2013-12-19] (ClanServers Hosting LLC)
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\...\Run: [WTFast Tray] => C:\Program Files\WTFast Beta\WTFast.exe [4702296 2015-05-08] (AAA Internet Publishing, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-01-07] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-04]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-04]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420561021&from=cor&uid=WDCXWD2500AAJS-07M0A0_WD-WMAV2963090030900&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://myhome.vi-view.com/web/?type=ds&ts=1420561021&from=cor&uid=WDCXWD2500AAJS-07M0A0_WD-WMAV2963090030900&q={searchTerms}
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5H3z-5F1l27HhyU0OoTryrvFbsX6jim90UcD6M_QUitVg3K2_BuecGVRvARmle7zzwC2g3Oi7Xy5NLX51tajl8LnBtg4gxy40mkFFgKSpHz5VPteXqjtvxNZtQYj-Otd6MicaE1FNa9HG_7iSbTdgbw_&q={searchTerms}
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5H3z-5F1l27HhyU0OoTryrvFbsX6jim90UcD6M_QUitVg3K2_BuecGVRvARmle7zzwC2g3Oi7Xy5NLX51tajl8LnBtg4gxy40mkFFgKSpHz5VPteXqjtvxNZtQYj-Otd6MicaE1FNa9HG_7iSbTdgbw_&q={searchTerms}
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-1044166359-3000482697-3890932768-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-08] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO: No Name -> {b608cc98-54de-4775-96c9-097de398500c} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-08] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\abengine.dll [324592 2015-01-06] (Abengine)
Winsock: Catalog9 02 C:\Windows\system32\abengine.dll [324592 2015-01-06] (Abengine)
Winsock: Catalog9 03 C:\Windows\system32\abengine.dll [324592 2015-01-06] (Abengine)
Winsock: Catalog9 04 C:\Windows\system32\abengine.dll [324592 2015-01-06] (Abengine)
Winsock: Catalog9 15 C:\Windows\system32\abengine.dll [324592 2015-01-06] (Abengine)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AD9157E6-1FCD-4207-A619-32915DF88733}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CD409118-7BF1-4F7B-92F7-0D2B9D1CC9B8}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\peer\AppData\Roaming\Mozilla\Firefox\Profiles\5hp5imh4.default
FF NetworkProxy: " type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-08] (Oracle Corporation)
FF Plugin: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-21] ()
FF Plugin: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-21] ()
FF Plugin: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF user.js: detected! => C:\Users\peer\AppData\Roaming\Mozilla\Firefox\Profiles\5hp5imh4.default\user.js [2015-07-21]
FF HKLM\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-02-21]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-02-21]
FF HKLM\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-02-21]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-06]
CHR Extension: (Google Docs) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-06]
CHR Extension: (Google Drive) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-06]
CHR Extension: (YouTube) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-06]
CHR Extension: (Agar.io Mods) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-06]
CHR Extension: (Adblock Plus) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-09]
CHR Extension: (Google Search) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-06]
CHR Extension: (Kaspersky Protection) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-02-21]
CHR Extension: (Google Sheets) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-06]
CHR Extension: (Floating YouTube™) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2015-07-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Google Wallet) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-06]
CHR Extension: (Gmail) - C:\Users\peer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-06]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.google.com/service/update2/crx
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 AVP15.0.2; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [348032 2015-05-09] ()
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClaraUpdater; C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe [926832 2015-07-17] (ClaraLabs)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-09] (Dropbox, Inc.)
R2 GS In-Game Service; C:\Program Files\GameTracker\GSInGameService.exe [1677080 2013-12-19] (ClanServers Hosting LLC)
R2 Internet Enhancer Service; C:\Program Files\WajIntEnhance\WajIntEnhance Internet Enhancer\InternetEnhancerService.exe [477696 2015-02-03] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-22] (AVM Berlin) [File not signed]
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [197864 2015-06-23] (Kaspersky Lab UK Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [586752 2010-10-22] (AVM GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [153784 2015-06-23] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [54640 2015-06-23] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [128728 2015-06-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [44208 2015-07-01] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [705208 2015-06-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [34160 2015-06-23] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [36208 2015-06-23] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [35696 2015-06-23] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [23920 2015-06-23] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54328 2015-06-23] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [72560 2015-06-23] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [157240 2015-06-23] (Kaspersky Lab ZAO)
R2 WtfEngineDrv; C:\Windows\System32\DRIVERS\WtfEngineDrv.sys [22784 2015-04-02] (AAA Internet Publishing, Inc.)
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S3 cpuz134; \??\C:\Users\peer\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 09:18 - 2015-07-22 09:19 - 00026035 _____ C:\Users\peer\Desktop\FRST.txt
2015-07-22 09:18 - 2015-07-22 09:18 - 00000610 _____ C:\Users\peer\Downloads\FRST.txt
2015-07-22 09:18 - 2015-07-22 09:16 - 01638912 _____ (Farbar) C:\Users\peer\Desktop\FRST.exe
2015-07-22 09:17 - 2015-07-22 09:18 - 00000000 ____D C:\FRST
2015-07-22 09:16 - 2015-07-22 09:16 - 01638912 _____ (Farbar) C:\Users\peer\Downloads\FRST.exe
2015-07-22 08:32 - 2015-07-22 08:32 - 00000000 ____D C:\Users\peer\AppData\Local\CEF
2015-07-21 22:11 - 2015-07-22 09:07 - 00000000 ____D C:\Users\peer\AppData\Roaming\Trove
2015-07-21 16:34 - 2015-07-21 16:34 - 00000216 _____ C:\Users\peer\Desktop\Trove.url
2015-07-21 14:07 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 14:07 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 14:07 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 14:07 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 14:07 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 01:13 - 2015-07-21 01:13 - 00000000 ____D C:\Users\peer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-20 16:46 - 2015-07-20 16:47 - 14246072 _____ (BlueStack Systems Inc.) C:\Users\peer\Downloads\BlueStacks-ThinInstaller.exe
2015-07-18 17:43 - 2015-07-18 17:43 - 00482031 _____ C:\Users\peer\Downloads\TerraMap-1.3.4.zip
2015-07-15 13:57 - 2015-07-15 13:57 - 00000000 ___HD C:\Users\peer\Desktop\.updtmp
2015-07-15 11:21 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 11:21 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 11:21 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 11:21 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 11:21 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 11:21 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 11:21 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 11:21 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 11:21 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 11:21 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 11:21 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 11:21 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 11:21 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 11:21 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 11:21 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 11:21 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 11:21 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 11:21 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 11:21 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 11:21 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 11:20 - 2015-07-09 19:44 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 11:20 - 2015-07-09 19:43 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 11:20 - 2015-07-09 19:42 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 11:20 - 2015-07-09 19:42 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 11:20 - 2015-07-09 19:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 11:20 - 2015-07-09 19:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 11:20 - 2015-07-09 19:42 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 11:20 - 2015-07-09 19:34 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 11:20 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 11:20 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 11:20 - 2015-06-11 19:57 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 11:20 - 2015-06-11 19:15 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 11:20 - 2015-06-11 19:15 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-15 11:20 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 11:20 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 11:20 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 11:20 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 11:19 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 11:19 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 11:19 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 11:19 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 11:19 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 11:19 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 11:19 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 11:19 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 11:19 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 11:19 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 11:19 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 11:19 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 11:19 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 11:19 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 11:19 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 11:19 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 11:19 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 11:19 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 11:19 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 11:19 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 11:19 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 11:19 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 11:19 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 11:19 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 11:19 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 11:19 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 11:19 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 11:19 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 11:19 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 11:19 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 11:19 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 11:19 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 11:19 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 11:19 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 11:19 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 11:19 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 11:19 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-13 18:33 - 2015-07-13 18:33 - 01143808 _____ C:\Users\peer\Downloads\TerrariViewer.exe
2015-07-13 15:31 - 2015-07-13 15:32 - 09080832 _____ (ChbShoot.me) C:\Users\peer\Downloads\TerrariaInvEdit.61.exe
2015-07-13 14:10 - 2015-07-13 14:10 - 00000316 _____ C:\Windows\PFRO.log
2015-07-12 14:25 - 2015-07-12 13:54 - 00327680 _____ C:\Users\peer\Desktop\Spassteas.exe
2015-07-12 13:54 - 2015-07-12 13:54 - 00327680 _____ C:\Users\peer\Downloads\Spassteas.exe
2015-07-12 12:27 - 2015-07-12 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-08 20:52 - 2015-07-08 20:52 - 00000216 _____ C:\Users\peer\Desktop\Scribblenauts Unlimited.url
2015-07-07 22:03 - 2015-07-07 22:03 - 00632468 _____ C:\Users\peer\Downloads\PaySafeCard Code Generator Downloader (2).zip
2015-07-07 22:03 - 2015-07-07 22:03 - 00632468 _____ C:\Users\peer\Downloads\PaySafeCard Code Generator Downloader (1).zip
2015-07-07 22:02 - 2015-07-07 22:02 - 00632469 _____ C:\Users\peer\Downloads\PaySafeCard Code Generator Downloader.zip
2015-07-06 21:42 - 2015-07-06 21:42 - 00000000 ____D C:\SinusBot
2015-07-06 21:39 - 2015-07-06 21:41 - 10001388 _____ (Michael Friese) C:\Users\peer\Downloads\sinusbot-win-0.9.8.6.exe
2015-07-06 21:39 - 2015-07-06 21:41 - 10001388 _____ (Michael Friese) C:\Users\peer\Downloads\sinusbot-win-0.9.8.6 (1).exe
2015-07-05 19:49 - 2015-07-05 19:49 - 00000216 _____ C:\Users\peer\Desktop\Terraria.url
2015-07-05 01:20 - 2015-07-05 01:20 - 00000213 _____ C:\Users\peer\Desktop\Left 4 Dead.url
2015-07-04 14:52 - 2015-07-04 14:52 - 00000000 ___HD C:\Users\peer\AppData\Roaming\.kbd
2015-07-04 14:48 - 2015-07-04 14:49 - 08319897 _____ C:\Users\peer\Downloads\Kronos_3.7_1.8.zip
2015-07-04 14:24 - 2015-07-21 23:45 - 00000000 ____D C:\Users\peer\AppData\Local\WinZip
2015-07-04 14:24 - 2015-07-04 14:26 - 19653086 _____ C:\Users\peer\Downloads\Kronus1.8 (1).zip
2015-07-04 14:23 - 2015-07-04 14:24 - 00000000 ____D C:\ProgramData\WinZip
2015-07-04 14:23 - 2015-07-04 14:23 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-07-04 14:23 - 2015-07-04 14:23 - 00002189 _____ C:\Users\peer\AppData\Roaming\WinZip.lnk
2015-07-04 14:23 - 2015-07-04 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-07-04 14:23 - 2015-07-04 14:23 - 00000000 ____D C:\Program Files\WinZip
2015-07-04 14:20 - 2015-07-04 14:21 - 68722688 _____ C:\Users\peer\Downloads\wz195gev-32.msi
2015-07-04 14:16 - 2015-07-04 14:17 - 19653086 _____ C:\Users\peer\Downloads\Kronus1.8.zip
2015-07-04 14:09 - 2015-07-04 14:10 - 03215267 _____ C:\Users\peer\Downloads\Minecraft_client_Downloader.zip
2015-07-04 14:06 - 2015-07-04 13:06 - 00917504 _____ C:\Users\peer\AppData\Roaming\srt.exe.exe
2015-07-04 14:04 - 2015-07-04 14:05 - 04774848 _____ C:\Users\peer\Downloads\Huzuni 1.7 & 1.8 Hacked Client.zip
2015-07-04 13:53 - 2015-07-04 13:54 - 05934977 _____ C:\Users\peer\Downloads\Huzuni ColettYT.zip
2015-07-04 00:58 - 2015-07-04 01:12 - 209715200 _____ C:\Users\peer\Downloads\NekoParaVol1Adult.part01.rar
2015-07-03 23:55 - 2015-07-03 23:56 - 00517384 _____ ( ) C:\Users\peer\Downloads\jetzt_installieren.exe
2015-07-03 21:17 - 2015-07-03 21:17 - 00000216 _____ C:\Users\peer\Desktop\The Binding of Isaac Rebirth.url
2015-07-02 17:43 - 2015-07-02 17:43 - 01294088 _____ (Mojang) C:\Users\peer\Desktop\Minecraft.exe
2015-07-02 17:42 - 2015-07-02 17:43 - 01294088 _____ (Mojang) C:\Users\peer\Downloads\Minecraft.exe
2015-07-02 17:36 - 2015-07-02 17:36 - 00000000 ____D C:\Users\peer\Desktop\runtime
2015-07-02 17:35 - 2015-07-02 17:44 - 00000000 ____D C:\Users\peer\Desktop\game
2015-06-27 23:20 - 2015-06-27 23:20 - 00058982 _____ C:\Users\peer\Downloads\deagle-1.wav
2015-06-27 22:44 - 2015-06-27 22:44 - 19517177 _____ C:\Users\peer\Downloads\garysmodweaponpackspassteas.7z
2015-06-27 20:42 - 2013-09-24 11:14 - 00179200 _____ (fabi.me) C:\Users\peer\Desktop\SpeedAutoClicker.exe
2015-06-27 16:23 - 2015-06-27 16:23 - 00000000 ____D C:\Users\peer\AppData\Roaming\com.playsaurus.heroclicker
2015-06-27 16:13 - 2015-06-28 13:10 - 00000000 ____D C:\Users\peer\AppData\Local\fabi.me
2015-06-27 16:11 - 2015-06-27 16:12 - 00094899 _____ C:\Users\peer\Downloads\SpeedAutoClicker.zip
2015-06-27 16:08 - 2015-06-27 16:08 - 00000216 _____ C:\Users\peer\Desktop\Clicker Heroes.url
2015-06-25 20:30 - 2015-06-25 19:50 - 534821939 _____ C:\Users\peer\Desktop\YanSimJune19th.rar
2015-06-25 19:50 - 2015-06-25 19:50 - 534821939 _____ C:\Users\peer\Downloads\YanSimJune19th.rar
2015-06-24 06:57 - 2015-06-24 06:57 - 00285198 _____ C:\Windows\msxml4-KB954430-enu.LOG
2015-06-24 06:56 - 2015-06-24 06:57 - 00291746 _____ C:\Windows\msxml4-KB973688-enu.LOG
2015-06-24 06:56 - 2015-06-24 06:56 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-06-22 22:24 - 2015-06-22 22:24 - 00000000 ____D C:\Users\peer\Documents\MAGIX
2015-06-22 22:23 - 2015-06-22 22:24 - 00000000 ____D C:\ProgramData\MAGIX
2015-06-22 22:23 - 2015-06-22 22:23 - 00000000 ____D C:\Users\peer\AppData\Roaming\MAGIX
2015-06-22 22:23 - 2015-06-22 22:23 - 00000000 ____D C:\Users\peer\AppData\Local\MAGIX
2015-06-22 22:23 - 2015-06-22 22:23 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services
2015-06-22 22:00 - 2015-06-22 22:01 - 24003400 _____ (MAGIX AG) C:\Users\peer\Downloads\foto_designer_7011_23mb_d.exe
2015-06-22 17:11 - 2015-06-22 17:11 - 00242810 _____ C:\Users\peer\Desktop\3000x1687xKillua-Zoldyck.jpg.pagespeed.ic.IaGsWwpE_B.webp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 09:19 - 2015-01-06 16:43 - 00001332 _____ C:\Windows\Tasks\AEIJZ.job
2015-07-22 09:16 - 2015-01-10 16:35 - 00000000 ____D C:\Users\peer\AppData\Roaming\Skype
2015-07-22 09:08 - 2015-01-11 15:33 - 00000000 ____D C:\Program Files\Steam
2015-07-22 09:07 - 2015-01-06 17:42 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-22 09:00 - 2009-07-14 06:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-22 09:00 - 2009-07-14 06:34 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-22 08:44 - 2015-02-21 16:08 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-07-22 08:35 - 2015-01-07 15:52 - 01145877 _____ C:\Windows\WindowsUpdate.log
2015-07-22 08:33 - 2015-01-06 16:29 - 00001332 _____ C:\Windows\Tasks\GACRJ.job
2015-07-22 08:32 - 2015-01-11 15:33 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-07-22 08:31 - 2015-06-09 18:29 - 00000000 ___RD C:\Users\peer\Dropbox
2015-07-22 08:31 - 2015-06-09 17:12 - 00000000 ____D C:\Users\peer\AppData\Local\Dropbox
2015-07-22 08:30 - 2015-02-16 17:22 - 00000000 ____D C:\Users\peer\AppData\Roaming\GameTracker
2015-07-22 08:29 - 2015-06-09 17:12 - 00001194 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-07-22 08:29 - 2015-01-06 17:42 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-22 08:28 - 2015-06-21 19:47 - 00002240 _____ C:\Windows\setupact.log
2015-07-22 08:28 - 2015-01-06 16:04 - 00001334 _____ C:\Windows\Tasks\DUITSQ.job
2015-07-22 08:28 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 00:17 - 2015-02-05 20:58 - 00000000 ____D C:\Users\peer\AppData\Roaming\TS3Client
2015-07-21 23:24 - 2015-06-09 17:12 - 00001198 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-07-21 23:24 - 2015-02-19 19:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-21 19:03 - 2009-07-14 06:33 - 00267160 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 18:33 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-21 16:34 - 2015-01-11 15:50 - 00000000 ____D C:\Users\peer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-21 16:25 - 2015-01-06 16:04 - 00000000 ____D C:\Program Files\Google
2015-07-21 16:13 - 2009-07-14 04:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-18 13:26 - 2015-01-06 16:43 - 00000000 ____D C:\Program Files\Common Files\ClaraUpdater
2015-07-16 09:10 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-16 08:30 - 2015-04-17 06:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 08:30 - 2015-04-17 06:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 08:30 - 2015-04-05 12:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 08:30 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-07-16 08:14 - 2015-01-06 17:14 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 14:24 - 2015-02-19 19:27 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 14:24 - 2015-02-19 19:27 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-13 14:10 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-12 12:27 - 2015-06-09 17:12 - 00000000 ____D C:\Program Files\Dropbox
2015-07-09 14:42 - 2015-01-10 16:35 - 00000000 ___RD C:\Program Files\Skype
2015-07-09 14:42 - 2015-01-10 16:35 - 00000000 ____D C:\ProgramData\Skype
2015-07-05 20:35 - 2015-01-11 17:31 - 00000000 ____D C:\Users\peer\Documents\My Games
2015-07-05 03:19 - 2015-01-09 15:53 - 00000000 ____D C:\Users\peer\AppData\Roaming\Mirai Nikki Bilder von Yuno
2015-07-04 18:06 - 2015-01-08 19:55 - 00000000 ____D C:\Users\peer\AppData\Roaming\.minecraft
2015-07-04 14:24 - 2015-01-06 15:31 - 00000000 ____D C:\Users\peer
2015-07-03 08:49 - 2015-01-06 17:14 - 127070192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 15:01 - 2014-10-22 22:13 - 00044208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-06-28 14:39 - 2015-02-19 19:27 - 00000000 __SHD C:\Users\peer\AppData\Local\EmieUserList
2015-06-28 14:39 - 2015-02-19 19:27 - 00000000 __SHD C:\Users\peer\AppData\Local\EmieSiteList
2015-06-28 14:39 - 2015-02-19 19:27 - 00000000 __SHD C:\Users\peer\AppData\Local\EmieBrowserModeList
2015-06-23 21:57 - 2014-11-22 15:12 - 00072560 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-06-23 21:57 - 2014-11-10 18:48 - 00157240 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-06-23 21:57 - 2014-10-10 18:02 - 00034160 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2015-06-23 21:57 - 2014-10-09 13:31 - 00054328 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2015-06-23 21:57 - 2014-08-19 13:31 - 00054640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-06-23 21:57 - 2014-03-31 11:47 - 00153784 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-06-23 21:57 - 2013-04-12 15:34 - 00023920 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klpd.sys
2015-06-23 21:56 - 2014-12-13 19:21 - 00705208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-06-23 21:56 - 2014-11-28 19:19 - 00128728 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-06-23 21:56 - 2014-10-30 05:22 - 00036208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-06-23 21:56 - 2013-08-08 17:10 - 00035696 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-06-23 21:56 - 2013-01-14 21:10 - 00197864 _____ (Kaspersky Lab UK Ltd) C:\Windows\system32\Drivers\cm_km_w.sys
2015-06-23 13:27 - 2015-01-06 16:06 - 00246952 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\peer\AppData\Roaming\AEIJZ
2015-05-09 19:28 - 2015-05-09 19:28 - 0001047 _____ () C:\Users\peer\AppData\Roaming\Cheat Engine.lnk
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\peer\AppData\Roaming\DUITSQ
2015-02-06 18:35 - 2015-02-06 18:35 - 0000572 _____ () C:\Users\peer\AppData\Roaming\Fraps.lnk
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\peer\AppData\Roaming\GACRJ
2015-04-17 07:21 - 2015-04-17 08:51 - 0000255 _____ () C:\Users\peer\AppData\Roaming\mb3settings.xml
2015-03-21 12:50 - 2015-03-21 12:47 - 10708434 _____ () C:\Users\peer\AppData\Roaming\Savior Mod 1.2.rar
2015-07-04 14:06 - 2015-07-04 13:06 - 0917504 _____ () C:\Users\peer\AppData\Roaming\srt.exe.exe
2015-05-05 20:58 - 2015-05-05 20:57 - 13791079 _____ () C:\Users\peer\AppData\Roaming\thebindingofisaacgodmode_1.9.5 (1).zip
2015-01-09 15:53 - 2015-01-09 15:55 - 0018944 ___SH () C:\Users\peer\AppData\Roaming\Thumbs.db
2015-01-30 15:17 - 2015-01-30 15:17 - 0000046 _____ () C:\Users\peer\AppData\Roaming\WB.CFG
2015-07-04 14:23 - 2015-07-04 14:23 - 0002189 _____ () C:\Users\peer\AppData\Roaming\WinZip.lnk
Some files in TEMP:
====================
C:\Users\peer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkifp1c.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-14 17:07
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by peer at 2015-07-22 09:22:13
Running from C:\Users\peer\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1044166359-3000482697-3890932768-500 - Administrator - Disabled)
Gast (S-1-5-21-1044166359-3000482697-3890932768-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1044166359-3000482697-3890932768-1002 - Limited - Enabled)
peer (S-1-5-21-1044166359-3000482697-3890932768-1000 - Administrator - Enabled) => C:\Users\peer
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version: - Hyper Hippo Games)
AMD Catalyst Install Manager (HKLM\...\{0CF4D060-11E5-D612-1F01-D5F67A5C7E78}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version: - AVM Berlin)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version: - The Behemoth)
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
Clicker Heroes (HKLM\...\Steam App 363970) (Version: - )
Dropbox (HKLM\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Echoes+ (HKLM\...\Steam App 338000) (Version: - Binary Zoo)
GameTracker Lite (HKLM\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Kaspersky Internet Security (HKLM\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.2.361 - Kaspersky Lab) Hidden
Left 4 Dead (HKLM\...\Steam App 500) (Version: - Valve)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Scribblenauts Unlimited (HKLM\...\Steam App 218680) (Version: - 5th Cell Media)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Amazing Wagon Adventure (HKLM\...\Steam App 250500) (Version: - sparsevector)
TeamSpeak 3 Client (HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version: - Nicalis, Inc.)
Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds)
Wajam (HKLM\...\WajIntEnhance) (Version: 2.23.2.12 (i2.6) - WajIntEnhance) <==== ATTENTION
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EC}) (Version: 19.5.11532 - WinZip Computing, S.L. )
WTFast Beta 4.0 (HKLM\...\{162DC956-6167-407C-8265-4CC3B8E61B96}_is1) (Version: 4.0.1.459 - Initex & AAA Internet Publishing)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1044166359-3000482697-3890932768-1000_Classes\CLSID\{19041B6B-8F97-4669-BA21-C17572737ED2}\localserver32 -> C:\Users\peer\AppData\Local\BoBrowser\Application\36.0.1985.136\delegate_execute.exe (The Chromium Authors)
==================== Restore Points =========================
10-07-2015 13:59:16 Windows Update
14-07-2015 11:59:13 Windows Update
16-07-2015 07:45:47 Windows Update
21-07-2015 16:01:02 Removed BlueStacks Notification Center
21-07-2015 16:06:38 Removed BlueStacks Notification Center
21-07-2015 16:22:24 Removed Google Earth
21-07-2015 18:55:32 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0847D1A9-C505-43E5-9B1F-6C63B0BDA1AA} - System32\Tasks\DUITSQ => C:\Users\peer\AppData\Roaming\DUITSQ.exe <==== ATTENTION
Task: {0849AB36-C572-4631-9C9C-552EBB299882} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-06-09] (Dropbox, Inc.)
Task: {352584E1-0C91-4CC6-9B2A-EEA9766A827D} - System32\Tasks\AEIJZ => C:\Users\peer\AppData\Roaming\AEIJZ.exe <==== ATTENTION
Task: {4C8D46B9-B2B5-409C-85FA-63653C8104BB} - System32\Tasks\GACRJ => C:\Users\peer\AppData\Roaming\GACRJ.exe <==== ATTENTION
Task: {4ED14997-48E5-4891-B86F-0594B3D9773A} - \Run_Bobby_Browser No Task File <==== ATTENTION
Task: {6247D802-DFD5-4BE1-929C-8BE14CA40863} - System32\Tasks\avastBCLRestartS-1-5-21-1044166359-3000482697-3890932768-1000 => Chrome.exe
Task: {653F1E69-2415-49F7-8EC5-34A73C94B15B} - System32\Tasks\{B8421162-75E0-44C2-926D-49386904A405} => pcalua.exe -a C:\Users\peer\Downloads\forge-1.8-11.14.0.1299-installer-win.exe -d C:\Users\peer\Downloads
Task: {69BF0F00-43EC-4B67-9545-F9A395992F7E} - System32\Tasks\PostPoneInstall => C:\Users\peer\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: {8F547A99-BFEC-42AA-8121-D8CDF358AAF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {A85A22B0-2DDB-4CAB-99B7-074C8514BF09} - \upfs7235 No Task File <==== ATTENTION
Task: {B06CD2AB-5A2B-4F71-BD09-E959BA1B59A3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2015-06-09] (Dropbox, Inc.)
Task: {BE1DAD1D-FA59-4BE3-9560-5FF4D529EB83} - System32\Tasks\{0B2E862F-28C7-460D-BC85-94CDE498ED1A} => C:\Users\peer\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe [2014-08-04] (TeamSpeak Systems GmbH)
Task: {C15253F5-5F87-4E39-89FC-349966428646} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-06] (Google Inc.)
Task: {D27471AB-DA63-4796-9DC8-AF2B4F2DDC4E} - System32\Tasks\{DB01E593-6648-45E2-854D-B8E8299813D3} => pcalua.exe -a C:\Users\peer\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=tugs
Task: {F52B544F-A543-4DE7-BCE9-C8746E51A211} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AEIJZ.job => C:\Users\peer\AppData\Roaming\AEIJZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DUITSQ.job => C:\Users\peer\AppData\Roaming\DUITSQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\GACRJ.job => C:\Users\peer\AppData\Roaming\GACRJ.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-12-23 17:54 - 2014-12-23 17:54 - 01272616 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\kpcengine.2.3.dll
2015-02-03 21:03 - 2015-02-03 21:03 - 00477696 _____ () C:\Program Files\WajIntEnhance\WajIntEnhance Internet Enhancer\InternetEnhancerService.exe
2015-07-22 08:30 - 2015-07-22 08:30 - 00043008 _____ () c:\users\peer\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkifp1c.dll
2015-06-09 17:14 - 2015-03-19 09:15 - 00750080 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2015-06-09 17:14 - 2015-03-19 09:15 - 00047616 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2015-06-09 17:14 - 2015-03-19 09:15 - 00865280 _____ () C:\Program Files\Dropbox\Client\plugins\platforms\qwindows.dll
2015-06-09 17:14 - 2015-03-19 09:15 - 00200704 _____ () C:\Program Files\Dropbox\Client\plugins\imageformats\qjpeg.dll
2015-06-09 17:15 - 2015-03-19 09:15 - 00010240 _____ () C:\Program Files\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-09 17:14 - 2015-03-19 09:15 - 00726016 _____ () C:\Program Files\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-09 17:15 - 2015-03-19 09:15 - 00010240 _____ () C:\Program Files\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-01-11 15:42 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files\Steam\SDL2.dll
2015-01-20 16:34 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files\Steam\v8.dll
2015-01-20 16:34 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files\Steam\icui18n.dll
2015-01-20 16:34 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files\Steam\icuuc.dll
2015-01-11 15:42 - 2015-07-21 21:32 - 02410176 _____ () C:\Program Files\Steam\video.dll
2015-01-11 15:42 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2015-01-11 15:42 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2015-01-11 15:42 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2015-01-11 15:42 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2015-01-11 15:42 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2015-01-11 15:42 - 2015-07-21 21:32 - 00703168 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2015-07-22 08:31 - 2015-07-07 22:41 - 00169984 _____ () C:\Program Files\Steam\bin\openvr_api.dll
2015-01-11 15:42 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files\Steam\bin\libcef.dll
2015-07-14 18:40 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 18:40 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.134\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1044166359-3000482697-3890932768-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\peer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AF50EA8D-2907-4A89-BFFE-68420A7BF43C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D79D08CC-A4DD-419D-85B8-5B1EABDB2820}] => (Allow) C:\Users\peer\AppData\Local\CrossBrowser\Application\crossbrowser.exe
FirewallRules: [{5E922166-8A48-4312-B7CE-25D36B1B2CFA}] => (Allow) C:\Users\peer\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [TCP Query User{E05C71DC-BC36-4B52-A528-2832F3B522B7}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A249048E-9160-4662-AABB-D5CEE8FE9C9B}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{52FC3A64-0C28-4EBF-823B-F471B44EE057}C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{AC7E6F61-15FA-4575-9078-21F231CF68DF}C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{20E8AE1A-F0AD-41D2-A3C8-90AC55222BF0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AAA6C38C-066F-4DCD-8020-59B3D46DFF2C}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{A589396B-A5EF-48B1-A3FC-D05BF860E802}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{D309AE60-4535-489A-AB67-A7941BAD1EB9}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0674F56-00E7-4393-8743-1C86A3ED16A3}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{7D62B1EE-A08F-4E8F-A285-6D094DD2F1DD}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{499C9F5D-3079-4566-860D-D912686508AC}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{6AC2A4C4-B95D-4120-AA70-EAC511002E84}C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4183B6F5-8295-48DF-ACFD-9C2D3B487C99}C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\peer\desktop\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{FA4F12C1-EC15-418F-BE82-DD9FB54F87DC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{189EA21C-0C64-4256-81E1-94F3C481C6AF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{BC6DC2DD-2D4E-4F58-9C2F-46811B9DE109}] => (Allow) C:\Program Files\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{5D982A09-9C4E-4895-9C21-5E648CF8AAF1}] => (Allow) C:\Program Files\Steam\steamapps\common\Super Amazing Wagon Adventure\WagonAdventure.exe
FirewallRules: [{08F7A903-163D-4E86-B5C1-50D05E20D5C4}] => (Allow) C:\Program Files\Steam\steamapps\common\Echoes+\echoes+.exe
FirewallRules: [{43F1C9F1-1D51-4CC3-B3BC-BE5338706FF9}] => (Allow) C:\Program Files\Steam\steamapps\common\Echoes+\echoes+.exe
FirewallRules: [{4C658117-DD5F-4AC9-811A-B89E09BC4AAA}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{94BAD1AB-4AC8-4014-8352-0E3BBB901DEA}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{F0EC67D5-ADAE-4BE0-87CD-A97546481D36}] => (Allow) C:\Program Files\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{364DD5FD-8662-4E03-8B2C-FF2F631C1686}] => (Allow) C:\Program Files\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{A872B8C6-F4AD-4137-BA79-93E18C3E13F7}] => (Allow) C:\Program Files\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{8C3BC03B-CA8D-4A3B-BB35-C2B81D7301D2}] => (Allow) C:\Program Files\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{A579D655-6C56-4DB9-96C9-37D6367A7993}C:\program files\wtfast beta\wtfast.exe] => (Allow) C:\program files\wtfast beta\wtfast.exe
FirewallRules: [UDP Query User{D1723E1A-4818-4C95-BBE2-082B90BE126C}C:\program files\wtfast beta\wtfast.exe] => (Allow) C:\program files\wtfast beta\wtfast.exe
FirewallRules: [{147CA2F5-D7AD-4CC3-B517-6DBC53B552AC}] => (Allow) C:\Program Files\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{46C54343-8578-48D2-AA83-C51BC5D100CC}] => (Allow) C:\Program Files\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{7210288D-EDCC-4C09-B66F-708D54D85E37}] => (Allow) C:\Program Files\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{B7D3FA46-047F-4257-B2FB-6100FB4DFD20}] => (Allow) C:\Program Files\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [TCP Query User{1501C086-D6F9-42A2-816F-22D008B9FAA0}C:\program files\wtfast beta\wtfast.exe] => (Allow) C:\program files\wtfast beta\wtfast.exe
FirewallRules: [UDP Query User{E36B206C-ACA8-4E09-A79F-4BF9DBF1626E}C:\program files\wtfast beta\wtfast.exe] => (Allow) C:\program files\wtfast beta\wtfast.exe
FirewallRules: [{145D2736-556B-459D-B7C9-B0CF304A28D3}] => (Allow) C:\Program Files\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{6A16AA74-5671-4E2F-9281-0C1FFE7C188B}] => (Allow) C:\Program Files\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{7900A3BB-3C14-4987-9DA9-FC77ACBE55AA}] => (Allow) C:\Program Files\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{01ED2CB7-46F3-43F0-9476-769DD4930D7B}] => (Allow) C:\Program Files\Steam\steamapps\common\The Binding of Isaac Rebirth\isaac-ng.exe
FirewallRules: [{CE925788-1B59-42D2-920A-7236429A0ED0}] => (Allow) C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{C9F23A68-C52B-40AF-9F3C-07B429AACA38}] => (Allow) C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{455E51E3-97CC-43B6-B381-5F41F8821603}] => (Allow) C:\Program Files\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{C7A4F47D-739F-41B2-9566-974016F14C04}] => (Allow) C:\Program Files\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1398FFBB-9616-40A9-8C1A-34B0BE27D5AE}] => (Allow) C:\Program Files\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{2DF777F0-E860-4D60-9D1D-0FB44552FEDA}] => (Allow) C:\Program Files\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{05065864-5DFF-4D99-B015-FFBDB8A14BBC}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{C4CEB63D-6F51-4642-B718-468F6DF94B7B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{3959B8F3-BC1F-4FA8-829E-964376719D44}] => (Allow) C:\Program Files\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{ACE472A0-E228-4253-96D6-540EAED0D658}] => (Allow) C:\Program Files\Steam\steamapps\common\Trove\GlyphClient.exe
==================== Faulty Device Manager Devices =============
Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/21/2015 09:06:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 195c
Startzeit: 01d0c3e7b23bb567
Endzeit: 75
Anwendungspfad: C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
Berichts-ID: 508ee919-2fdb-11e5-9fe4-00199962f02b
Error: (07/21/2015 04:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636303
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000c3c23
ID des fehlerhaften Prozesses: 0x7ac
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (07/21/2015 02:32:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Terraria.exe, Version: 1.3.0.6, Zeitstempel: 0x55ac1237
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18847, Zeitstempel: 0x554d7b00
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x1dec
Startzeit der fehlerhaften Anwendung: 0xTerraria.exe0
Pfad der fehlerhaften Anwendung: Terraria.exe1
Pfad des fehlerhaften Moduls: Terraria.exe2
Berichtskennung: Terraria.exe3
Error: (07/21/2015 02:32:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Terraria.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare)
bei Terraria.Utilities.FileUtilities.Write(System.String, Byte[], Int32, Boolean)
bei Terraria.IO.WorldFile.saveWorld(Boolean, Boolean)
bei Terraria.WorldGen.saveAndPlayCallBack(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (07/21/2015 01:56:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (07/21/2015 02:11:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.25.11, Zeitstempel: 0x545bb4ac
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007a2af1
ID des fehlerhaften Prozesses: 0x248c
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3
Error: (07/20/2015 06:27:41 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile C:\Program Files\BlueStacks\HD-CreateSymlink.exe because this image is not a valid Win32 application.
Error: (07/18/2015 05:49:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TerraMapCmd.exe, Version: 1.3.4.16437, Zeitstempel: 0x55aa5dba
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18847, Zeitstempel: 0x554d7b00
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x14cc
Startzeit der fehlerhaften Anwendung: 0xTerraMapCmd.exe0
Pfad der fehlerhaften Anwendung: TerraMapCmd.exe1
Pfad des fehlerhaften Moduls: TerraMapCmd.exe2
Berichtskennung: TerraMapCmd.exe3
Error: (07/18/2015 05:49:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: TerraMapCmd.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
bei TerraMap.Program.Main(System.String[])
Error: (07/18/2015 05:39:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.6.0.105, Zeitstempel: 0x559165ab
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.17924, Zeitstempel: 0x5595ab25
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0015433d
ID des fehlerhaften Prozesses: 0xc64
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
System errors:
=============
Error: (07/22/2015 09:23:37 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:35 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:33 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:30 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:22 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:20 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:18 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:16 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:09 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (07/22/2015 09:23:07 AM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Microsoft Office:
=========================
Error: (07/21/2015 09:06:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: hl2.exe0.0.0.0195c01d0c3e7b23bb56775C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe508ee919-2fdb-11e5-9fe4-00199962f02b
Error: (07/21/2015 04:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d6727a7ntdll.dll6.1.7601.1886955636303c0000374000c3c237ac01d0c3a8b5f390c0C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll4cf9bf5a-2fb1-11e5-b8b6-00199962f02b
Error: (07/21/2015 02:32:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Terraria.exe1.3.0.655ac1237KERNELBASE.dll6.1.7601.18847554d7b00e04343520000812f1dec01d0c3ab437647d7C:\Program Files\Steam\steamapps\common\Terraria\Terraria.exeC:\Windows\system32\KERNELBASE.dll91fa811f-2fa4-11e5-b8b6-00199962f02b
Error: (07/21/2015 02:32:23 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Terraria.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare)
bei Terraria.Utilities.FileUtilities.Write(System.String, Byte[], Int32, Boolean)
bei Terraria.IO.WorldFile.saveWorld(Boolean, Boolean)
bei Terraria.WorldGen.saveAndPlayCallBack(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (07/21/2015 01:56:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (07/21/2015 02:11:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.25.11545bb4acunknown0.0.0.000000000c0000005007a2af1248c01d0c3491c2587c7C:\Program Files\Google\Update\GoogleUpdate.exeunknown115bda8c-2f3d-11e5-8730-00199962f02b
Error: (07/20/2015 06:27:41 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile C:\Program Files\BlueStacks\HD-CreateSymlink.exe because this image is not a valid Win32 application.
C:\Program Files\BlueStacks\HD-CreateSymlink.exe
Error: (07/18/2015 05:49:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TerraMapCmd.exe1.3.4.1643755aa5dbaKERNELBASE.dll6.1.7601.18847554d7b00e04343520000812f14cc01d0c171490f8f50C:\Users\peer\AppData\Local\Temp\wz44d1\TerraMap-1.3.4\TerraMapCmd.exeC:\Windows\system32\KERNELBASE.dll89738bd8-2d64-11e5-8730-00199962f02b
Error: (07/18/2015 05:49:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: TerraMapCmd.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.FileNotFoundException
Stapel:
bei TerraMap.Program.Main(System.String[])
Error: (07/18/2015 05:39:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe7.6.0.105559165abmshtml.dll11.0.9600.179245595ab25c00000050015433dc6401d0c14cbbb22124C:\Program Files\Skype\Phone\Skype.exeC:\Windows\System32\mshtml.dll1ef8ab05-2d63-11e5-8730-00199962f02b
CodeIntegrity Errors:
===================================
Date: 2015-03-11 07:37:21.956
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.954
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.952
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.945
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.943
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.941
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.937
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.933
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-11 07:37:21.926
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz
Percentage of memory in use: 66%
Total physical RAM: 3070.42 MB
Available physical RAM: 1033.08 MB
Total Virtual: 6439.16 MB
Available Virtual: 3746.28 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:144.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E49C41A0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
22.07.2015, 08:48
| #2 |
| /// the machine /// TB-Ausbilder    | PC hängt alle paar Sek & Programme laufen langsamer hi,
__________________Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
22.07.2015, 12:09
| #3 |
| | PC hängt alle paar Sek & Programme laufen langsamerCode:
ATTFilter 11:46:23.0329 0x0bec TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
11:47:32.0982 0x0bec ============================================================
11:47:32.0982 0x0bec Current date / time: 2015/07/22 11:47:32.0982
11:47:32.0982 0x0bec SystemInfo:
11:47:32.0982 0x0bec
11:47:32.0982 0x0bec OS Version: 6.1.7601 ServicePack: 1.0
11:47:32.0982 0x0bec Product type: Workstation
11:47:32.0983 0x0bec ComputerName: PEER-PC
11:47:32.0983 0x0bec UserName: peer
11:47:32.0983 0x0bec Windows directory: C:\Windows
11:47:32.0983 0x0bec System windows directory: C:\Windows
11:47:32.0983 0x0bec Processor architecture: Intel x86
11:47:32.0983 0x0bec Number of processors: 2
11:47:32.0983 0x0bec Page size: 0x1000
11:47:32.0983 0x0bec Boot type: Normal boot
11:47:32.0983 0x0bec ============================================================
11:47:51.0327 0x0bec KLMD registered as C:\Windows\system32\drivers\48892699.sys
11:48:00.0377 0x0bec System UUID: {7F9B0CE2-6EDF-E033-891F-EC058D5900A8}
11:48:02.0573 0x0bec Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:48:02.0642 0x0bec ============================================================
11:48:02.0642 0x0bec \Device\Harddisk0\DR0:
11:48:02.0674 0x0bec MBR partitions:
11:48:02.0674 0x0bec \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:48:02.0674 0x0bec \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
11:48:02.0674 0x0bec ============================================================
11:48:02.0918 0x0bec C: <-> \Device\Harddisk0\DR0\Partition2
11:48:02.0918 0x0bec ============================================================
11:48:02.0918 0x0bec Initialize success
11:48:02.0918 0x0bec ============================================================
11:48:49.0775 0x0b08 ============================================================
11:48:49.0775 0x0b08 Scan started
11:48:49.0775 0x0b08 Mode: Manual; SigCheck; TDLFS;
11:48:49.0775 0x0b08 ============================================================
11:48:49.0775 0x0b08 KSN ping started
11:48:52.0295 0x0b08 KSN ping finished: true
11:48:54.0424 0x0b08 ================ Scan system memory ========================
11:48:54.0424 0x0b08 System memory - ok
11:48:54.0424 0x0b08 ================ Scan services =============================
11:49:03.0697 0x0b08 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:49:04.0011 0x0b08 1394ohci - ok
11:49:04.0068 0x0b08 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:49:04.0098 0x0b08 ACPI - ok
11:49:04.0142 0x0b08 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:49:04.0246 0x0b08 AcpiPmi - ok
11:49:04.0392 0x0b08 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:49:04.0446 0x0b08 AdobeFlashPlayerUpdateSvc - ok
11:49:04.0530 0x0b08 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:49:04.0564 0x0b08 adp94xx - ok
11:49:04.0629 0x0b08 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:49:04.0672 0x0b08 adpahci - ok
11:49:04.0720 0x0b08 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:49:04.0745 0x0b08 adpu320 - ok
11:49:04.0780 0x0b08 [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:49:04.0821 0x0b08 AeLookupSvc - ok
11:49:04.0887 0x0b08 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
11:49:04.0950 0x0b08 AFD - ok
11:49:05.0019 0x0b08 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
11:49:05.0048 0x0b08 agp440 - ok
11:49:05.0191 0x0b08 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
11:49:05.0229 0x0b08 aic78xx - ok
11:49:05.0734 0x0b08 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
11:49:05.0919 0x0b08 ALG - ok
11:49:06.0058 0x0b08 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
11:49:06.0100 0x0b08 aliide - ok
11:49:06.0152 0x0b08 [ DE697CA5522739901B17D60E18A48B57, 89C526BEDF5678047A8C0BDFA75FACA308F708B8FE3D3F0AC5A6BE20D27C76EA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:49:06.0238 0x0b08 AMD External Events Utility - ok
11:49:06.0283 0x0b08 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
11:49:06.0311 0x0b08 amdagp - ok
11:49:06.0333 0x0b08 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
11:49:06.0346 0x0b08 amdide - ok
11:49:08.0720 0x0b08 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:49:11.0219 0x0b08 AmdK8 - ok
11:49:12.0289 0x0b08 [ A5DE11C167222FB7F73588530F851784, 6847841BD121923BAB5CB118F5477696233F2A14789D99A1C7F528164BFC101B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:49:12.0778 0x0b08 amdkmdag - ok
11:49:12.0869 0x0b08 [ 354D38ECA8452AB6D3489CAD80BCFF25, 7A296CABC9EE6CB6CB9AA4CFBFBFB1BDC2E26E944D27E3C9BEDA30C979F2C794 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:49:12.0943 0x0b08 amdkmdap - ok
11:49:12.0972 0x0b08 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:49:13.0009 0x0b08 AmdPPM - ok
11:49:13.0052 0x0b08 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:49:13.0072 0x0b08 amdsata - ok
11:49:13.0169 0x0b08 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:49:13.0280 0x0b08 amdsbs - ok
11:49:13.0462 0x0b08 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:49:13.0507 0x0b08 amdxata - ok
11:49:13.0711 0x0b08 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
11:49:13.0997 0x0b08 AppID - ok
11:49:14.0080 0x0b08 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:49:14.0120 0x0b08 AppIDSvc - ok
11:49:14.0197 0x0b08 [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo C:\Windows\System32\appinfo.dll
11:49:14.0257 0x0b08 Appinfo - ok
11:49:14.0339 0x0b08 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:49:14.0407 0x0b08 AppMgmt - ok
11:49:19.0205 0x0b08 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:49:19.0306 0x0b08 arc - ok
11:49:19.0810 0x0b08 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:49:19.0895 0x0b08 arcsas - ok
11:49:21.0014 0x0b08 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:49:21.0042 0x0b08 aspnet_state - ok
11:49:21.0135 0x0b08 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:49:21.0812 0x0b08 AsyncMac - ok
11:49:21.0855 0x0b08 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
11:49:21.0876 0x0b08 atapi - ok
11:49:21.0929 0x0b08 [ E868CC139495DCE9FCEAF0E63FF93F9C, DDF799EED336140EDFAD4D8FE7D043C7EAF9C213B0F5EADA771E5F70FC49333B ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
11:49:21.0970 0x0b08 AtiHDAudioService - ok
11:49:22.0031 0x0b08 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:49:22.0085 0x0b08 AudioEndpointBuilder - ok
11:49:22.0124 0x0b08 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
11:49:22.0148 0x0b08 Audiosrv - ok
11:49:22.0195 0x0b08 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
11:49:22.0230 0x0b08 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
11:49:24.0979 0x0b08 Detect skipped due to KSN trusted
11:49:24.0979 0x0b08 AVM WLAN Connection Service - ok
11:49:25.0221 0x0b08 [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject C:\Windows\system32\drivers\avmeject.sys
11:49:25.0292 0x0b08 avmeject - detected UnsignedFile.Multi.Generic ( 1 )
11:49:27.0834 0x0b08 Detect skipped due to KSN trusted
11:49:27.0834 0x0b08 avmeject - ok
11:49:28.0107 0x0b08 [ 9C7C876ACB9B707ECD08BD434C46A4D3, 4135E95C0E531854268D2009ACD6F932D8ADC4D31E72D3B942F731C60ECCDF1D ] AVP15.0.2 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
11:49:28.0134 0x0b08 AVP15.0.2 - ok
11:49:28.0212 0x0b08 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:49:28.0733 0x0b08 AxInstSV - ok
11:49:28.0956 0x0b08 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
11:49:34.0612 0x0b08 b06bdrv - ok
11:49:34.0930 0x0b08 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
11:49:34.0996 0x0b08 b57nd60x - ok
11:49:35.0123 0x0b08 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
11:49:35.0266 0x0b08 BDESVC - ok
11:49:35.0343 0x0b08 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
11:49:35.0407 0x0b08 Beep - ok
11:49:35.0571 0x0b08 [ 4737844ED53387C302FBF4A612B2FFA4, 1741F63BB7754A3251A88A299DB7C40B98FE4B8E597DB6D0000E94F89E56A493 ] BEService C:\Program Files\Common Files\BattlEye\BEService.exe
11:49:35.0618 0x0b08 BEService - ok
11:49:35.0714 0x0b08 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
11:49:35.0794 0x0b08 BFE - ok
11:49:35.0869 0x0b08 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
11:49:37.0141 0x0b08 BITS - ok
11:49:37.0171 0x0b08 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:49:37.0199 0x0b08 blbdrive - ok
11:49:41.0695 0x0b08 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:49:41.0910 0x0b08 bowser - ok
11:49:41.0933 0x0b08 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:49:42.0256 0x0b08 BrFiltLo - ok
11:49:42.0301 0x0b08 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:49:42.0342 0x0b08 BrFiltUp - ok
11:49:42.0395 0x0b08 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
11:49:42.0466 0x0b08 Browser - ok
11:49:42.0531 0x0b08 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:49:42.0588 0x0b08 Brserid - ok
11:49:42.0617 0x0b08 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:49:42.0676 0x0b08 BrSerWdm - ok
11:49:42.0702 0x0b08 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:49:42.0746 0x0b08 BrUsbMdm - ok
11:49:42.0761 0x0b08 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:49:42.0815 0x0b08 BrUsbSer - ok
11:49:42.0841 0x0b08 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:49:43.0039 0x0b08 BTHMODEM - ok
11:49:43.0546 0x0b08 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
11:49:43.0646 0x0b08 bthserv - ok
11:49:43.0860 0x0b08 [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:49:43.0928 0x0b08 c2cautoupdatesvc - ok
11:49:44.0093 0x0b08 [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:49:44.0168 0x0b08 c2cpnrsvc - ok
11:49:44.0201 0x0b08 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:49:44.0246 0x0b08 cdfs - ok
11:49:44.0299 0x0b08 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
11:49:44.0337 0x0b08 cdrom - ok
11:49:44.0385 0x0b08 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
11:49:44.0444 0x0b08 CertPropSvc - ok
11:49:44.0498 0x0b08 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:49:44.0532 0x0b08 circlass - ok
11:49:44.0623 0x0b08 [ F665EE65E60513C59E2ADBEF33989AB1, 67D2C9DB8AC353FAF3A56EC8D227681326AEE59FB05664A5CE83AF5CA86F8492 ] ClaraUpdater C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe
11:49:44.0669 0x0b08 ClaraUpdater - ok
11:49:44.0954 0x0b08 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
11:49:45.0027 0x0b08 CLFS - ok
11:49:54.0867 0x0b08 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:49:55.0021 0x0b08 clr_optimization_v2.0.50727_32 - ok
11:49:55.0220 0x0b08 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:49:55.0332 0x0b08 clr_optimization_v4.0.30319_32 - ok
11:49:55.0426 0x0b08 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:49:55.0835 0x0b08 CmBatt - ok
11:49:55.0990 0x0b08 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:49:56.0090 0x0b08 cmdide - ok
11:49:56.0320 0x0b08 [ 7B02F50D5BCA75B85C0A83B8E229BD18, CCE92E22C21068DD8A0CB7A69DDD8847564813C393518DB5F5485243F9BB9B5C ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
11:49:56.0535 0x0b08 cm_km_w - ok
11:49:56.0996 0x0b08 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
11:49:57.0167 0x0b08 CNG - ok
11:49:57.0202 0x0b08 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:49:57.0224 0x0b08 Compbatt - ok
11:49:57.0397 0x0b08 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:49:57.0449 0x0b08 CompositeBus - ok
11:49:57.0557 0x0b08 COMSysApp - ok
11:49:58.0640 0x0b08 cpuz134 - ok
11:49:58.0747 0x0b08 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:49:58.0781 0x0b08 crcdisk - ok
11:49:58.0912 0x0b08 [ 33F67BBCC3C0499D3F3382473114CFA8, FDDCC41CE005B7C1BEBB6F4ACA9A3F10E5972792ADFD7D294E70A0B781460981 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:49:58.0975 0x0b08 CryptSvc - ok
11:49:59.0078 0x0b08 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
11:49:59.0135 0x0b08 CSC - ok
11:49:59.0258 0x0b08 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
11:49:59.0313 0x0b08 CscService - ok
11:49:59.0491 0x0b08 dbupdate - ok
11:49:59.0542 0x0b08 dbupdatem - ok
11:49:59.0657 0x0b08 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
11:49:59.0719 0x0b08 DcomLaunch - ok
11:49:59.0765 0x0b08 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
11:49:59.0835 0x0b08 defragsvc - ok
11:49:59.0902 0x0b08 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:49:59.0962 0x0b08 DfsC - ok
11:50:00.0065 0x0b08 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:50:00.0113 0x0b08 Dhcp - ok
11:50:00.0460 0x0b08 [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack C:\Windows\system32\diagtrack.dll
11:50:00.0530 0x0b08 DiagTrack - ok
11:50:00.0567 0x0b08 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
11:50:00.0609 0x0b08 discache - ok
11:50:00.0851 0x0b08 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:50:00.0979 0x0b08 Disk - ok
11:50:01.0208 0x0b08 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:50:01.0381 0x0b08 Dnscache - ok
11:50:01.0469 0x0b08 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
11:50:01.0572 0x0b08 dot3svc - ok
11:50:01.0981 0x0b08 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
11:50:02.0121 0x0b08 DPS - ok
11:50:03.0023 0x0b08 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:50:03.0188 0x0b08 drmkaud - ok
11:50:03.0648 0x0b08 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:50:03.0770 0x0b08 DXGKrnl - ok
11:50:03.0880 0x0b08 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
11:50:04.0067 0x0b08 EapHost - ok
11:50:05.0101 0x0b08 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
11:50:05.0283 0x0b08 ebdrv - ok
11:50:05.0485 0x0b08 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] EFS C:\Windows\System32\lsass.exe
11:50:05.0596 0x0b08 EFS - ok
11:50:05.0930 0x0b08 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:50:06.0290 0x0b08 ehRecvr - ok
11:50:06.0374 0x0b08 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
11:50:06.0807 0x0b08 ehSched - ok
11:50:07.0044 0x0b08 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:50:07.0092 0x0b08 elxstor - ok
11:50:07.0132 0x0b08 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:50:07.0189 0x0b08 ErrDev - ok
11:50:07.0296 0x0b08 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
11:50:07.0343 0x0b08 EventSystem - ok
11:50:07.0486 0x0b08 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
11:50:07.0546 0x0b08 exfat - ok
11:50:07.0571 0x0b08 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:50:07.0618 0x0b08 fastfat - ok
11:50:07.0678 0x0b08 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
11:50:07.0804 0x0b08 Fax - ok
11:50:07.0846 0x0b08 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:50:07.0883 0x0b08 fdc - ok
11:50:07.0918 0x0b08 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
11:50:07.0972 0x0b08 fdPHost - ok
11:50:07.0985 0x0b08 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
11:50:08.0024 0x0b08 FDResPub - ok
11:50:08.0044 0x0b08 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:50:08.0061 0x0b08 FileInfo - ok
11:50:08.0080 0x0b08 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:50:08.0138 0x0b08 Filetrace - ok
11:50:08.0156 0x0b08 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:50:08.0197 0x0b08 flpydisk - ok
11:50:08.0236 0x0b08 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:50:08.0258 0x0b08 FltMgr - ok
11:50:08.0386 0x0b08 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
11:50:08.0471 0x0b08 FontCache - ok
11:50:08.0545 0x0b08 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:50:08.0560 0x0b08 FontCache3.0.0.0 - ok
11:50:08.0590 0x0b08 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:50:08.0605 0x0b08 FsDepends - ok
11:50:08.0643 0x0b08 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:50:08.0663 0x0b08 Fs_Rec - ok
11:50:08.0735 0x0b08 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:50:08.0756 0x0b08 fvevol - ok
11:50:08.0922 0x0b08 [ 34403847D2E224A96B94A123B9AE55A0, 8FAF543A14656473DBEFA5D138250927A1E587687A0CADF760ADA64777D181DD ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
11:50:09.0008 0x0b08 fwlanusbn - ok
11:50:09.0113 0x0b08 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:50:09.0170 0x0b08 gagp30kx - ok
11:50:09.0297 0x0b08 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
11:50:09.0662 0x0b08 gpsvc - ok
11:50:20.0585 0x0b08 [ F8DBC52181E9251410C53360B722D08D, FFE86A94CCC99DADAAD87613C6DDA0D96D94121BA21E6306C6D1C97F0F58F9F5 ] GS In-Game Service C:\Program Files\GameTracker\GSInGameService.exe
11:50:20.0931 0x0b08 GS In-Game Service - ok
11:50:21.0512 0x0b08 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
11:50:21.0557 0x0b08 gupdate - ok
11:50:21.0616 0x0b08 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
11:50:21.0628 0x0b08 gupdatem - ok
11:50:21.0679 0x0b08 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:50:21.0897 0x0b08 hcw85cir - ok
11:50:22.0012 0x0b08 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:50:22.0068 0x0b08 HdAudAddService - ok
11:50:22.0135 0x0b08 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:50:22.0210 0x0b08 HDAudBus - ok
11:50:22.0258 0x0b08 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:50:22.0314 0x0b08 HidBatt - ok
11:50:22.0336 0x0b08 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:50:22.0364 0x0b08 HidBth - ok
11:50:22.0417 0x0b08 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:50:22.0555 0x0b08 HidIr - ok
11:50:22.0612 0x0b08 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
11:50:22.0670 0x0b08 hidserv - ok
11:50:22.0773 0x0b08 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:50:22.0878 0x0b08 HidUsb - ok
11:50:22.0943 0x0b08 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
11:50:22.0978 0x0b08 hkmsvc - ok
11:50:23.0070 0x0b08 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:50:23.0327 0x0b08 HomeGroupListener - ok
11:50:23.0514 0x0b08 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:50:23.0638 0x0b08 HomeGroupProvider - ok
11:50:23.0705 0x0b08 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:50:23.0784 0x0b08 HpSAMD - ok
11:50:24.0230 0x0b08 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:50:24.0427 0x0b08 HTTP - ok
11:50:31.0282 0x0b08 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:50:33.0575 0x0b08 hwpolicy - ok
11:50:33.0780 0x0b08 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:50:33.0942 0x0b08 i8042prt - ok
11:50:34.0442 0x0b08 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:50:34.0522 0x0b08 iaStorV - ok
11:50:34.0952 0x0b08 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:50:35.0116 0x0b08 idsvc - ok
11:50:35.0400 0x0b08 IEEtwCollectorService - ok
11:50:35.0512 0x0b08 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:50:35.0753 0x0b08 iirsp - ok
11:50:36.0132 0x0b08 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
11:50:36.0310 0x0b08 IKEEXT - ok
11:50:36.0342 0x0b08 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
11:50:36.0459 0x0b08 intelide - ok
11:50:36.0605 0x0b08 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:50:36.0684 0x0b08 intelppm - ok
11:50:37.0236 0x0b08 [ 98DABF07F517D9DC403F63B827EE6D31, EC898A069144C191A8D754C96F0BA130CE7B215833ED2E65BC97F21A302E1AAC ] Internet Enhancer Service C:\Program Files\WajIntEnhance\WajIntEnhance Internet Enhancer\InternetEnhancerService.exe
11:50:37.0262 0x0b08 Internet Enhancer Service - detected UnsignedFile.Multi.Generic ( 1 )
11:50:39.0869 0x0b08 Detect skipped due to KSN trusted
11:50:39.0869 0x0b08 Internet Enhancer Service - ok
11:50:40.0041 0x0b08 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:50:40.0178 0x0b08 IPBusEnum - ok
11:50:40.0207 0x0b08 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:50:40.0344 0x0b08 IpFilterDriver - ok
11:50:40.0635 0x0b08 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:50:40.0868 0x0b08 iphlpsvc - ok
11:50:40.0969 0x0b08 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:50:41.0179 0x0b08 IPMIDRV - ok
11:50:41.0288 0x0b08 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:50:41.0562 0x0b08 IPNAT - ok
11:50:41.0701 0x0b08 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:50:42.0645 0x0b08 IRENUM - ok
11:50:42.0859 0x0b08 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:50:42.0885 0x0b08 isapnp - ok
11:50:42.0933 0x0b08 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:50:42.0966 0x0b08 iScsiPrt - ok
11:50:43.0110 0x0b08 [ C4C95805B85BCE1EB9D20F4A02FC5F9B, 0ED6A3004B0C5020223C2E1F70B7590C6772D5B272A0033679BC610E21EAE670 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
11:50:43.0166 0x0b08 k57nd60x - ok
11:50:52.0789 0x0b08 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
11:50:52.0840 0x0b08 kbdclass - ok
11:50:52.0933 0x0b08 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
11:50:53.0144 0x0b08 kbdhid - ok
11:50:53.0168 0x0b08 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] KeyIso C:\Windows\system32\lsass.exe
11:50:53.0383 0x0b08 KeyIso - ok
11:50:53.0740 0x0b08 [ D4EFE2D8C565AF59D8020AD340DB73F1, 605678CAF457F086CDA346C234BE113C44758E667A7E51BFE5F83B6497DD66F2 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
11:50:53.0784 0x0b08 kl1 - ok
11:50:53.0976 0x0b08 [ F427E0844E07AF495EB3DEB6C46531D8, F1BBF652EFE060AA2FED677F4D9D293981D0EE47B70BB0F86C921539AA8FDA61 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
11:50:54.0005 0x0b08 kldisk - ok
11:50:54.0377 0x0b08 [ A68696E4973081A57EE93A1CA74FA069, 24E5910982C864EED45B7BE42C63FF96B138152C3C21E1654D7E539C4496CD20 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
11:50:54.0431 0x0b08 klflt - ok
11:50:54.0587 0x0b08 [ 721B8147B01E809CEDDEB7D9092331AC, DB25FC6279430D3A831D9384F19974389504A661954487DFDBDE76F61BAF3141 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
11:50:54.0634 0x0b08 klhk - ok
11:50:55.0390 0x0b08 [ 0BDE06D81BE6BA6C61B5412B0ABC8D82, 34C6D07C53B5E55A0F3024B4EB15E5303555DF3EFE2B22D6D1ABF669002B8072 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
11:50:55.0536 0x0b08 KLIF - ok
11:50:55.0756 0x0b08 [ B095E4E96165B85E4347CE4CC5F6663C, 5B4B92C95326FBFC8DDAEBE3B233B170FEC0E0F80AD16E3C491EB7686FD06A17 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
11:50:55.0826 0x0b08 KLIM6 - ok
11:50:55.0903 0x0b08 [ 7E6038C12FC907CDA6E1FD6033F054C7, 641920240FE4EA6793B4782C527F869252305AEFF63FBD5BDC10F99784D1E97B ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
11:50:56.0025 0x0b08 klkbdflt - ok
11:50:56.0039 0x0b08 klkbdflt2 - ok
11:50:56.0179 0x0b08 [ 45AF839DA65B958318A633B0CBCD98AC, 438103AD1AB85BA934B4E7732BE2154B4DE8F5760924C0C8B2EFB508B2459631 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
11:50:56.0407 0x0b08 klmouflt - ok
11:50:56.0939 0x0b08 [ 0F2C2BA832893F65D97AB8B75FCD3CCD, 9BA8C0CE08320B60D1E069694301777B217842482053EB827DCF0160DDE06815 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
11:50:57.0059 0x0b08 klpd - ok
11:50:57.0133 0x0b08 [ 8E682FBB727A3A3C3B7FAF986FF4EA54, 7AA1A8E71D665B33E00E36BD076C0AA4450769D6F51A70C932CEB02108690A0D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
11:51:01.0672 0x0b08 kltdi - ok
11:51:06.0324 0x0b08 [ 34741E36DC84BF157FA0223459B9E0AD, FFF2907A0A2D21598EC4F9CE13FF5C4249580A2197C062FB9AA74C1CEC5F3BBB ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
11:51:06.0539 0x0b08 Klwtp - ok
11:51:07.0044 0x0b08 [ B7E6382953EFBC948572BA18CE7F88B9, 94EDDBEA1618F5A4F7ADB677892CA50BDFAFAD3DA2AFD5AF41695027760E1D98 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
11:51:07.0170 0x0b08 kneps - ok
11:51:07.0493 0x0b08 [ A1F4064171DB9F314BDABA0B43014CA4, DFAB60F6C8D00DC4AC55D32D797095E82C00F71E33F6EE989B03EE0A1D340FEF ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:51:07.0606 0x0b08 KSecDD - ok
11:51:07.0771 0x0b08 [ 8A8BA57DF21630B36B2FAA229AC5B1D1, D6B407D23453E8547B9F64BC8B484A593347E8252A25B9637BA8F8C067B1E057 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:51:07.0886 0x0b08 KSecPkg - ok
11:51:08.0489 0x0b08 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
11:51:08.0868 0x0b08 KtmRm - ok
11:51:09.0323 0x0b08 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:51:09.0672 0x0b08 LanmanServer - ok
11:51:14.0318 0x0b08 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:51:19.0204 0x0b08 LanmanWorkstation - ok
11:51:19.0578 0x0b08 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:51:19.0792 0x0b08 lltdio - ok
11:51:20.0058 0x0b08 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:51:20.0138 0x0b08 lltdsvc - ok
11:51:20.0291 0x0b08 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:51:20.0433 0x0b08 lmhosts - ok
11:51:20.0502 0x0b08 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:51:20.0530 0x0b08 LSI_FC - ok
11:51:20.0862 0x0b08 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:51:21.0019 0x0b08 LSI_SAS - ok
11:51:21.0299 0x0b08 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:51:21.0330 0x0b08 LSI_SAS2 - ok
11:51:21.0441 0x0b08 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:51:21.0480 0x0b08 LSI_SCSI - ok
11:51:21.0571 0x0b08 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
11:51:21.0631 0x0b08 luafv - ok
11:51:22.0221 0x0b08 [ F88B3A1CA0CE7DA9879F633D3EC10B9B, 6D3849A34BB043BAC72E36B120B14827B577C6B462794C7A0E4BAD668FB4F3FC ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
11:51:22.0247 0x0b08 mbamchameleon - ok
11:51:22.0645 0x0b08 [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:51:22.0676 0x0b08 MBAMSwissArmy - ok
11:51:22.0860 0x0b08 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:51:22.0902 0x0b08 Mcx2Svc - ok
11:51:23.0013 0x0b08 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:51:23.0043 0x0b08 megasas - ok
11:51:23.0240 0x0b08 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:51:23.0295 0x0b08 MegaSR - ok
11:51:23.0344 0x0b08 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
11:51:23.0418 0x0b08 MMCSS - ok
11:51:23.0633 0x0b08 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
11:51:23.0704 0x0b08 Modem - ok
11:51:23.0750 0x0b08 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:51:24.0044 0x0b08 monitor - ok
11:51:24.0101 0x0b08 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\drivers\mouclass.sys
11:51:24.0191 0x0b08 mouclass - ok
11:51:24.0325 0x0b08 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:51:24.0395 0x0b08 mouhid - ok
11:51:24.0505 0x0b08 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:51:24.0525 0x0b08 mountmgr - ok
11:51:24.0563 0x0b08 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
11:51:24.0587 0x0b08 mpio - ok
11:51:24.0715 0x0b08 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:51:24.0783 0x0b08 mpsdrv - ok
11:51:25.0075 0x0b08 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:51:25.0219 0x0b08 MpsSvc - ok
11:51:25.0257 0x0b08 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:51:25.0371 0x0b08 MRxDAV - ok
11:51:25.0471 0x0b08 [ 01C5B803F6E1FDF8F16F0763DA9B997D, 721B5C6E8E71453D6494971C14CFD93F1A180098D4EE35572EAACEF6FC6B0442 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:51:25.0574 0x0b08 mrxsmb - ok
11:51:25.0638 0x0b08 [ C48A8284F018BEAAFC7A027A570D9C84, DD29ACC08E9F57ED426D11F8A3E2F0EA53F373200D249225627124F65D1EC1BD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:51:25.0755 0x0b08 mrxsmb10 - ok
11:51:25.0816 0x0b08 [ C1CC047CE391BB88350379153BC1C8FA, 2DC83A61F871A87CFC6E56BF5F164271E7E72694B33E58D842F5759A3DE8F4C7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:51:26.0000 0x0b08 mrxsmb20 - ok
11:51:26.0063 0x0b08 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
11:51:26.0083 0x0b08 msahci - ok
11:51:26.0102 0x0b08 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:51:26.0130 0x0b08 msdsm - ok
11:51:26.0171 0x0b08 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
11:51:26.0219 0x0b08 MSDTC - ok
11:51:26.0362 0x0b08 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:51:30.0979 0x0b08 Msfs - ok
11:51:33.0484 0x0b08 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:51:35.0788 0x0b08 mshidkmdf - ok
11:51:35.0838 0x0b08 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:51:36.0112 0x0b08 msisadrv - ok
11:51:36.0258 0x0b08 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:51:36.0490 0x0b08 MSiSCSI - ok
11:51:36.0495 0x0b08 msiserver - ok
11:51:36.0806 0x0b08 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:51:37.0121 0x0b08 MSKSSRV - ok
11:51:37.0179 0x0b08 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:51:37.0279 0x0b08 MSPCLOCK - ok
11:51:37.0387 0x0b08 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:51:37.0538 0x0b08 MSPQM - ok
11:51:37.0557 0x0b08 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:51:37.0615 0x0b08 MsRPC - ok
11:51:37.0683 0x0b08 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:51:37.0717 0x0b08 mssmbios - ok
11:51:37.0767 0x0b08 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:51:37.0884 0x0b08 MSTEE - ok
11:51:37.0949 0x0b08 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:51:38.0028 0x0b08 MTConfig - ok
11:51:38.0078 0x0b08 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
11:51:38.0102 0x0b08 Mup - ok
11:51:38.0182 0x0b08 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
11:51:38.0286 0x0b08 napagent - ok
11:51:38.0355 0x0b08 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:51:38.0390 0x0b08 NativeWifiP - ok
11:51:38.0487 0x0b08 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:51:38.0566 0x0b08 NDIS - ok
11:51:38.0593 0x0b08 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:51:38.0672 0x0b08 NdisCap - ok
11:51:38.0731 0x0b08 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:51:38.0792 0x0b08 NdisTapi - ok
11:51:38.0834 0x0b08 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:51:38.0880 0x0b08 Ndisuio - ok
11:51:38.0910 0x0b08 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:51:38.0968 0x0b08 NdisWan - ok
11:51:39.0184 0x0b08 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:51:39.0239 0x0b08 NDProxy - ok
11:51:39.0312 0x0b08 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:51:39.0376 0x0b08 NetBIOS - ok
11:51:39.0423 0x0b08 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:51:39.0483 0x0b08 NetBT - ok
11:51:39.0510 0x0b08 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] Netlogon C:\Windows\system32\lsass.exe
11:51:39.0532 0x0b08 Netlogon - ok
11:51:39.0623 0x0b08 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
11:51:39.0676 0x0b08 Netman - ok
11:51:39.0729 0x0b08 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:51:39.0757 0x0b08 NetMsmqActivator - ok
11:51:39.0795 0x0b08 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:51:39.0820 0x0b08 NetPipeActivator - ok
11:51:39.0888 0x0b08 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
11:51:39.0936 0x0b08 netprofm - ok
11:51:39.0958 0x0b08 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:51:39.0978 0x0b08 NetTcpActivator - ok
11:51:39.0995 0x0b08 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:51:40.0013 0x0b08 NetTcpPortSharing - ok
11:51:40.0060 0x0b08 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:51:40.0130 0x0b08 nfrd960 - ok
11:51:42.0424 0x0b08 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:51:49.0202 0x0b08 NlaSvc - ok
11:51:49.0341 0x0b08 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:51:49.0450 0x0b08 Npfs - ok
11:51:49.0858 0x0b08 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
11:51:50.0021 0x0b08 nsi - ok
11:51:50.0160 0x0b08 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:51:50.0209 0x0b08 nsiproxy - ok
11:51:50.0575 0x0b08 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:51:50.0764 0x0b08 Ntfs - ok
11:51:50.0862 0x0b08 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
11:51:50.0919 0x0b08 Null - ok
11:51:51.0030 0x0b08 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:51:51.0110 0x0b08 nvraid - ok
11:51:51.0146 0x0b08 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:51:51.0181 0x0b08 nvstor - ok
11:51:51.0380 0x0b08 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:51:51.0406 0x0b08 nv_agp - ok
11:51:51.0502 0x0b08 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:51:51.0522 0x0b08 ohci1394 - ok
11:51:51.0561 0x0b08 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:51:51.0630 0x0b08 p2pimsvc - ok
11:51:51.0708 0x0b08 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
11:51:51.0742 0x0b08 p2psvc - ok
11:51:51.0781 0x0b08 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:51:51.0876 0x0b08 Parport - ok
11:51:51.0905 0x0b08 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:51:51.0920 0x0b08 partmgr - ok
11:51:51.0937 0x0b08 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
11:51:51.0966 0x0b08 Parvdm - ok
11:51:52.0000 0x0b08 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
11:51:52.0052 0x0b08 PcaSvc - ok
11:51:52.0079 0x0b08 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
11:51:52.0103 0x0b08 pci - ok
11:51:52.0127 0x0b08 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
11:51:52.0148 0x0b08 pciide - ok
11:51:52.0181 0x0b08 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:51:52.0210 0x0b08 pcmcia - ok
11:51:52.0260 0x0b08 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
11:51:52.0280 0x0b08 pcw - ok
11:51:52.0345 0x0b08 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:51:52.0421 0x0b08 PEAUTH - ok
11:52:01.0958 0x0b08 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:52:02.0539 0x0b08 PeerDistSvc - ok
11:52:02.0862 0x0b08 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
11:52:03.0264 0x0b08 pla - ok
11:52:03.0385 0x0b08 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:52:03.0608 0x0b08 PlugPlay - ok
11:52:03.0725 0x0b08 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:52:03.0762 0x0b08 PNRPAutoReg - ok
11:52:03.0793 0x0b08 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:52:03.0817 0x0b08 PNRPsvc - ok
11:52:03.0888 0x0b08 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:52:03.0957 0x0b08 PolicyAgent - ok
11:52:04.0050 0x0b08 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
11:52:04.0102 0x0b08 Power - ok
11:52:04.0224 0x0b08 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:52:04.0356 0x0b08 PptpMiniport - ok
11:52:04.0388 0x0b08 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:52:04.0423 0x0b08 Processor - ok
11:52:04.0528 0x0b08 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
11:52:04.0597 0x0b08 ProfSvc - ok
11:52:04.0618 0x0b08 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:52:04.0634 0x0b08 ProtectedStorage - ok
11:52:04.0697 0x0b08 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:52:04.0777 0x0b08 Psched - ok
11:52:09.0670 0x0b08 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:52:14.0417 0x0b08 ql2300 - ok
11:52:14.0673 0x0b08 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:52:14.0720 0x0b08 ql40xx - ok
11:52:14.0809 0x0b08 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
11:52:15.0122 0x0b08 QWAVE - ok
11:52:15.0191 0x0b08 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:52:15.0260 0x0b08 QWAVEdrv - ok
11:52:15.0285 0x0b08 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:52:15.0491 0x0b08 RasAcd - ok
11:52:15.0588 0x0b08 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:52:15.0862 0x0b08 RasAgileVpn - ok
11:52:15.0938 0x0b08 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
11:52:16.0096 0x0b08 RasAuto - ok
11:52:16.0308 0x0b08 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:52:16.0570 0x0b08 Rasl2tp - ok
11:52:16.0751 0x0b08 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
11:52:16.0821 0x0b08 RasMan - ok
11:52:16.0983 0x0b08 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:52:17.0096 0x0b08 RasPppoe - ok
11:52:17.0249 0x0b08 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:52:17.0338 0x0b08 RasSstp - ok
11:52:17.0528 0x0b08 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:52:17.0632 0x0b08 rdbss - ok
11:52:17.0713 0x0b08 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:52:17.0771 0x0b08 rdpbus - ok
11:52:17.0917 0x0b08 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:52:18.0020 0x0b08 RDPCDD - ok
11:52:18.0108 0x0b08 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:52:18.0275 0x0b08 RDPDR - ok
11:52:18.0384 0x0b08 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:52:18.0457 0x0b08 RDPENCDD - ok
11:52:18.0480 0x0b08 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:52:18.0597 0x0b08 RDPREFMP - ok
11:52:23.0264 0x0b08 [ EAC76854C359D2534B25296AE425410D, B813FFD395AC0B969C56FD8B8D04DF6E72C39C8C2E714B03747A20D5723D58DD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:52:27.0982 0x0b08 RdpVideoMiniport - ok
11:52:28.0114 0x0b08 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:52:28.0584 0x0b08 RDPWD - ok
11:52:28.0810 0x0b08 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:52:28.0894 0x0b08 rdyboost - ok
11:52:28.0998 0x0b08 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:52:29.0231 0x0b08 RemoteAccess - ok
11:52:29.0397 0x0b08 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:52:29.0529 0x0b08 RemoteRegistry - ok
11:52:29.0740 0x0b08 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:52:29.0891 0x0b08 RpcEptMapper - ok
11:52:29.0952 0x0b08 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
11:52:30.0078 0x0b08 RpcLocator - ok
11:52:30.0129 0x0b08 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
11:52:30.0171 0x0b08 RpcSs - ok
11:52:30.0220 0x0b08 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:52:30.0291 0x0b08 rspndr - ok
11:52:30.0339 0x0b08 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:52:30.0423 0x0b08 s3cap - ok
11:52:30.0443 0x0b08 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] SamSs C:\Windows\system32\lsass.exe
11:52:30.0458 0x0b08 SamSs - ok
11:52:30.0496 0x0b08 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:52:30.0520 0x0b08 sbp2port - ok
11:52:30.0553 0x0b08 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:52:30.0599 0x0b08 SCardSvr - ok
11:52:30.0628 0x0b08 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:52:30.0660 0x0b08 scfilter - ok
11:52:30.0746 0x0b08 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
11:52:30.0813 0x0b08 Schedule - ok
11:52:30.0842 0x0b08 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:52:30.0882 0x0b08 SCPolicySvc - ok
11:52:30.0911 0x0b08 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:52:30.0939 0x0b08 SDRSVC - ok
11:52:30.0981 0x0b08 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:52:31.0020 0x0b08 secdrv - ok
11:52:31.0067 0x0b08 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
11:52:31.0111 0x0b08 seclogon - ok
11:52:31.0139 0x0b08 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
11:52:31.0168 0x0b08 SENS - ok
11:52:31.0195 0x0b08 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:52:31.0254 0x0b08 SensrSvc - ok
11:52:31.0366 0x0b08 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:52:35.0920 0x0b08 Serenum - ok
11:52:40.0448 0x0b08 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:52:40.0839 0x0b08 Serial - ok
11:52:40.0961 0x0b08 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:52:41.0077 0x0b08 sermouse - ok
11:52:41.0138 0x0b08 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
11:52:41.0292 0x0b08 SessionEnv - ok
11:52:41.0360 0x0b08 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:52:41.0462 0x0b08 sffdisk - ok
11:52:41.0504 0x0b08 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:52:41.0540 0x0b08 sffp_mmc - ok
11:52:41.0564 0x0b08 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:52:41.0604 0x0b08 sffp_sd - ok
11:52:41.0640 0x0b08 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:52:41.0655 0x0b08 sfloppy - ok
11:52:41.0784 0x0b08 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:52:41.0830 0x0b08 SharedAccess - ok
11:52:41.0897 0x0b08 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:52:41.0958 0x0b08 ShellHWDetection - ok
11:52:42.0011 0x0b08 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
11:52:42.0042 0x0b08 sisagp - ok
11:52:42.0075 0x0b08 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:52:42.0126 0x0b08 SiSRaid2 - ok
11:52:42.0157 0x0b08 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:52:42.0190 0x0b08 SiSRaid4 - ok
11:52:42.0377 0x0b08 [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
11:52:42.0406 0x0b08 SkypeUpdate - ok
11:52:42.0438 0x0b08 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:52:42.0480 0x0b08 Smb - ok
11:52:42.0548 0x0b08 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:52:42.0595 0x0b08 SNMPTRAP - ok
11:52:42.0639 0x0b08 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
11:52:42.0664 0x0b08 spldr - ok
11:52:42.0777 0x0b08 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
11:52:42.0906 0x0b08 Spooler - ok
11:52:43.0211 0x0b08 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
11:52:43.0368 0x0b08 sppsvc - ok
11:52:43.0416 0x0b08 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:52:43.0458 0x0b08 sppuinotify - ok
11:52:43.0524 0x0b08 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:52:43.0603 0x0b08 srv - ok
11:52:43.0628 0x0b08 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:52:43.0665 0x0b08 srv2 - ok
11:52:43.0683 0x0b08 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:52:43.0712 0x0b08 srvnet - ok
11:52:43.0749 0x0b08 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:52:43.0794 0x0b08 SSDPSRV - ok
11:52:43.0830 0x0b08 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:52:43.0890 0x0b08 SstpSvc - ok
11:52:44.0036 0x0b08 [ 914CE17FE3E542ACFE5ACD6646E2DFDB, B2F443C07686E75A06DD49645C544D792F438EEC8ACE715818775E60FFEFA720 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
11:52:44.0100 0x0b08 Steam Client Service - ok
11:52:44.0153 0x0b08 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:52:44.0291 0x0b08 stexstor - ok
11:52:44.0368 0x0b08 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
11:52:44.0587 0x0b08 StiSvc - ok
11:52:44.0600 0x0b08 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:52:44.0619 0x0b08 storflt - ok
11:52:44.0657 0x0b08 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:52:44.0682 0x0b08 storvsc - ok
11:52:44.0700 0x0b08 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
11:52:44.0712 0x0b08 swenum - ok
11:52:44.0762 0x0b08 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
11:52:44.0808 0x0b08 swprv - ok
11:52:44.0822 0x0b08 Synth3dVsc - ok
11:52:44.0885 0x0b08 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
11:52:44.0992 0x0b08 SysMain - ok
11:52:45.0024 0x0b08 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:52:45.0057 0x0b08 TabletInputService - ok
11:52:45.0080 0x0b08 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
11:52:45.0138 0x0b08 TapiSrv - ok
11:52:45.0173 0x0b08 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
11:52:45.0219 0x0b08 TBS - ok
11:52:45.0346 0x0b08 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:52:45.0415 0x0b08 Tcpip - ok
11:52:45.0497 0x0b08 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:52:45.0536 0x0b08 TCPIP6 - ok
11:52:45.0574 0x0b08 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:52:45.0594 0x0b08 tcpipreg - ok
11:52:45.0634 0x0b08 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:52:45.0664 0x0b08 TDPIPE - ok
11:52:45.0683 0x0b08 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:52:45.0725 0x0b08 TDTCP - ok
11:52:45.0751 0x0b08 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:52:45.0810 0x0b08 tdx - ok
11:52:45.0831 0x0b08 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:52:45.0851 0x0b08 TermDD - ok
11:52:52.0720 0x0b08 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
11:52:55.0269 0x0b08 TermService - ok
11:52:55.0328 0x0b08 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
11:52:55.0422 0x0b08 Themes - ok
11:52:55.0443 0x0b08 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
11:52:55.0484 0x0b08 THREADORDER - ok
11:52:55.0635 0x0b08 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
11:52:55.0709 0x0b08 TrkWks - ok
11:52:55.0785 0x0b08 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:52:55.0950 0x0b08 TrustedInstaller - ok
11:52:56.0025 0x0b08 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:52:56.0052 0x0b08 tssecsrv - ok
11:52:56.0138 0x0b08 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:52:56.0280 0x0b08 TsUsbFlt - ok
11:52:56.0291 0x0b08 tsusbhub - ok
11:52:56.0331 0x0b08 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:52:56.0367 0x0b08 tunnel - ok
11:52:56.0385 0x0b08 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:52:56.0411 0x0b08 uagp35 - ok
11:52:56.0465 0x0b08 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:52:56.0511 0x0b08 udfs - ok
11:52:56.0538 0x0b08 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:52:56.0573 0x0b08 UI0Detect - ok
11:52:56.0594 0x0b08 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:52:56.0611 0x0b08 uliagpkx - ok
11:52:56.0653 0x0b08 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
11:52:56.0675 0x0b08 umbus - ok
11:52:56.0784 0x0b08 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:52:56.0861 0x0b08 UmPass - ok
11:52:56.0987 0x0b08 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
11:52:57.0024 0x0b08 UmRdpService - ok
11:52:57.0055 0x0b08 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
11:52:57.0106 0x0b08 upnphost - ok
11:52:57.0149 0x0b08 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:52:57.0194 0x0b08 usbaudio - ok
11:52:57.0227 0x0b08 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:52:57.0313 0x0b08 usbccgp - ok
11:52:57.0361 0x0b08 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:52:57.0385 0x0b08 usbcir - ok
11:52:57.0410 0x0b08 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:52:57.0426 0x0b08 usbehci - ok
11:52:57.0475 0x0b08 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:52:57.0510 0x0b08 usbhub - ok
11:52:57.0529 0x0b08 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:52:57.0565 0x0b08 usbohci - ok
11:52:57.0604 0x0b08 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:52:57.0631 0x0b08 usbprint - ok
11:52:57.0670 0x0b08 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
11:52:57.0730 0x0b08 USBSTOR - ok
11:52:57.0753 0x0b08 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:52:57.0776 0x0b08 usbuhci - ok
11:52:57.0826 0x0b08 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
11:52:57.0882 0x0b08 UxSms - ok
11:52:57.0925 0x0b08 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] VaultSvc C:\Windows\system32\lsass.exe
11:52:57.0941 0x0b08 VaultSvc - ok
11:53:00.0246 0x0b08 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:53:04.0777 0x0b08 vdrvroot - ok
11:53:07.0124 0x0b08 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
11:53:07.0387 0x0b08 vds - ok
11:53:07.0533 0x0b08 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:53:07.0697 0x0b08 vga - ok
11:53:07.0777 0x0b08 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:53:07.0851 0x0b08 VgaSave - ok
11:53:07.0897 0x0b08 VGPU - ok
11:53:07.0967 0x0b08 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:53:08.0007 0x0b08 vhdmp - ok
11:53:08.0096 0x0b08 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
11:53:08.0119 0x0b08 viaagp - ok
11:53:08.0138 0x0b08 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
11:53:08.0167 0x0b08 ViaC7 - ok
11:53:08.0203 0x0b08 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
11:53:08.0226 0x0b08 viaide - ok
11:53:08.0245 0x0b08 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:53:08.0269 0x0b08 vmbus - ok
11:53:08.0282 0x0b08 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:53:08.0297 0x0b08 VMBusHID - ok
11:53:08.0343 0x0b08 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:53:08.0359 0x0b08 volmgr - ok
11:53:08.0399 0x0b08 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:53:08.0437 0x0b08 volmgrx - ok
11:53:08.0455 0x0b08 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:53:08.0484 0x0b08 volsnap - ok
11:53:08.0522 0x0b08 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:53:08.0539 0x0b08 vsmraid - ok
11:53:08.0632 0x0b08 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
11:53:08.0710 0x0b08 VSS - ok
11:53:08.0730 0x0b08 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:53:08.0758 0x0b08 vwifibus - ok
11:53:08.0788 0x0b08 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
11:53:08.0838 0x0b08 W32Time - ok
11:53:08.0865 0x0b08 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:53:08.0899 0x0b08 WacomPen - ok
11:53:08.0926 0x0b08 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:53:08.0956 0x0b08 WANARP - ok
11:53:08.0974 0x0b08 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:53:08.0999 0x0b08 Wanarpv6 - ok
11:53:09.0052 0x0b08 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
11:53:09.0183 0x0b08 wbengine - ok
11:53:09.0243 0x0b08 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:53:09.0286 0x0b08 WbioSrvc - ok
11:53:09.0369 0x0b08 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:53:09.0497 0x0b08 wcncsvc - ok
11:53:09.0527 0x0b08 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:53:09.0566 0x0b08 WcsPlugInService - ok
11:53:09.0602 0x0b08 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:53:09.0657 0x0b08 Wd - ok
11:53:09.0768 0x0b08 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:53:09.0811 0x0b08 Wdf01000 - ok
11:53:09.0853 0x0b08 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:53:09.0903 0x0b08 WdiServiceHost - ok
11:53:09.0917 0x0b08 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:53:09.0934 0x0b08 WdiSystemHost - ok
11:53:09.0991 0x0b08 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
11:53:10.0026 0x0b08 WebClient - ok
11:53:10.0092 0x0b08 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:53:10.0134 0x0b08 Wecsvc - ok
11:53:14.0652 0x0b08 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:53:17.0086 0x0b08 wercplsupport - ok
11:53:19.0626 0x0b08 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
11:53:19.0752 0x0b08 WerSvc - ok
11:53:20.0016 0x0b08 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:53:20.0109 0x0b08 WfpLwf - ok
11:53:20.0148 0x0b08 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:53:20.0162 0x0b08 WIMMount - ok
11:53:20.0329 0x0b08 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
11:53:20.0406 0x0b08 WinDefend - ok
11:53:20.0434 0x0b08 WinHttpAutoProxySvc - ok
11:53:20.0565 0x0b08 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:53:20.0660 0x0b08 Winmgmt - ok
11:53:20.0811 0x0b08 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
11:53:20.0947 0x0b08 WinRM - ok
11:53:21.0267 0x0b08 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:53:21.0472 0x0b08 Wlansvc - ok
11:53:21.0541 0x0b08 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:53:21.0599 0x0b08 WmiAcpi - ok
11:53:21.0709 0x0b08 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:53:21.0753 0x0b08 wmiApSrv - ok
11:53:22.0128 0x0b08 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
11:53:22.0232 0x0b08 WMPNetworkSvc - ok
11:53:22.0272 0x0b08 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:53:22.0414 0x0b08 WPCSvc - ok
11:53:22.0494 0x0b08 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:53:22.0651 0x0b08 WPDBusEnum - ok
11:53:22.0691 0x0b08 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:53:22.0760 0x0b08 ws2ifsl - ok
11:53:22.0794 0x0b08 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
11:53:22.0844 0x0b08 wscsvc - ok
11:53:22.0848 0x0b08 WSearch - ok
11:53:22.0917 0x0b08 [ 98190FE79F677E8265F840794D684AE9, BE598055C42402B256D42FFC889AFEFA56FBCF8D7C9852E4940306DEF066EDA2 ] WtfEngineDrv C:\Windows\system32\DRIVERS\WtfEngineDrv.sys
11:53:22.0937 0x0b08 WtfEngineDrv - ok
11:53:23.0122 0x0b08 [ B5DCDEF119A729CB493E9070BF9A7E9D, D7706CFE8521206B38F5F1B57EA2F046E14DB4C893868862BEAFC2A83E2E9098 ] wuauserv C:\Windows\system32\wuaueng.dll
11:53:23.0254 0x0b08 wuauserv - ok
11:53:23.0288 0x0b08 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:53:23.0333 0x0b08 WudfPf - ok
11:53:23.0412 0x0b08 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:53:23.0442 0x0b08 wudfsvc - ok
11:53:23.0498 0x0b08 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
11:53:23.0558 0x0b08 WwanSvc - ok
11:53:23.0630 0x0b08 ================ Scan global ===============================
11:53:23.0737 0x0b08 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:53:23.0846 0x0b08 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
11:53:23.0910 0x0b08 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
11:53:23.0948 0x0b08 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:53:26.0363 0x0b08 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
11:53:28.0688 0x0b08 [ Global ] - ok
11:53:28.0689 0x0b08 ================ Scan MBR ==================================
11:53:30.0970 0x0b08 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:53:36.0352 0x0b08 \Device\Harddisk0\DR0 - ok
11:53:36.0353 0x0b08 ================ Scan VBR ==================================
11:53:36.0365 0x0b08 [ A793F7D68295F38A8918BBE6122D9DC5 ] \Device\Harddisk0\DR0\Partition1
11:53:36.0379 0x0b08 \Device\Harddisk0\DR0\Partition1 - ok
11:53:36.0392 0x0b08 [ D3FF244EC464ED413539469A6B50AFA0 ] \Device\Harddisk0\DR0\Partition2
11:53:36.0394 0x0b08 \Device\Harddisk0\DR0\Partition2 - ok
11:53:36.0394 0x0b08 ================ Scan generic autorun ======================
11:53:45.0795 0x0b08 [ 014675EE1BF89F1310F350C278773EBC, 98C423CEF2578B3FB36C50090D4406ED6345CF41FC272E0E355178575F0062DF ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
11:53:45.0856 0x0b08 StartCCC - ok
11:53:46.0769 0x0b08 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files\avmwlanstick\wlangui.exe
11:53:46.0860 0x0b08 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
11:53:49.0475 0x0b08 Detect skipped due to KSN trusted
11:53:49.0475 0x0b08 AVMWlanClient - ok
11:53:57.0934 0x0b08 Dropbox - ok
11:53:57.0937 0x0b08 BlueStacks Agent - ok
11:53:58.0570 0x0b08 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:53:58.0981 0x0b08 Sidebar - ok
11:53:59.0077 0x0b08 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:53:59.0117 0x0b08 mctadmin - ok
11:53:59.0502 0x0b08 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
11:53:59.0541 0x0b08 Sidebar - ok
11:53:59.0568 0x0b08 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
11:53:59.0587 0x0b08 mctadmin - ok
11:53:59.0770 0x0b08 [ B65BEAFA206DB28A71424CC2DC2D6CA5, E3788E33757DBF3445D1C2E337CBAC976DD30DEA9796F14E9F5B9F84B031D84A ] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
11:53:59.0915 0x0b08 HydraVisionDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
11:54:02.0486 0x0b08 Detect skipped due to KSN trusted
11:54:02.0486 0x0b08 HydraVisionDesktopManager - ok
11:54:02.0516 0x0b08 Skype - ok
11:54:02.0770 0x0b08 [ AA12056CF4286DAA1D0FD6D592E4F980, 7C1A324371B4D18293A00F157EB732B4F932DF6B41F4CCDDCA2F6A26B9F4B999 ] C:\Program Files\Steam\steam.exe
11:54:02.0900 0x0b08 Steam - ok
11:54:03.0147 0x0b08 [ 84BDB235946E845A3E3CF6DF645DE66C, 8859ED297E8DFCFCCFD267E396D3129339E0C8191FEEC04F3E2DC27CD83BCE0E ] C:\Program Files\GameTracker\GTLite.exe
11:54:03.0294 0x0b08 GameTracker - ok
11:54:03.0733 0x0b08 [ E57B2C5869D8C43966CD82A326D13BD2, BF6A0A55323E241048E6FA597F1027A71AC107C0AAADCC043EC84DF6868A8CE9 ] C:\Program Files\WTFast Beta\WTFast.exe
11:54:03.0963 0x0b08 WTFast Tray - ok
11:54:03.0977 0x0b08 Waiting for KSN requests completion. In queue: 7
11:54:04.0977 0x0b08 Waiting for KSN requests completion. In queue: 7
11:54:05.0977 0x0b08 Waiting for KSN requests completion. In queue: 7
11:54:15.0824 0x0b08 AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41000 ( enabled : updated )
11:54:15.0827 0x0b08 FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\wmiav.exe ( 15.0.2.361 ), 0x41010 ( enabled )
11:54:18.0272 0x0b08 ============================================================
11:54:18.0272 0x0b08 Scan finished
11:54:18.0272 0x0b08 ============================================================
11:54:18.0288 0x08c8 Detected object count: 0
11:54:18.0288 0x08c8 Actual detected object count: 0
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.22.01
rootkit: v2015.07.17.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17914
peer :: PEER-PC [administrator]
22.07.2015 10:06:34
mbar-log-2015-07-22 (10-06-34).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 307754
Time elapsed: 51 minute(s), 18 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 21
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
Registry Keys Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cherimoya (Rootkit.cherimoya.A) -> Delete on reboot. [02c762824b3f85b151f132e735ce4bb5]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 6
C:\Windows\System32\abengine.dll (Trojan.Proxy) -> Delete on reboot. [d8f18d575b2fa98d5075cb93639ee719]
C:\Program Files\Flwsrf\abengine.dll (Trojan.Proxy) -> Delete on reboot. [18b144a075155ed82b9a184635cc26da]
C:\Program Files\Flwsrf\abenginep.exe (Trojan.Agent) -> Delete on reboot. [21a874701e6ccc6ad1ef83db90718977]
C:\Program Files\Flwsrf\abenginew.exe (Trojan.Agent) -> Delete on reboot. [8f3a7d676822b185edd3401e14edc43c]
C:\Program Files\Flwsrf\abenginewd.dll (Trojan.Proxy) -> Delete on reboot. [5178ab392b5f48eea5218fcfef12649c]
C:\Windows\System32\drivers\Msft_Kernel_webinstrNHK_01009.Wdf (PUP.Optional.WebInstr.A) -> Delete on reboot. []
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
23.07.2015, 07:05
| #4 |
| /// the machine /// TB-Ausbilder | PC hängt alle paar Sek & Programme laufen langsamer Funde mit MBAR gelöscht? Nochmal scannen bitte, dann: Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.07.2015, 15:55
| #5 |
| | PC hängt alle paar Sek & Programme laufen langsamer Funde mit MBAR wurden gelöscht und erneut gescannt auch. Gab keine weiterten Meldungen. Combofix: Code:
ATTFilter ComboFix 15-07-23.01 - peer 23.07.2015 16:21:12.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.3070.2052 [GMT 2:00]
ausgeführt von:: c:\users\peer\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\install.exe
c:\program files\shopperz
c:\program files\shopperz\installLog.txt
c:\users\peer\4ab6180e72a76b0a7267a8fbbf2748cb.jpg
c:\users\peer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmakluk.dll
c:\users\peer\AppData\Roaming\AnyProtectEx
c:\users\peer\AppData\Roaming\AnyProtectEx\installer\ab.test.json
c:\users\peer\AppData\Roaming\AnyProtectEx\installer\tempfile.t
c:\users\peer\AppData\Roaming\AnyProtectEx\swf\mov01.swf
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-23 bis 2015-07-23 ))))))))))))))))))))))))))))))
.
.
2015-07-23 14:35 . 2015-07-23 14:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-22 19:09 . 2015-07-22 20:24 -------- d-----w- c:\program files\CCleaner
2015-07-22 14:02 . 2015-07-22 14:06 -------- d-----w- c:\users\peer\AppData\Roaming\Trojanerboard
2015-07-22 09:50 . 2015-07-15 01:33 9252608 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{36BA6018-650C-49C7-8807-F8FE38BDFA32}\mpengine.dll
2015-07-22 08:06 . 2015-07-22 19:37 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-22 08:06 . 2015-07-22 09:20 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-22 08:04 . 2015-07-22 09:20 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-22 07:57 . 2015-07-22 07:57 -------- d-----w- c:\program files\VS Revo Group
2015-07-22 07:17 . 2015-07-22 07:23 -------- d-----w- C:\FRST
2015-07-22 06:32 . 2015-07-22 06:32 -------- d-----w- c:\users\peer\AppData\Local\CEF
2015-07-21 20:11 . 2015-07-22 07:07 -------- d-----w- c:\users\peer\AppData\Roaming\Trove
2015-07-21 12:07 . 2015-07-15 02:55 26624 ----a-w- c:\windows\system32\lpk.dll
2015-07-21 12:07 . 2015-07-15 02:55 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-07-21 12:07 . 2015-07-15 02:55 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-07-21 12:07 . 2015-07-15 02:55 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-07-21 12:07 . 2015-07-15 01:52 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-07-20 14:48 . 2015-07-20 14:55 -------- d-----w- c:\programdata\BlueStacksSetup
2015-07-15 09:20 . 2015-06-11 17:57 919552 ----a-w- c:\windows\system32\rdpcorets.dll
2015-07-15 09:19 . 2015-06-01 23:47 210432 ----a-w- c:\windows\system32\cewmdm.dll
2015-07-06 19:42 . 2015-07-06 19:42 -------- d-----w- C:\SinusBot
2015-07-04 12:52 . 2015-07-04 12:52 -------- d--h--w- c:\users\peer\AppData\Roaming\.kbd
2015-07-04 12:24 . 2015-07-21 21:45 -------- d-----w- c:\users\peer\AppData\Local\WinZip
2015-07-04 12:23 . 2015-07-04 12:24 -------- d-----w- c:\programdata\WinZip
2015-07-04 12:06 . 2015-07-04 11:06 917504 ----a-w- c:\users\peer\AppData\Roaming\srt.exe.exe
2015-06-27 14:23 . 2015-06-27 14:23 -------- d-----w- c:\users\peer\AppData\Roaming\com.playsaurus.heroclicker
2015-06-27 14:13 . 2015-06-28 11:10 -------- d-----w- c:\users\peer\AppData\Local\fabi.me
2015-06-24 04:56 . 2015-06-24 04:56 -------- d-----w- c:\program files\MSXML 4.0
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 12:24 . 2015-02-19 17:27 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-07-15 12:24 . 2015-02-19 17:27 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-09 17:43 . 2015-07-15 09:19 93184 ----a-w- c:\windows\system32\wudriver.dll
2015-07-09 17:43 . 2015-07-15 09:19 35840 ----a-w- c:\windows\system32\wups2.dll
2015-07-09 17:43 . 2015-07-15 09:19 30208 ----a-w- c:\windows\system32\wups.dll
2015-07-09 17:43 . 2015-07-15 09:19 173056 ----a-w- c:\windows\system32\wuwebv.dll
2015-07-09 17:43 . 2015-07-15 09:19 566784 ----a-w- c:\windows\system32\wuapi.dll
2015-07-09 17:43 . 2015-07-15 09:19 2943488 ----a-w- c:\windows\system32\wucltux.dll
2015-07-09 17:43 . 2015-07-15 09:19 2057216 ----a-w- c:\windows\system32\wuaueng.dll
2015-07-09 17:43 . 2015-07-15 09:19 73728 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-07-09 17:42 . 2015-07-15 09:19 11776 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-07-09 17:42 . 2015-07-15 09:19 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-07-09 17:42 . 2015-07-15 09:19 34816 ----a-w- c:\windows\system32\wuapp.exe
2015-07-01 20:30 . 2015-07-15 09:21 172032 ----a-w- c:\windows\system32\wdigest.dll
2015-07-01 20:30 . 2015-07-15 09:21 65536 ----a-w- c:\windows\system32\TSpkg.dll
2015-07-01 20:30 . 2015-07-15 09:21 15872 ----a-w- c:\windows\system32\sspisrv.dll
2015-07-01 20:30 . 2015-07-15 09:21 100352 ----a-w- c:\windows\system32\sspicli.dll
2015-07-01 13:01 . 2014-10-22 20:13 44208 ----a-w- c:\windows\system32\drivers\klhk.sys
2015-06-25 08:46 . 2015-07-15 09:21 2383872 ----a-w- c:\windows\system32\win32k.sys
2015-06-23 19:57 . 2014-11-22 13:12 72560 ----a-w- c:\windows\system32\drivers\klwtp.sys
2015-06-23 19:57 . 2014-11-10 16:48 157240 ----a-w- c:\windows\system32\drivers\kneps.sys
2015-06-23 19:57 . 2014-10-09 11:31 54328 ----a-w- c:\windows\system32\drivers\kltdi.sys
2015-06-23 19:57 . 2014-10-10 16:02 34160 ----a-w- c:\windows\system32\drivers\klim6.sys
2015-06-23 19:57 . 2013-04-12 13:34 23920 ----a-w- c:\windows\system32\drivers\klpd.sys
2015-06-23 19:57 . 2014-08-19 11:31 54640 ----a-w- c:\windows\system32\drivers\kldisk.sys
2015-06-23 19:57 . 2014-03-31 09:47 153784 ----a-w- c:\windows\system32\drivers\kl1.sys
2015-06-23 19:56 . 2013-08-08 15:10 35696 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2015-06-23 19:56 . 2014-10-30 03:22 36208 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2015-06-23 19:56 . 2014-11-28 17:19 128728 ----a-w- c:\windows\system32\drivers\klflt.sys
2015-06-23 19:56 . 2013-01-14 19:10 197864 ----a-w- c:\windows\system32\drivers\cm_km_w.sys
2015-06-23 11:27 . 2015-01-06 14:06 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-06-19 18:25 . 2015-07-15 09:19 504320 ----a-w- c:\windows\system32\vbscript.dll
2015-06-19 17:15 . 2015-07-15 09:19 1951232 ----a-w- c:\windows\system32\wininet.dll
2015-05-25 18:07 . 2015-06-10 12:51 3989440 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 12:51 3934144 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-10 12:51 1307648 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:01 . 2015-06-10 12:51 853504 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:01 . 2015-06-10 12:51 635392 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:01 . 2015-06-10 12:51 400896 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:01 . 2015-06-10 12:51 43008 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:01 . 2015-06-10 12:51 92160 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-06-10 12:51 38912 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:01 . 2015-06-10 12:51 641536 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:00 . 2015-06-10 12:51 40448 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:00 . 2015-06-10 12:51 364544 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 12:51 69632 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:00 . 2015-06-10 12:51 262656 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:00 . 2015-06-10 12:51 37888 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:00 . 2015-06-10 12:51 82944 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:00 . 2015-06-10 12:51 17408 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 17:55 . 2015-06-10 12:51 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 16:53 . 2015-06-10 12:51 36864 ----a-w- c:\windows\system32\UtcResources.dll
2015-05-21 13:20 . 2015-06-10 12:51 163840 ----a-w- c:\windows\system32\aepic.dll
2015-05-09 03:14 . 2015-06-10 12:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2015-05-09 03:13 . 2015-06-10 12:50 293376 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-09 03:12 . 2015-06-10 12:50 271360 ----a-w- c:\windows\system32\conhost.exe
2015-05-09 03:08 . 2015-06-10 12:50 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 12:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 12:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 12:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-09 01:59 . 2015-06-10 12:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-01 13:16 . 2015-05-13 21:12 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:07 . 2015-06-10 12:50 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-04-29 18:07 . 2015-06-10 12:50 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-04-29 18:07 . 2015-06-10 12:50 8192 ----a-w- c:\windows\system32\spwmp.dll
2015-04-29 18:05 . 2015-06-10 12:50 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2015-04-27 19:05 . 2015-07-15 09:20 179200 ----a-w- c:\windows\system32\wintrust.dll
2015-04-24 17:56 . 2015-06-10 12:50 530432 ----a-w- c:\windows\system32\comctl32.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-07-07 19:24 151576 ----a-w- c:\program files\Dropbox\Client\DropboxExt.26.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\HydraVision\HydraDM.exe" [2013-12-06 389120]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-06-29 53282944]
"Steam"="c:\program files\Steam\steam.exe" [2015-07-21 2895552]
"GameTracker"="c:\program files\GameTracker\GTLite.exe" [2013-12-19 4019992]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" [2013-12-06 747264]
"AVMWlanClient"="c:\program files\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"Dropbox"="c:\program files\Dropbox\Client\Dropbox.exe" [2015-07-07 44236896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2015-01-07 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FAH.lnk - c:\program files\WinZip\FAH\FAHConsole.exe [2015-6-16 453808]
WinZip Preloader.lnk - c:\program files\WinZip\WzPreloader.exe [2015-6-16 126176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 dbupdate;Dropbox-Update-Service (dbupdate);c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-06-09 134512]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-06-03 327296]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2010-10-22 4352]
R3 BEService;BattlEye Service;c:\program files\Common Files\BattlEye\BEService.exe [2015-05-09 348032]
R3 cpuz134;cpuz134;c:\users\peer\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [x]
R3 dbupdatem;Dropbox-Update-Service (dbupdatem);c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-06-09 134512]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys [2010-10-22 586752]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-06-19 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys [2015-06-23 197864]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys [2015-07-01 44208]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2015-06-23 34160]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys [2015-06-23 23920]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2015-06-23 54328]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys [2015-06-23 72560]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2015-06-23 157240]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-12-07 209408]
S2 AVP15.0.2;Kaspersky Anti-Virus Service 15.0.2;c:\program files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [2015-06-23 194000]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S2 ClaraUpdater;ClaraUpdater;c:\program files\Common Files\ClaraUpdater\ClaraUpdater.exe [2015-07-17 926832]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 GS In-Game Service;GS In-Game Service;c:\program files\GameTracker\GSInGameService.exe [2013-12-19 1677080]
S2 Internet Enhancer Service;Internet Enhancer Service;c:\program files\WajIntEnhance\WajIntEnhance Internet Enhancer\InternetEnhancerService.exe [2015-02-03 477696]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys [2015-06-23 54640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]
S3 k57nd60x;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys [2015-06-23 128728]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2015-06-23 36208]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2015-06-23 35696]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-22 17:08 995144 ----a-w- c:\program files\Google\Chrome\Application\44.0.2403.89\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19 12:24]
.
2015-07-23 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-06-09 15:12]
.
2015-07-23 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-06-09 15:12]
.
2015-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-06 15:41]
.
2015-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-01-06 15:41]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5H3z-5F1l27HhyU0OoTryrvFbsX6jim90UcD6M_QUitVg3K2_BuecGVRvARmle7zzwC2g3Oi7Xy5NLX51tajl8LnBtg4gxy40mkFFgKSpHz5VPteXqjtvxNZtQYj-Otd6MicaE1FNa9HG_7iSbTdgbw_&q={searchTerms}
IE: {{5547CE1F-74E9-41E5-9CBF-5211ECC37341} - {BB7DC12B-C59D-4138-AD28-BBB65DE62A3B} - c:\program files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-BlueStacks Agent - c:\program files\BlueStacks\HD-Agent.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(8360)
c:\program files\ATI Technologies\HydraVision\HydraDMH.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\avmwlanstick\WlanNetService.exe
c:\windows\system32\taskhost.exe
c:\program files\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
c:\windows\system32\conhost.exe
c:\windows\system32\GWX\GWX.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\sppsvc.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\WinZip\FAH\FAHWindow32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-23 16:46:34 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-07-23 14:46
.
Vor Suchlauf: 9 Verzeichnis(se), 154.984.755.200 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 154.882.879.488 Bytes frei
.
- - End Of File - - 70204E7FFFEEB6A168BFEFA97D8EEAA1
A36C5E4F47E84449FF07ED3517B43A31
Ps: Es kann sein, dass mein Bruder n paar neue Programme installiert hat. |
|
24.07.2015, 06:49
| #6 |
| /// the machine /// TB-Ausbilder | PC hängt alle paar Sek & Programme laufen langsamer Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> PC hängt alle paar Sek & Programme laufen langsamer |
|
| Themen zu PC hängt alle paar Sek & Programme laufen langsamer |
| adware, bluestacks, bobrowser, browser, cherimoya.sys, chromium, crossbrowser, defender, downloader, error, failed, flash player, google, hacked, hängt, iexplore.exe, installmanager.exe, kaspersky, mozilla, registry, scan, security, sekunden, services.exe, software, stick, svchost.exe, system, teredo, udp, usb, windows |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
