| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes BildWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.08.2015, 23:38
| #1 |
 |  Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Hallo an das Forum! Ich hoffe, ihr könnt mir helfen! Auf meinem PC mit Windows 7 ist beim "arbeiten" auf einmal alles total langsam geworden bis ich einen blauen Bildschirm zu sehen bekommen habe mit irgendeiner Fehlermeldung, PC aus wieder an - er war weiterhin total langsam ich bekam Pop up Fehlermeldungen ohne Ende am meisten allerdings das der Microsoft Explorer nicht geht und ich warten oder ihn beenden muesse...der Pc ist nur noch im abgesicherten modus wirklich bedienbar Wenn ich im normalen Modus bin warte ich gut und gerne 10 minuten bis mir ein ordner geoeffnet wird... manchmal geht aber wieder alles fix wie vorher !? und dann kommt auch gerne immer wieder ein schwarzer Bildschirm fuer ein paar minuten bis er verschwindet manchmal bleibt er aber auch ewig...Malewarebytes, adw cleaner, brachten mir nichts mit meinem kaspersky internet security virenprogramm konnte ich keinen fullscan machen habe somit keine log datei davon  .. ich habe den pc gebraucht gekauft vor ca. einem monat viel maleware von geloescht und dannach lief er wie eine 1 ...naja .. ich komme nicht mehr weiter und brauche dringend hilfe  Ich hoffe ich habe mich an alle Regeln und Normen gehalten  Und bedanke mich schon mal vortraeglich bei meinem zukuenftigem Helfer/in!!! hier meine logs die ich im abgesicherten modus machen musste :Defogger_Disable.log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 03:07 on 31/08/2015 (xxx)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
durchgeführt von xxx (Administrator) auf XXX (31-08-2015 03:54:20)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2011-12-22] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [bdruninstaller] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"setupdownloader.exe" /args:"/token:64b /after_restart"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-29] (BitTorrent Inc.)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49737;https=127.0.0.1:49737
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6EF27CF9-2594-4B68-8B80-9276E723E19E}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{8541C6AF-41FF-4C87-A65C-38721CCEE50C}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FD42EE94-C8AB-4635-97A2-B585F803CAB0}: [DhcpNameServer] 193.189.244.206 193.189.244.225
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-08] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-08] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-08-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-08-10] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com [2015-08-08] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com [2015-08-30] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-08-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-12-18] (Apple Inc.)
FF Extension: YouTube Unblocker - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\youtubeunblocker@unblocker.yt [2015-08-06]
FF Extension: Flashblock - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-08-05]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\adblockpopups@jessehakanen.net.xpi [2015-08-19]
FF Extension: Ghostery - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\firefox@ghostery.com.xpi [2015-08-08]
FF Extension: Stop YouTube Autoplay - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\jid0-Pm0nbsggUvL00CBoW6YwCaqv8bk@jetpack.xpi [2015-08-17]
FF Extension: NoScript - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-08]
FF Extension: Adblock Plus - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-24]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\url_advisor@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\anti_banner@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com [2015-08-08]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-08-30] (SurfRight B.V.)
S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1823952 2015-08-05] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-08-05] ()
S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [846544 2015-08-05] ()
S2 i2p; C:\Program Files (x86)\i2p\I2Psvc.exe [389632 2015-08-11] (Tanuki Software, Ltd.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-08-04] (The OpenVPN Project)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-20] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-08-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44648 2015-06-04] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-08-08] (Kaspersky Lab ZAO)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-08-08] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-31] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
S2 npf; C:\Windows\System32\drivers\npf.sys [36600 2015-06-01] (Riverbed Technology, Inc.)
S1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2011-12-22] (Synaptics Incorporated)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42088 2015-06-04] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation)
S2 uxstyle; \??\C:\Windows\system32\Drivers\uxstyle.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-31 03:22 - 2015-08-31 03:22 - 00021289 _____ C:\Users\xxx\Desktop\Addition.txt
2015-08-31 03:21 - 2015-08-31 03:54 - 00007819 _____ C:\Users\xxx\Desktop\FRST.txt
2015-08-31 03:21 - 2015-08-31 03:54 - 00000000 ____D C:\FRST
2015-08-31 03:07 - 2015-08-31 03:07 - 00000468 _____ C:\Users\xxx\Desktop\defogger_disable.log
2015-08-31 03:07 - 2015-08-31 03:07 - 00000000 _____ C:\Users\xxx\defogger_reenable
2015-08-31 02:44 - 2015-08-31 02:44 - 00003818 _____ C:\Users\xxx\Desktop\eset.txt
2015-08-31 02:25 - 2015-08-31 02:25 - 00380416 _____ C:\Users\xxx\Desktop\9ie9fcez.exe
2015-08-31 02:22 - 2015-08-31 02:22 - 02188288 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2015-08-31 02:15 - 2015-08-31 02:15 - 00050477 _____ C:\Users\xxx\Desktop\Defogger.exe
2015-08-31 00:17 - 2015-08-31 00:17 - 00003360 ____N C:\bootsqm.dat
2015-08-30 23:20 - 2015-08-30 23:20 - 00008754 _____ C:\HitmanPro_20150830_2320.log
2015-08-30 21:55 - 2015-08-30 23:19 - 00000640 _____ C:\Windows\system32\.crusader
2015-08-30 21:44 - 2015-08-30 21:44 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-08-30 21:44 - 2015-08-30 21:44 - 00000000 ____D C:\Program Files\HitmanPro
2015-08-30 21:41 - 2015-08-30 21:43 - 11352032 _____ (SurfRight B.V.) C:\Users\xxx\Downloads\HitmanPro_x64.exe
2015-08-30 21:40 - 2015-08-30 21:56 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-30 19:22 - 2015-08-30 19:22 - 00299544 _____ C:\Windows\Minidump\083015-20280-01.dmp
2015-08-29 01:34 - 2015-08-29 01:34 - 00332344 _____ C:\Windows\Minidump\082915-32900-01.dmp
2015-08-29 01:33 - 2015-08-30 19:22 - 487727759 _____ C:\Windows\MEMORY.DMP
2015-08-28 23:21 - 2015-08-29 00:38 - 00000000 ____D C:\Users\xxx\Downloads\MW3 ChromatiX
2015-08-27 23:12 - 2015-08-27 23:12 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2B0C5369.sys
2015-08-26 02:33 - 2015-08-31 01:09 - 00000000 ____D C:\Users\xxx\Desktop\xbab[mp3freex.com]
2015-08-25 23:16 - 2015-08-25 23:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\61973A00.sys
2015-08-20 01:32 - 2015-08-20 01:33 - 00000000 ____D C:\Users\xxx\Desktop\Games
2015-08-19 22:03 - 2015-08-19 22:03 - 00000218 _____ C:\Users\xxx\AppData\Local\recently-used.xbel
2015-08-19 18:04 - 2015-08-19 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2015-08-19 18:02 - 2015-08-19 18:02 - 00000000 ____D C:\Program Files (x86)\Aspyr
2015-08-19 11:52 - 2015-08-19 17:24 - 00000328 _____ C:\Windows\Tasks\LoudProof.job
2015-08-19 11:52 - 2015-08-19 17:20 - 00000000 ____D C:\ProgramData\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}
2015-08-19 11:52 - 2015-08-19 11:52 - 00003236 _____ C:\Windows\System32\Tasks\LoudProof
2015-08-19 11:22 - 2015-08-26 23:07 - 00000000 ____D C:\Users\xxx\AppData\Local\NFS Underground 2
2015-08-19 11:17 - 2015-08-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-08-19 11:15 - 2015-08-19 11:15 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-08-19 11:07 - 2015-08-31 01:05 - 00000000 ____D C:\Users\xxx\Downloads\nfsu2
2015-08-19 02:14 - 2015-08-19 02:14 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2015-08-19 01:53 - 2015-08-19 11:22 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-19 01:49 - 2015-08-19 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-08-19 01:49 - 2015-08-19 01:49 - 00000000 ____D C:\Program Files (x86)\Activision
2015-08-19 01:44 - 2015-08-19 01:44 - 00000000 ____D C:\ProgramData\Steam
2015-08-19 01:39 - 2015-08-19 17:50 - 00000000 ____D C:\Program Files (x86)\Age of Empires II HD The Forgotten
2015-08-18 19:46 - 2015-08-18 19:47 - 65444688 _____ (Microsoft Corporation) C:\Users\xxx\Downloads\NDP46-KB3045557-x86-x64-AllOS-ENU.exe
2015-08-18 19:43 - 2015-08-18 20:01 - 00037993 _____ C:\Users\xxx\Documents\Unbenannt1.cpp
2015-08-18 16:31 - 2015-08-18 16:31 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Dev-Cpp
2015-08-18 13:17 - 2015-08-18 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2015-08-18 13:16 - 2015-08-18 13:16 - 00000000 ____D C:\Users\xxx\Desktop\Dev-Cpp
2015-08-18 01:00 - 2015-08-18 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-13 10:08 - 2015-08-13 22:35 - 00003234 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-08-13 06:11 - 2015-08-13 06:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0CCB001E.sys
2015-08-13 05:59 - 2015-08-13 05:59 - 00000000 ____D C:\Users\xxx\Downloads\7tsp_Vs_se7en_Pack
2015-08-13 05:46 - 2015-08-13 06:06 - 00000000 ____D C:\Windows\system32\Taskman
2015-08-13 04:36 - 2015-08-13 04:36 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Windows SideBar
2015-08-13 04:31 - 2015-08-13 05:07 - 00000000 ____D C:\Gadgets
2015-08-13 03:55 - 2015-08-19 10:50 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8E1BA6FC-3CD5-40FE-A806-F7D9A8078D70}
2015-08-13 00:04 - 2015-08-13 03:34 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\22116713.sys
2015-08-12 17:02 - 2015-08-12 17:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7ED024B6.sys
2015-08-12 17:00 - 2015-08-12 17:00 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1B282295.sys
2015-08-12 16:13 - 2015-08-12 16:13 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2015-08-12 16:10 - 2015-08-12 16:10 - 00262144 _____ C:\Windows\system32\config\elam
2015-08-11 10:28 - 2015-08-31 03:42 - 00002914 _____ C:\Windows\setupact.log
2015-08-11 10:28 - 2015-08-11 10:28 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 10:27 - 2015-08-29 01:33 - 00064998 _____ C:\Windows\PFRO.log
2015-08-11 03:22 - 2015-08-11 03:22 - 00032178 _____ C:\Users\xxx\Documents\cc_20150811_032249.reg
2015-08-11 03:05 - 2015-08-11 03:05 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashRpt
2015-08-11 02:55 - 2015-08-11 03:04 - 00000000 ____D C:\ProgramData\Hotspot Shield
2015-08-11 02:55 - 2015-08-11 02:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2015-08-11 02:54 - 2015-08-20 01:37 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2015-08-11 02:54 - 2015-08-11 02:54 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Hotspot Shield
2015-08-11 02:54 - 2015-06-04 01:02 - 00044648 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2015-08-11 02:34 - 2015-08-11 02:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I2P
2015-08-11 01:30 - 2015-08-31 03:42 - 00000000 ____D C:\ProgramData\i2p
2015-08-11 01:20 - 2015-08-19 17:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\I2P
2015-08-11 01:18 - 2015-08-30 19:26 - 00000000 ____D C:\Program Files (x86)\i2p
2015-08-11 01:18 - 2015-08-11 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I2P
2015-08-10 23:03 - 2015-08-11 03:18 - 00000000 ____D C:\Program Files (x86)\Tor Browser
2015-08-10 22:40 - 2015-08-10 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-08-10 22:40 - 2015-08-10 22:41 - 00000000 ____D C:\Program Files\OpenVPN
2015-08-10 15:21 - 2015-08-10 15:21 - 04072200 _____ C:\Users\xxx\Downloads\TeknoMW3_ServerTool_1.5.8_ServerMonitor_1.1.exe
2015-08-10 12:21 - 2015-08-10 12:21 - 00000000 ____D C:\Users\xxx\AppData\Local\IsolatedStorage
2015-08-09 02:01 - 2015-08-11 04:54 - 00000000 ____D C:\Users\xxx\.zenmap
2015-08-09 02:00 - 2015-08-09 02:00 - 00000000 ____D C:\Program Files\WinPcap
2015-08-09 01:59 - 2015-08-09 02:01 - 00000000 ____D C:\Program Files (x86)\Nmap
2015-08-09 01:58 - 2015-08-19 01:37 - 00000000 ____D C:\Users\xxx\AppData\Roaming\inkscape
2015-08-08 23:13 - 2015-08-08 23:13 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2015-08-08 23:09 - 2015-08-08 23:13 - 00000000 ____D C:\Program Files (x86)\Inkscape
2015-08-08 17:57 - 2015-08-08 17:57 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6A4515E8.sys
2015-08-08 16:42 - 2015-08-08 16:42 - 00000000 ____D C:\Program Files (x86)\Stardock
2015-08-08 16:15 - 2015-08-08 16:15 - 00000000 ____D C:\ProgramData\Stardock
2015-08-08 16:02 - 2015-08-08 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2015-08-08 16:02 - 2015-08-08 16:02 - 00000000 ____D C:\Users\xxx\AppData\Local\Stardock
2015-08-08 16:02 - 2015-08-08 16:02 - 00000000 ____D C:\Users\Public\Documents\Stardock
2015-08-08 15:43 - 2015-08-08 15:43 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2015-08-08 15:33 - 2015-08-12 16:10 - 00000000 ____D C:\ProgramData\{430548d0-bab8-9b04-4305-548d0bab2342}
2015-08-08 15:33 - 2015-08-08 16:53 - 00000338 _____ C:\Windows\Tasks\AlcoProof.job
2015-08-08 15:33 - 2015-08-08 15:33 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Purposeful Advice
2015-08-08 15:21 - 2015-08-08 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-08-08 15:20 - 2015-08-31 03:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-08 15:20 - 2015-08-08 15:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-08-08 15:20 - 2015-08-08 15:20 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-08-08 15:20 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-08-08 15:19 - 2015-08-08 15:55 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-08-08 15:19 - 2015-08-08 15:55 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-08-08 15:19 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-08-08 15:14 - 2015-08-08 15:14 - 00270632 _____ C:\ProgramData\1439035440.bdinstall.bin
2015-08-07 12:49 - 2015-08-07 13:35 - 00000000 ____D C:\Users\xxx\Documents\VirtualDJ
2015-08-07 12:49 - 2015-08-07 12:49 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-08-07 12:49 - 2015-08-07 12:49 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2015-08-04 17:16 - 2015-08-04 17:16 - 00000000 ____D C:\Users\xxx\AppData\Roaming\IrfanView
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-31 03:49 - 2015-06-20 11:53 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2015-08-31 03:49 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-31 03:49 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-31 03:48 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-31 03:45 - 2013-02-27 00:40 - 01478942 _____ C:\Windows\WindowsUpdate.log
2015-08-31 03:42 - 2015-07-15 02:52 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-31 03:42 - 2015-07-13 02:40 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2015-08-31 03:42 - 2015-06-20 01:20 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2015-08-31 03:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-31 03:10 - 2015-04-19 14:20 - 00000554 _____ C:\Users\xxx\AppData\Roaming\a55CxS51lp6oDbN
2015-08-31 03:07 - 2015-06-19 01:57 - 00000000 ____D C:\Users\xxx
2015-08-31 02:53 - 2015-06-21 18:51 - 00000000 ____D C:\AdwCleaner
2015-08-31 01:14 - 2015-06-19 21:46 - 00000000 ___RD C:\Users\xxx\Desktop\Stuff
2015-08-31 01:07 - 2015-06-20 16:40 - 00000000 ____D C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^
2015-08-30 19:22 - 2015-07-18 20:02 - 00000000 ____D C:\Windows\Minidump
2015-08-30 13:54 - 2015-07-14 20:56 - 00000000 ____D C:\Users\xxx\.VirtualBox
2015-08-29 06:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-29 03:56 - 2015-07-15 03:42 - 00000000 ____D C:\Program Files (x86)\7tsp
2015-08-29 03:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-08-29 03:12 - 2013-04-25 20:08 - 00000000 ____D C:\ProgramData\Skype
2015-08-26 20:40 - 2015-06-20 00:55 - 00000000 ____D C:\Users\xxx\AppData\Local\TeknoGods
2015-08-26 02:56 - 2011-04-12 09:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-08-26 02:56 - 2011-04-12 09:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-08-26 02:56 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 12:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-08-19 17:21 - 2015-06-19 01:58 - 00001421 _____ C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-18 19:57 - 2014-01-04 12:35 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-18 19:47 - 2015-07-13 18:34 - 00000000 ____D C:\Users\xxx\Documents\Visual Studio 2013
2015-08-18 09:13 - 2013-03-15 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-13 22:33 - 2009-07-14 06:45 - 04875472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 05:37 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-08-13 05:37 - 2009-07-14 01:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-08-13 05:37 - 2009-07-14 01:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2015-08-13 04:47 - 2015-06-21 05:23 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2015-08-10 23:21 - 2015-06-19 01:57 - 00000000 ____D C:\Users\xxx\AppData\Local\VirtualStore
2015-08-10 01:41 - 2015-06-20 07:22 - 00000000 ____D C:\Users\xxx\AppData\Local\Adobe
2015-08-10 01:41 - 2013-04-25 19:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-10 01:41 - 2013-04-25 19:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:06 - 2015-07-14 00:48 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-08-07 12:57 - 2015-06-20 23:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPUCooL
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-19 14:20 - 2015-08-31 03:10 - 0000554 _____ () C:\Users\xxx\AppData\Roaming\a55CxS51lp6oDbN
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Sci-Fi
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Screen Saver
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Screen Savers
2015-08-19 22:03 - 2015-08-19 22:03 - 0000218 _____ () C:\Users\xxx\AppData\Local\recently-used.xbel
2015-06-21 13:09 - 2015-06-21 13:09 - 0007605 _____ () C:\Users\xxx\AppData\Local\Resmon.ResmonCfg
2015-08-08 15:14 - 2015-08-08 15:14 - 0270632 _____ () C:\ProgramData\1439035440.bdinstall.bin
2015-06-21 05:23 - 2015-06-21 05:23 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-06-21 05:23 - 2015-08-13 04:47 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-06-21 05:23 - 2015-06-21 05:23 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\ProgramData\Services
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\ProgramData\SingleFiles
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\ProgramData\Smooth Strings
Einige Dateien in TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\11d590cff4f84ae384ade7c1d0afc4f3.dll
C:\Users\xxx\AppData\Local\Temp\12cd0626caa34310af61e370f35eb6db.dll
C:\Users\xxx\AppData\Local\Temp\14dafad713ac494b816443bdc836f37f.dll
C:\Users\xxx\AppData\Local\Temp\14e508d49cd442158cd9d52b98b3d506.dll
C:\Users\xxx\AppData\Local\Temp\2dfa3d5861f74101bc780dda0bcfd1fa.dll
C:\Users\xxx\AppData\Local\Temp\31a6cee590ac4043b656da8e0595e1d8.dll
C:\Users\xxx\AppData\Local\Temp\35eceddb983b4a2cac8b76ed7429d294.dll
C:\Users\xxx\AppData\Local\Temp\3a4be230186f43f19f0b4016d189c85f.dll
C:\Users\xxx\AppData\Local\Temp\3eeb51b3723447498a49b9a74a3e9adf.dll
C:\Users\xxx\AppData\Local\Temp\44e5563ff2c34e7db3a8f2ed82480111.dll
C:\Users\xxx\AppData\Local\Temp\47167afdb6d946aebcb91474d3a89139.dll
C:\Users\xxx\AppData\Local\Temp\475f88b715d2492ca77f54e52b96587e.dll
C:\Users\xxx\AppData\Local\Temp\49c0473ed2bd414e9ec857fabd644ed7.dll
C:\Users\xxx\AppData\Local\Temp\51b34e2700484fa3b83272cfdfeea9ce.dll
C:\Users\xxx\AppData\Local\Temp\529a1aea68314b199102a761ea15d255.dll
C:\Users\xxx\AppData\Local\Temp\5f703dc7af4a458485133e098842329d.dll
C:\Users\xxx\AppData\Local\Temp\650fbc9470004a02bafee4cf79051683.dll
C:\Users\xxx\AppData\Local\Temp\68fc1c1ba1cd4507a5d442a5b9181fa3.dll
C:\Users\xxx\AppData\Local\Temp\6d45f5c516be423da169b3061c2a63d4.dll
C:\Users\xxx\AppData\Local\Temp\6db1824c4e214a5eb1f1104b44b947a1.dll
C:\Users\xxx\AppData\Local\Temp\8fc6335c749b4299a2fd33d13923d75d.dll
C:\Users\xxx\AppData\Local\Temp\920fba4d59a14eb4bcbbe40b25a308c4.dll
C:\Users\xxx\AppData\Local\Temp\940903881ace4980b949ad919dd362d5.dll
C:\Users\xxx\AppData\Local\Temp\96c23eec399e42c4a30cbf969a463455.dll
C:\Users\xxx\AppData\Local\Temp\96c68ba6661b4700810c8a9059e93cf8.dll
C:\Users\xxx\AppData\Local\Temp\99653f456d51477a8f82d52c2ed1d6bd.dll
C:\Users\xxx\AppData\Local\Temp\9b9cea71eb83436288cb42dafde6ab74.dll
C:\Users\xxx\AppData\Local\Temp\9cc4e736dd9b4c67b44a451609c98fad.dll
C:\Users\xxx\AppData\Local\Temp\a381e3fdfafc4e3db26f3b3a8ad06ba0.dll
C:\Users\xxx\AppData\Local\Temp\ad9e0686a724437c870c2c32704f936b.dll
C:\Users\xxx\AppData\Local\Temp\AutoRun.exe
C:\Users\xxx\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\xxx\AppData\Local\Temp\b36d970cdfe94a8b9520239351190ebf.dll
C:\Users\xxx\AppData\Local\Temp\b7f94411c5ed48f6939a0be97b876565.dll
C:\Users\xxx\AppData\Local\Temp\b89ae9f245d9474184d33dc5549575f9.dll
C:\Users\xxx\AppData\Local\Temp\bass.dll
C:\Users\xxx\AppData\Local\Temp\c17f53c590f54eddb8be2f94fe3e30c6.dll
C:\Users\xxx\AppData\Local\Temp\c6adfdf6d5a94aafa9dab851e1870300.dll
C:\Users\xxx\AppData\Local\Temp\c9dc9a049a554cf6b724f9cedf7fe0ab.dll
C:\Users\xxx\AppData\Local\Temp\cb4682c969aa4afd812fbbeb67afb6cc.dll
C:\Users\xxx\AppData\Local\Temp\cdabcc656d75485fa72d9870964fe2d5.dll
C:\Users\xxx\AppData\Local\Temp\ce5b1916dc9e4a349f58da1cd92fd1d1.dll
C:\Users\xxx\AppData\Local\Temp\d72ad769917a4da580b53eb4dca24fe5.dll
C:\Users\xxx\AppData\Local\Temp\d87d405cecbb4879a135fdbb265ef560.dll
C:\Users\xxx\AppData\Local\Temp\d9c5bf8700d745bda95935d86a1f9f9d.dll
C:\Users\xxx\AppData\Local\Temp\e4f4c40b55214200bdc7915838a24611.dll
C:\Users\xxx\AppData\Local\Temp\eauninstall.exe
C:\Users\xxx\AppData\Local\Temp\f05571a057bd47b1bb0d2cbf135a27c3.dll
C:\Users\xxx\AppData\Local\Temp\f9a74a53082d4fbf92257c06667146f6.dll
C:\Users\xxx\AppData\Local\Temp\fc0e5d9358c445019ad28db22080f4e7.dll
C:\Users\xxx\AppData\Local\Temp\fd75ddd6aca14f6a97ea94e42e36220f.dll
C:\Users\xxx\AppData\Local\Temp\hss_update.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-04 02:09
==================== Ende von FRST.txt ============================
Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-08-2015
durchgeführt von xxx (2015-08-31 03:22:37)
Gestartet von C:\Users\xxx\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3674743092-987190976-2435912599-500 - Administrator - Disabled)
Gast (S-1-5-21-3674743092-987190976-2435912599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3674743092-987190976-2435912599-1004 - Limited - Enabled)
xxx (S-1-5-21-3674743092-987190976-2435912599-1003 - Administrator - Enabled) => C:\Users\xxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3674743092-987190976-2435912599-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Age of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )
AMD Catalyst Install Manager (HKLM\...\{F856881A-D370-B1A7-2AFF-128F4AA93558}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version: - )
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.)
Hotspot Shield 4.20.5 (HKLM-x32\...\HotspotShield) (Version: 4.20.5 - AnchorFree Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 3.6 (HKLM-x32\...\IsoBuster_is1) (Version: 3.6 - Smart Projects)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Kaspersky Internet Security Technical Preview (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security Technical Preview (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Mac OS X Cursors (HKLM-x32\...\48AEB547-6B1C-4CFC-957B-E11C22C8A25F) (Version: 1.1 - www.46palermo.com)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nmap 6.49BETA4 (HKLM-x32\...\Nmap) (Version: - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.8-I601 (HKLM\...\OpenVPN) (Version: 2.3.8-I601 - )
Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Premium Sound HD (HKLM\...\{439A73C2-8CFA-4630-8484-36BCA2AEBB0A}) (Version: 1.12.0300 - SRS Labs, Inc.)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RawTherapee Version 4.1 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.1 - rawtherapee.com)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Stardock CursorFX (HKLM-x32\...\CursorFX) (Version: 2.16 - Stardock Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Tony Hawk's Pro Skater 2 (HKLM-x32\...\Activision_THPS2UninstallKey) (Version: - )
Tony Hawks Pro Skater 4 (HKLM-x32\...\{E0F07676-2C60-4465-A727-20DE3BFCABAC}) (Version: 1.00.0000 - Aspyr Media)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.8 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VirtualDJ 8 (HKLM-x32\...\{F7A68F9D-BBF0-48FF-B138-2EFB5165638C}) (Version: 8.0.2048.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ___RA C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BE85537-5689-4DEC-A3DC-38D5103862F5} - System32\Tasks\LoudProof => c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}\gamesetup.exe <==== ACHTUNG
Task: {1866A771-138D-42A2-A49E-75E52E7A73E2} - \Winsta Update -> Keine Datei <==== ACHTUNG
Task: {1EFEA92F-7139-4B35-90E8-A70F424EE846} - \avabvbavad -> Keine Datei <==== ACHTUNG
Task: {22479C06-B56A-465A-85A8-2023774CA229} - \AdobeAAMUpdater-1.0-Toshiba-xxx -> Keine Datei <==== ACHTUNG
Task: {3A062199-CB44-413C-8C4D-3B2D460E9169} - \DFOZSNJILP -> Keine Datei <==== ACHTUNG
Task: {43CDEEEB-2B15-4B93-A047-D0E04BEFB0D2} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {54A49564-469B-42CD-A0B6-D40B54CA3262} - \{F05C6774-D1E3-400A-BF54-41B6C72D18A2} -> Keine Datei <==== ACHTUNG
Task: {6B4F8AD2-B802-4DD1-B75C-64B14A7F8AA3} - \{FE848F92-98FB-4AE7-8ACF-723F8C49ACFA} -> Keine Datei <==== ACHTUNG
Task: {80B64C67-A468-4821-9528-DBCA0ED3D8E9} - \AlcoProof -> Keine Datei <==== ACHTUNG
Task: {92C91CDB-6A66-4AB3-A6C0-7469F499F2A5} - \{4F923200-1F8D-4530-B555-4126DD1B7551} -> Keine Datei <==== ACHTUNG
Task: {A252F268-C7A4-4D31-A02A-01313845B979} - \{6654E48F-0F72-403A-A2D3-22F84DE6DC43} -> Keine Datei <==== ACHTUNG
Task: {AAE6A730-1FD5-49F5-B490-24D0FB6DF6B9} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {BD523089-A475-47B5-868E-191D7A91078C} - \Convertor -> Keine Datei <==== ACHTUNG
Task: {BF4E57C6-DED3-4243-BE72-8BC467A5D265} - \ProPCCleaner_Start -> Keine Datei <==== ACHTUNG
Task: {CAD68D5D-6CFD-45D5-94DC-BB00116DF5AB} - \{25059126-90E9-4B17-9F87-45C87C21A8BF} -> Keine Datei <==== ACHTUNG
Task: {CE157836-4F37-44AF-A43C-C1BA6D1B3BE9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {F65255A3-6739-4815-B76A-B14C22706714} - \ProPCCleaner_Popup -> Keine Datei <==== ACHTUNG
Task: {F9E8E8DD-1416-49B9-A373-234659E52054} - \WinKit -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\AlcoProof.job => c:\programdata\{430548d0-bab8-9b04-4305-548d0bab2342}\kis-2015 patch.exe <==== ACHTUNG
Task: C:\Windows\Tasks\LoudProof.job => c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}\gamesetup.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
Gmer.txt: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-31 08:58:47
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MQ01ABD100 rev.AX002M 931,51GB
Running: 9ie9fcez.exe; Driver: C:\Users\xxx\AppData\Local\Temp\pxldipow.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\446d57d52051 (not active ControlSet)
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\446d57d52051
Reg HKLM\SYSTEM\ControlSet004\services\BTHPORT\Parameters\Keys\446d57d52051 (not active ControlSet)
---- EOF - GMER 2.1 ----
Code:
ATTFilter HitmanPro 3.7.9.245
www.hitmanpro.com
Computer name . . . . : XXX
Windows . . . . . . . : 6.1.1.7601.X64/8
Safe Mode Boot . . . : NETWORK
User name . . . . . . : XXX\xxx
UAC . . . . . . . . . : Disabled
License . . . . . . . : Trial (29 days left)
Scan date . . . . . . : 2015-08-31 23:34:16
Scan mode . . . . . . : Normal
Scan duration . . . . : 8m 57s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 3
Traces . . . . . . . : 9
Objects scanned . . . : 2.066.943
Files scanned . . . . : 115.049
Remnants scanned . . : 675.782 files / 1.276.112 keys
Malware _____________________________________________________________________
C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\multi-player.exe
Size . . . . . . . : 8.045.588 bytes
Age . . . . . . . : 21.4 days (2015-08-10 14:40:18)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 19BF61F477F8A0653ECB6EE3EA87F78DC297E31136E69FB670B166BC9DBDEC62
> Bitdefender . . . : Trojan.Generic.12373416
Fuzzy . . . . . . : 109.0
References
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\multi-player.exe
Forensic Cluster
-1.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\exposed.dll
-0.9s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\gener.dll
-0.9s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\generico.dll
-0.9s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\How-to-play-after-update.txt
0.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\multi-player.exe
0.8s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\MW3 Launcher Update.exe
0.8s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\single-player.exe
0.9s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\steam_appid.txt
1.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\VMProtectSDK32.dll
1.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\dw\Favorities.slist
1.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\main\0.sdm
1.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\main\42695.sdm
1.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\main\42696.sdm
1.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\main\42697.sdm
1.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\main\42698.sdm
C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\TeknoMW3.dll
Size . . . . . . . : 1.158.144 bytes
Age . . . . . . . : 21.4 days (2015-08-10 14:51:03)
Entropy . . . . . : 7.9
SHA-256 . . . . . : E743B6B2EC8F49ACF8CCDE78445D0CC023147CE8ECBE0E4F0CEF281AF2FAAC62
> Bitdefender . . . : Trojan.Generic.12373416
Fuzzy . . . . . . : 114.0
Forensic Cluster
-0.8s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\
-0.8s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\main\
-0.8s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\main\iw_23.iwd
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\main\iw_24.iwd
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\code_post_gfx.ff
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\code_post_gfx_mp.ff
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\code_pre_gfx.ff
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\code_pre_gfx_mp.ff
-0.3s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\localized_code_post_gfx_mp.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\localized_code_pre_gfx_mp.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\localized_ui_mp.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_hamburg.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_hijack.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_innocent.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_london.ff
-0.2s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_aground_ss.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_burn_ss.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_cement.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_courtyard_ss.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_crosswalk_ss.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_dome.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_exchange.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_hillside_ss.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_lambeth.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_morningwood.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_paris.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_park.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_qadeem.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_radar.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_restrepo_ss.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_six_ss.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_underground.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_mp_village.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_paris_ac130.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_prague_escape.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_escape_hamburg.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_ied_berlin.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_littlebird_payback.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_survival_mp_bootleg.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_survival_mp_cement.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_survival_mp_dome.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_survival_mp_morningwood.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_survival_mp_park.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_survival_mp_village.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_so_zodiac2_ny_harbor.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_specialops.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_sp_berlin.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_sp_intro.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_sp_ny_harbor.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_sp_ny_manhattan.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_sp_warlord.ff
-0.1s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\patch_survival.ff
-0.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\ui.ff
-0.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\zone\english\ui_mp.ff
-0.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\client.wyc
-0.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\steam_api.dll
0.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\TeknoMW3.dll
0.0s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\TeknoMW3.exe
0.8s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\TeknoMW3_Update.exe
18.8s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\TeknoMW3_Update.exe
21.5s C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\main\iw_24.iwd
C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\client_2.7.3.7\TeknoMW3.dll
Size . . . . . . . : 1.158.144 bytes
Age . . . . . . . : 41.6 days (2015-07-21 10:08:53)
Entropy . . . . . : 7.9
SHA-256 . . . . . : E743B6B2EC8F49ACF8CCDE78445D0CC023147CE8ECBE0E4F0CEF281AF2FAAC62
> Bitdefender . . . : Trojan.Generic.12373416
Fuzzy . . . . . . : 114.0
Suspicious files ____________________________________________________________
C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\healthreport.sqlite-shm
Size . . . . . . . : 32.768 bytes
Age . . . . . . . : 0.0 days (2015-08-31 22:53:56)
Entropy . . . . . : 5.6
SHA-256 . . . . . : 321E810FB5ACDC59E5A2F24B380C82E187ED15F5F1FB3762AE2B99B15A1DDC55
Product . . . . . : Microsoft® Windows® Operating System
Publisher . . . . : Microsoft Corporation
Description . . . : Remote Desktop Generic USB Driver
Version . . . . . : 6.1.7601.17514
Copyright . . . . : © Microsoft Corporation. All rights reserved.
LanguageID . . . . : 1033
Fuzzy . . . . . . : 48.0
The file is hidden from Windows API. This is typical for malware.
The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
The file name extension of this program is not common.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Forensic Cluster
-16.6s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\revocations.txt
-15.9s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\places.sqlite-wal
-15.9s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\places.sqlite-shm
-15.5s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\webapps\webapps.json
-15.4s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\sessionCheckpoints.json
-15.1s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cookies.sqlite-wal
-15.1s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cookies.sqlite-shm
-11.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\08390A20B59A7060A1C2F75B0F327F62A023CEE6
-11.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\39FF5907CAB2DAA38CA0327D3206B962B3B3E745
-10.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\36569E711477EE052773D7D72F738A4719B48377
-9.9s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\webappsstore.sqlite-wal
-9.9s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\webappsstore.sqlite-shm
-9.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\directoryLinks.json
-6.8s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\sessionstore-backups\recovery.bak
-6.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\EB748F82B405287A0C467E1289B4A25ED0A363A1
-5.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\3ADCE44D1AEDA7677FC3F83EC20BBF2B1ADCB7B7
-5.0s C:\Users\xxx\AppData\Local\Temp\etilqs_bRrFuFtgj5ocWxi
-5.0s C:\Users\xxx\AppData\Local\Temp\etilqs_FLv6uQezXbd9Mzs
-4.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\4F53355D5A7A33C43A579E6A37E7ADC48F13CEC9
-4.2s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E0CDEFC7594B66588A783144A2DFCFBDDC604C36
-3.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D103B4C13B80196FD20D11F5EF2A76B61CC8D7F8
-0.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\1686520AE5A04A249C5F4B73063B1ED2861894E5
-0.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\B8A5D55A6A1E5E8FDAC2D0C6356CBCF99157B9D4
-0.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\healthreport.sqlite-wal
0.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\healthreport.sqlite-shm
0.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C760A8FDDB87F07F0B76CC26655736C1BFB32978
0.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\8608C899AE5A354371E1055D50A6DC9325A4FC17
1.2s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A128FF81D21259C26E770DBEDD7168C1CFDB25E1
1.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\679DBEBB015A009317946FB791A8797ACEF0BDBD
2.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\694C24F8BAB03DE803E25A18F3EE2A2594997E68
4.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\56CBC047DCBB5AB07CFCBA84ABF338CB2F1FC6DC
5.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\3AA08DA7102A7B37A81ED99732EF2F240A626469
5.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\DDA136C8BDCC5D6A89E403D0F0861969783DB5A4
6.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\31F63A3D6DC081D114C22FEB4D917AAE29152C43
6.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E4C7FF3F2A85A6A0BB8F74ACA7DA48A57376E338
7.2s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\CC3FA6DA28A4CBC6E00744F0AECB2800A7E4E632
9.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\9BA79DEE79C3F2261B9E4042657756B35FB38B27
9.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\DFFDC978BEE11579705ED27DD479C3E471F22E59
10.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\AE6CEF5AC399403C340F019E30042F3B09528E2C
13.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\352ADD13304A8EA6BCEACDE948E85EE15A5536DF
17.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F4EF60D2DD717CC8C7167E9AFEDF685A19F657B4
18.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\05A38ABF159077A9B86B8CD447AE9DFA713822AF
18.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\630967E047618112554D86B317740983B7EA941B
18.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D3233DC1A750F0BCBD0E30B3EF74CF09FBAFCCC0
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\01CE926D1AF998DFB14DC38ECB660437C799E1D9
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A77CA4B03778D91B9A1E8C3F819265AE851E805B
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\72F27A73F60E232FE099C70D7E3460D01B68D059
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\27EBBD4959998E6DC866C944712C87638615D449
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\59C73A640FAEF18D5E915E71F540A3DA6CE66941
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0BE107C9106736426E1C782BD276CFFAE6E31254
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A76272BAD977F006EEFDDC6A91550FA32792473B
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\8415235A64BC3B87475D6BB8845381A03461ADAE
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0CA7A5A4F8226D22B92E85A5E18AB1742214BEC0
18.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C6934EFB0F32BA60EB8B572D8D272D1650A39446
18.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F73521CA494258FCC3B2A0A09DFA5093B1AEE612
18.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0957C95B0A19F22426127910130B6CD4B3FF987A
18.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F1343EBFA146EF7382E54FEBCC57FD22B731673A
18.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D0409148DFB2CB6A488A462DA4E89E1E22E5AAE2
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\7D9BA45C7451E5EC64D8D5906322EDCFF659E16A
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\9AE52A91C9DE51D341DD41E6390AC5E0EDED17A4
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\667793EFF3A274291541CD256CB070593EB79B19
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F56260859FFF9F054B435363CE122CBA06DCFC9F
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\27A453963E993390A5CD9CCD1868B11D44A81EDA
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\DAC7F766D262263CE7BCA551CA0A3C1975D87A10
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\4AE6E3AA65D9D60916361725268EAEC2CA34B6AF
18.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\31196827406DA57C90881A88195B8849C8BF0BEA
18.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\6818565905DCF3E6663570F8DF800AD4F6527DE7
19.2s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\75B4A8CBFA98A3884D8115A47DB099989AA14FB5
22.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D91B00DDD7EC21BDD5D0ABD4FEF1F2E7690F73F1
41.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\crashes\store.json.mozlz4
43.4s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\adblockplus\patterns.ini
44.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\84B06F9721F0BBD5FFB2BDED44BA98CE8FF03F66
44.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\1B64EB7463DB9D7DC9745EA37AA263B739E35C14
48.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\adblockplus\elemhide.css
48.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0783065335759578BEAD953BDB648B309F5A0A12
48.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\CEA2DD6F31D9D48A6BAE06940A28D7D9ABE10DDC
48.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\43D0A329B2F370975E0562603A8E0D63151C453B
48.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\3583C39E2DC1D70D1A9FA4F66F92D0985CBB8DE8
61.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C8280EA2FFA428364EE23F31758CF31810005E1E
61.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A454585B024CBD141D85594968B33288DAADD713
61.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C30EFFDBB49AE0B20BD4ED3903E9486A78B03284
61.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\EB9F7E6523DF30ED3C4F21C342211C4DAA0599E6
61.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\31C13251D2BDF7641D6134057AB64B2D2D1BCD1F
61.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\794C8766DA5A87E4DFA72D6684F07ADF1E5589A9
61.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D9694BA649B822C154EF7CDC694DBA3BE42FABAB
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F05C999A73F203853BEC696830B6A73F615641FE
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\ECE118C79EF305336862F896E8E43307D79C10F9
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\B1570C6EBCA59F8100614FC8C30A8C9E6FB41AEA
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E0C2FA7DC37DA3F98E7448323522FFCC81AD461A
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0773B826DD1C2064375C255B7AF9035367CDBA8A
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E62CC7CB72EB558F6DA3C625AECA1A6F2450655A
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\290CAEC5E0A8A078A4738F1D0367B947525100BF
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\1994A21070F0BE056ED2AF54D8C9CD946B029452
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\EBF32C8EE33B785EBB787522EC7460D6EA01A964
61.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\711A8797FEF201C319196FF97A58A08D93557998
62.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\97F9495FAE777BDDA5EEAF8CB6FA2BA5FBCE3CEA
62.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\025E754E03664FA82C72BD5C010D4149A7C14B63
69.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A2D141634F2EF4238440EECD0D155B4ECDED7D98
70.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D8B7F5F0A7403645D443D2E804EEC41AE0726301
70.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\FB59CA83515EBB883B60A4A595D0C1F286FF5D6A
70.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\346A94DA1FC4D458E00BB346625FAB0C6D346F6B
70.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\430FABFBDDAF5B10292D83A6012C8ABEE4AA0247
70.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\42691B662FE5595D2EA40D22D213DD5B8F1D4C17
C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\places.sqlite-shm
Size . . . . . . . : 32.768 bytes
Age . . . . . . . : 0.0 days (2015-08-31 22:53:40)
Entropy . . . . . : 5.4
SHA-256 . . . . . : FE1947F538EE41FFFAF2D805C99FBD7C78F0C48CC5DB70CEDFED108F7A7085DE
Product . . . . . : Microsoft® Windows® Operating System
Publisher . . . . : Microsoft Corporation
Description . . . : VGA/Super VGA Video Driver
Version . . . . . : 6.1.7600.16385
LanguageID . . . . : 0
Fuzzy . . . . . . : 48.0
The file is hidden from Windows API. This is typical for malware.
The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
The file name extension of this program is not common.
Time indicates that the file appeared recently on this computer.
The file is in use by one or more active processes.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Forensic Cluster
-0.7s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\revocations.txt
0.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\places.sqlite-wal
0.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\places.sqlite-shm
0.4s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\webapps\webapps.json
0.4s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\sessionCheckpoints.json
0.7s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cookies.sqlite-wal
0.7s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cookies.sqlite-shm
4.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\08390A20B59A7060A1C2F75B0F327F62A023CEE6
4.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\39FF5907CAB2DAA38CA0327D3206B962B3B3E745
5.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\36569E711477EE052773D7D72F738A4719B48377
6.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\webappsstore.sqlite-wal
6.0s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\webappsstore.sqlite-shm
6.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\directoryLinks.json
9.1s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\sessionstore-backups\recovery.bak
9.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\EB748F82B405287A0C467E1289B4A25ED0A363A1
10.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\3ADCE44D1AEDA7677FC3F83EC20BBF2B1ADCB7B7
10.9s C:\Users\xxx\AppData\Local\Temp\etilqs_bRrFuFtgj5ocWxi
10.9s C:\Users\xxx\AppData\Local\Temp\etilqs_FLv6uQezXbd9Mzs
11.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\4F53355D5A7A33C43A579E6A37E7ADC48F13CEC9
11.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E0CDEFC7594B66588A783144A2DFCFBDDC604C36
12.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D103B4C13B80196FD20D11F5EF2A76B61CC8D7F8
15.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\1686520AE5A04A249C5F4B73063B1ED2861894E5
15.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\B8A5D55A6A1E5E8FDAC2D0C6356CBCF99157B9D4
15.9s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\healthreport.sqlite-wal
15.9s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\healthreport.sqlite-shm
16.2s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C760A8FDDB87F07F0B76CC26655736C1BFB32978
16.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\8608C899AE5A354371E1055D50A6DC9325A4FC17
17.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A128FF81D21259C26E770DBEDD7168C1CFDB25E1
17.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\679DBEBB015A009317946FB791A8797ACEF0BDBD
17.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\694C24F8BAB03DE803E25A18F3EE2A2594997E68
20.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\56CBC047DCBB5AB07CFCBA84ABF338CB2F1FC6DC
20.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\3AA08DA7102A7B37A81ED99732EF2F240A626469
21.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\DDA136C8BDCC5D6A89E403D0F0861969783DB5A4
22.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\31F63A3D6DC081D114C22FEB4D917AAE29152C43
22.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E4C7FF3F2A85A6A0BB8F74ACA7DA48A57376E338
23.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\CC3FA6DA28A4CBC6E00744F0AECB2800A7E4E632
25.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\9BA79DEE79C3F2261B9E4042657756B35FB38B27
25.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\DFFDC978BEE11579705ED27DD479C3E471F22E59
26.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\AE6CEF5AC399403C340F019E30042F3B09528E2C
29.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\352ADD13304A8EA6BCEACDE948E85EE15A5536DF
33.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F4EF60D2DD717CC8C7167E9AFEDF685A19F657B4
34.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\05A38ABF159077A9B86B8CD447AE9DFA713822AF
34.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\630967E047618112554D86B317740983B7EA941B
34.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D3233DC1A750F0BCBD0E30B3EF74CF09FBAFCCC0
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\01CE926D1AF998DFB14DC38ECB660437C799E1D9
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A77CA4B03778D91B9A1E8C3F819265AE851E805B
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\72F27A73F60E232FE099C70D7E3460D01B68D059
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\27EBBD4959998E6DC866C944712C87638615D449
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\59C73A640FAEF18D5E915E71F540A3DA6CE66941
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0BE107C9106736426E1C782BD276CFFAE6E31254
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A76272BAD977F006EEFDDC6A91550FA32792473B
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\8415235A64BC3B87475D6BB8845381A03461ADAE
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0CA7A5A4F8226D22B92E85A5E18AB1742214BEC0
34.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C6934EFB0F32BA60EB8B572D8D272D1650A39446
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F73521CA494258FCC3B2A0A09DFA5093B1AEE612
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0957C95B0A19F22426127910130B6CD4B3FF987A
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F1343EBFA146EF7382E54FEBCC57FD22B731673A
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D0409148DFB2CB6A488A462DA4E89E1E22E5AAE2
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\7D9BA45C7451E5EC64D8D5906322EDCFF659E16A
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\9AE52A91C9DE51D341DD41E6390AC5E0EDED17A4
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\667793EFF3A274291541CD256CB070593EB79B19
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F56260859FFF9F054B435363CE122CBA06DCFC9F
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\27A453963E993390A5CD9CCD1868B11D44A81EDA
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\DAC7F766D262263CE7BCA551CA0A3C1975D87A10
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\4AE6E3AA65D9D60916361725268EAEC2CA34B6AF
34.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\31196827406DA57C90881A88195B8849C8BF0BEA
34.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\6818565905DCF3E6663570F8DF800AD4F6527DE7
35.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\75B4A8CBFA98A3884D8115A47DB099989AA14FB5
38.2s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D91B00DDD7EC21BDD5D0ABD4FEF1F2E7690F73F1
56.8s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\crashes\store.json.mozlz4
59.3s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\adblockplus\patterns.ini
60.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\84B06F9721F0BBD5FFB2BDED44BA98CE8FF03F66
60.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\1B64EB7463DB9D7DC9745EA37AA263B739E35C14
63.9s C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\adblockplus\elemhide.css
64.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0783065335759578BEAD953BDB648B309F5A0A12
64.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\CEA2DD6F31D9D48A6BAE06940A28D7D9ABE10DDC
64.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\43D0A329B2F370975E0562603A8E0D63151C453B
64.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\3583C39E2DC1D70D1A9FA4F66F92D0985CBB8DE8
77.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C8280EA2FFA428364EE23F31758CF31810005E1E
77.4s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A454585B024CBD141D85594968B33288DAADD713
77.5s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\C30EFFDBB49AE0B20BD4ED3903E9486A78B03284
77.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\EB9F7E6523DF30ED3C4F21C342211C4DAA0599E6
77.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\31C13251D2BDF7641D6134057AB64B2D2D1BCD1F
77.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\794C8766DA5A87E4DFA72D6684F07ADF1E5589A9
77.6s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D9694BA649B822C154EF7CDC694DBA3BE42FABAB
77.7s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\F05C999A73F203853BEC696830B6A73F615641FE
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\ECE118C79EF305336862F896E8E43307D79C10F9
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\B1570C6EBCA59F8100614FC8C30A8C9E6FB41AEA
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E0C2FA7DC37DA3F98E7448323522FFCC81AD461A
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\0773B826DD1C2064375C255B7AF9035367CDBA8A
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\E62CC7CB72EB558F6DA3C625AECA1A6F2450655A
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\290CAEC5E0A8A078A4738F1D0367B947525100BF
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\1994A21070F0BE056ED2AF54D8C9CD946B029452
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\EBF32C8EE33B785EBB787522EC7460D6EA01A964
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\711A8797FEF201C319196FF97A58A08D93557998
77.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\97F9495FAE777BDDA5EEAF8CB6FA2BA5FBCE3CEA
77.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\025E754E03664FA82C72BD5C010D4149A7C14B63
85.8s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\A2D141634F2EF4238440EECD0D155B4ECDED7D98
85.9s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\D8B7F5F0A7403645D443D2E804EEC41AE0726301
86.0s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\FB59CA83515EBB883B60A4A595D0C1F286FF5D6A
86.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\346A94DA1FC4D458E00BB346625FAB0C6D346F6B
86.1s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\430FABFBDDAF5B10292D83A6012C8ABEE4AA0247
86.3s C:\Users\xxx\AppData\Local\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\cache2\entries\42691B662FE5595D2EA40D22D213DD5B8F1D4C17
C:\Users\xxx\Desktop\FRST64.exe
Size . . . . . . . : 2.188.288 bytes
Age . . . . . . . : 0.9 days (2015-08-31 02:22:34)
Entropy . . . . . : 7.5
SHA-256 . . . . . : 06B2C8DEAA568DD38CB8451EA21AE7BAECFAFB8F7FA674D8C3EA035493FBA8FD
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-398.9s C:\Users\xxx\Desktop\9ie9fcez.exe
-388.8s C:\Users\xxx\Desktop\FRST64.exe
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 31.08.2015 Suchlaufzeit: 23:56 Protokolldatei: Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.31.04 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Premium-Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: xxx Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 432242 Abgelaufene Zeit: 28 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) Code:
ATTFilter # AdwCleaner v3.001 - Report created 01/09/2015 at 00:32:18
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : xxx - XXX
# Running from : C:\Users\xxx\Desktop\Stuff\tools\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Found C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\jetpack
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16750
-\\ Mozilla Firefox v40.0.2 (x86 de)
[ File : C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\prefs.js ]
*************************
AdwCleaner[R0].txt - [4071 octets] - [21/06/2015 18:51:12]
AdwCleaner[R10].txt - [4613 octets] - [19/08/2015 12:13:22]
AdwCleaner[R11].txt - [2114 octets] - [19/08/2015 17:34:28]
AdwCleaner[R12].txt - [2343 octets] - [29/08/2015 03:40:58]
AdwCleaner[R13].txt - [2466 octets] - [30/08/2015 14:39:39]
AdwCleaner[R14].txt - [2588 octets] - [31/08/2015 02:52:00]
AdwCleaner[R15].txt - [1123 octets] - [01/09/2015 00:32:18]
AdwCleaner[R1].txt - [1835 octets] - [22/06/2015 01:17:53]
AdwCleaner[R2].txt - [1223 octets] - [22/06/2015 03:20:17]
AdwCleaner[R3].txt - [1115 octets] - [22/06/2015 03:42:19]
AdwCleaner[R4].txt - [1345 octets] - [22/06/2015 12:20:06]
AdwCleaner[R5].txt - [3009 octets] - [23/06/2015 23:18:29]
AdwCleaner[R6].txt - [1501 octets] - [23/06/2015 23:23:44]
AdwCleaner[R7].txt - [1703 octets] - [27/06/2015 01:12:09]
AdwCleaner[R8].txt - [1755 octets] - [27/06/2015 01:16:14]
AdwCleaner[R9].txt - [2329 octets] - [14/08/2015 20:52:41]
AdwCleaner[S0].txt - [3171 octets] - [21/06/2015 18:52:02]
AdwCleaner[S10].txt - [3160 octets] - [19/08/2015 17:21:36]
AdwCleaner[S11].txt - [2177 octets] - [19/08/2015 17:35:20]
AdwCleaner[S12].txt - [2410 octets] - [29/08/2015 03:41:49]
AdwCleaner[S13].txt - [2532 octets] - [30/08/2015 14:40:43]
AdwCleaner[S1].txt - [1741 octets] - [22/06/2015 01:18:40]
AdwCleaner[S2].txt - [1293 octets] - [22/06/2015 03:21:13]
AdwCleaner[S3].txt - [1177 octets] - [22/06/2015 03:42:56]
AdwCleaner[S4].txt - [1411 octets] - [22/06/2015 12:21:39]
AdwCleaner[S5].txt - [2858 octets] - [23/06/2015 23:19:37]
AdwCleaner[S6].txt - [1562 octets] - [23/06/2015 23:24:23]
AdwCleaner[S7].txt - [1729 octets] - [27/06/2015 01:13:07]
AdwCleaner[S8].txt - [1816 octets] - [27/06/2015 01:17:13]
AdwCleaner[S9].txt - [2371 octets] - [14/08/2015 20:57:06]
########## EOF - C:\AdwCleaner\AdwCleaner[R15].txt - [2568 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Professional x64
Ran by xxx on 01.09.2015 at 1:00:05,80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update thirteen degrees
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util thirteen degrees
~~~ Files
Failed to delete: [File] C:\Windows\SysWOW64\number of results
Successfully deleted: [File] C:\ProgramData\1439035440.bdinstall.bin
Successfully deleted: [File] C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\hotspot shield.lnk
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\predm
Successfully deleted: [Folder] C:\ProgramData\abc
Successfully deleted: [Folder] C:\Users\xxx\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\ProgramData\0f3b5471928b4fd3834dad205fba7597
Successfully deleted: [Folder] C:\ProgramData\28341ff220e0446c9fff27c4493d622e
~~~ FireFox
Successfully deleted the following from C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ks5t7hh7.default-1435098893833\prefs.js
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, wpc);
user_pref(browser.search.searchengine.uid, TOSHIBAXMQ01ABD100_523IS39ISXX523IS39IS);
user_pref(extensions.quick_start.enable_search1, false);
user_pref(extensions.quick_start.sd.closeWindowWithLastTab_prev_state, false);
Emptied folder: C:\Users\xxx\AppData\Roaming\mozilla\firefox\profiles\ks5t7hh7.default-1435098893833\minidumps [6 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.09.2015 at 1:01:20,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Geändert von daniel1989 (01.09.2015 um 00:03 Uhr) Grund: JRT log vergessen... |
|
01.09.2015, 05:28
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
01.09.2015, 10:19
| #3 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Guten Morgen ! danke fuer die rasche Hilfe ! Malewarebytes Anti Rootkit hat nichts gefunden dafuer aber der TDSS killer logs natuerlich auch dabei :
__________________Malewarebytes Anti Rootkit : Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.09.01.01
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 10.0.9200.16750
xxx :: XXX [administrator]
01.09.2015 09:58:58
mbar-log-2015-09-01 (09-58-58).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 433157
Time elapsed: 37 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSS KILLER LOG TEIL 1/3 Code:
ATTFilter 10:54:04.0447 0x061c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:54:12.0793 0x061c ============================================================
10:54:12.0793 0x061c Current date / time: 2015/09/01 10:54:12.0793
10:54:12.0793 0x061c SystemInfo:
10:54:12.0793 0x061c
10:54:12.0793 0x061c OS Version: 6.1.7601 ServicePack: 1.0
10:54:12.0793 0x061c Product type: Workstation
10:54:12.0793 0x061c ComputerName: XXX
10:54:12.0793 0x061c UserName: xxx
10:54:12.0793 0x061c Windows directory: C:\Windows
10:54:12.0793 0x061c System windows directory: C:\Windows
10:54:12.0793 0x061c Running under WOW64
10:54:12.0793 0x061c Processor architecture: Intel x64
10:54:12.0793 0x061c Number of processors: 8
10:54:12.0793 0x061c Page size: 0x1000
10:54:12.0793 0x061c Boot type: Safe boot with network
10:54:12.0793 0x061c ============================================================
10:54:15.0086 0x061c KLMD registered as C:\Windows\system32\drivers\11225739.sys
10:54:15.0304 0x061c System UUID: {21917223-753D-8F82-72A3-A176D3B4669B}
10:54:15.0866 0x061c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:54:15.0897 0x061c ============================================================
10:54:15.0897 0x061c \Device\Harddisk0\DR0:
10:54:15.0897 0x061c MBR partitions:
10:54:15.0897 0x061c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:54:15.0897 0x061c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
10:54:15.0897 0x061c ============================================================
10:54:15.0944 0x061c C: <-> \Device\Harddisk0\DR0\Partition2
10:54:16.0069 0x061c Z: <-> \Device\Harddisk0\DR0\Partition1
10:54:16.0131 0x061c ============================================================
10:54:16.0131 0x061c Initialize success
10:54:16.0131 0x061c ============================================================
10:54:31.0622 0x0a60 ============================================================
10:54:31.0622 0x0a60 Scan started
10:54:31.0622 0x0a60 Mode: Manual;
10:54:31.0622 0x0a60 ============================================================
10:54:31.0622 0x0a60 KSN ping started
10:54:34.0914 0x0a60 KSN ping finished: true
10:54:36.0333 0x0a60 ================ Scan system memory ========================
10:54:36.0333 0x0a60 System memory - ok
10:54:36.0333 0x0a60 ================ Scan services =============================
10:54:36.0458 0x0a60 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:54:36.0458 0x0a60 1394ohci - ok
10:54:36.0505 0x0a60 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:54:36.0505 0x0a60 ACPI - ok
10:54:36.0536 0x0a60 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:54:36.0536 0x0a60 AcpiPmi - ok
10:54:36.0645 0x0a60 [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:54:36.0692 0x0a60 AdobeARMservice - ok
10:54:36.0708 0x0a60 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:54:36.0708 0x0a60 adp94xx - ok
10:54:36.0739 0x0a60 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:54:36.0754 0x0a60 adpahci - ok
10:54:36.0754 0x0a60 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:54:36.0754 0x0a60 adpu320 - ok
10:54:36.0786 0x0a60 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:54:36.0786 0x0a60 AeLookupSvc - ok
10:54:36.0832 0x0a60 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
10:54:36.0848 0x0a60 AFD - ok
10:54:36.0879 0x0a60 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:54:36.0879 0x0a60 agp440 - ok
10:54:36.0895 0x0a60 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:54:36.0895 0x0a60 ALG - ok
10:54:36.0910 0x0a60 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:54:36.0910 0x0a60 aliide - ok
10:54:36.0957 0x0a60 [ 2437C0697BA89FC5FCF2ADE491BDC2B3, D29D34C1A1CA2F5773C64B2914113E62DD5990CC1FA92C6056EB956003761D7D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:54:36.0957 0x0a60 AMD External Events Utility - ok
10:54:36.0973 0x0a60 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:54:36.0973 0x0a60 amdide - ok
10:54:36.0988 0x0a60 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:54:36.0988 0x0a60 AmdK8 - ok
10:54:37.0332 0x0a60 [ 184F11D8B76FACFE16390C4C47D32B5D, 712A89DD1E803254A206A796C134E1B9F5BAAF54303591BDA384AD7754FAD6AF ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:54:37.0675 0x0a60 amdkmdag - ok
10:54:37.0753 0x0a60 [ 54BC6F0E471033D8B22FB5E5BEA343EE, D8D75D2B43BBD4CF6B773BF01F4013F4F2BAD0807561A9CE2042FA0D575A69D0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:54:37.0768 0x0a60 amdkmdap - ok
10:54:37.0784 0x0a60 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:54:37.0784 0x0a60 AmdPPM - ok
10:54:37.0800 0x0a60 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:54:37.0815 0x0a60 amdsata - ok
10:54:37.0831 0x0a60 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:54:37.0831 0x0a60 amdsbs - ok
10:54:37.0846 0x0a60 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:54:37.0846 0x0a60 amdxata - ok
10:54:37.0846 0x0a60 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:54:37.0862 0x0a60 AppID - ok
10:54:37.0878 0x0a60 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:54:37.0878 0x0a60 AppIDSvc - ok
10:54:37.0924 0x0a60 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:54:37.0924 0x0a60 Appinfo - ok
10:54:37.0956 0x0a60 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
10:54:37.0971 0x0a60 AppMgmt - ok
10:54:37.0987 0x0a60 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:54:37.0987 0x0a60 arc - ok
10:54:38.0002 0x0a60 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:54:38.0002 0x0a60 arcsas - ok
10:54:38.0143 0x0a60 [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:54:38.0143 0x0a60 aspnet_state - ok
10:54:38.0174 0x0a60 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:54:38.0174 0x0a60 AsyncMac - ok
10:54:38.0190 0x0a60 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:54:38.0190 0x0a60 atapi - ok
10:54:38.0283 0x0a60 [ DE9FB3DADE8FD39AE2C587DF22D36B8E, 5315448D41661E625D51330E689139E914E7173DF1F8593C9F81ABC959F5F85D ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:54:38.0361 0x0a60 athr - ok
10:54:38.0408 0x0a60 [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:54:38.0408 0x0a60 AtiHDAudioService - ok
10:54:38.0439 0x0a60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:54:38.0470 0x0a60 AudioEndpointBuilder - ok
10:54:38.0486 0x0a60 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:54:38.0502 0x0a60 AudioSrv - ok
10:54:38.0626 0x0a60 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe
10:54:38.0642 0x0a60 AVP15.0.0 - ok
10:54:38.0658 0x0a60 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:54:38.0658 0x0a60 AxInstSV - ok
10:54:38.0704 0x0a60 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:54:38.0704 0x0a60 b06bdrv - ok
10:54:38.0736 0x0a60 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:54:38.0736 0x0a60 b57nd60a - ok
10:54:38.0751 0x0a60 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:54:38.0767 0x0a60 BDESVC - ok
10:54:38.0798 0x0a60 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:54:38.0798 0x0a60 Beep - ok
10:54:38.0845 0x0a60 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:54:38.0860 0x0a60 BFE - ok
10:54:38.0938 0x0a60 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:54:38.0954 0x0a60 BITS - ok
10:54:38.0985 0x0a60 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:54:38.0985 0x0a60 blbdrive - ok
10:54:39.0063 0x0a60 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:54:39.0063 0x0a60 bowser - ok
10:54:39.0079 0x0a60 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:54:39.0079 0x0a60 BrFiltLo - ok
10:54:39.0094 0x0a60 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:54:39.0094 0x0a60 BrFiltUp - ok
10:54:39.0126 0x0a60 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:54:39.0141 0x0a60 Browser - ok
10:54:39.0157 0x0a60 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:54:39.0172 0x0a60 Brserid - ok
10:54:39.0188 0x0a60 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:54:39.0188 0x0a60 BrSerWdm - ok
10:54:39.0188 0x0a60 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:54:39.0188 0x0a60 BrUsbMdm - ok
10:54:39.0204 0x0a60 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:54:39.0204 0x0a60 BrUsbSer - ok
10:54:39.0266 0x0a60 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
10:54:39.0266 0x0a60 BthEnum - ok
10:54:39.0282 0x0a60 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:54:39.0282 0x0a60 BTHMODEM - ok
10:54:39.0313 0x0a60 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:54:39.0313 0x0a60 BthPan - ok
10:54:39.0344 0x0a60 [ 0D25B6D300BA26A5F2C3B2A8E96B158B, 45C4D18367BDBD85D442221286FE4E9EBC053F1927A32403B2DEBF95AD4E6676 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:54:39.0360 0x0a60 BTHPORT - ok
10:54:39.0391 0x0a60 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:54:39.0391 0x0a60 bthserv - ok
10:54:39.0469 0x0a60 [ 1F9912F8EC5BFA53432E71E150636A8A, D8DE353FA5A6B95EA1CBC79731657044C09BED38B831B8365DCCA8A6DEA67111 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:54:39.0469 0x0a60 BTHUSB - ok
10:54:39.0500 0x0a60 c2wts - ok
10:54:39.0531 0x0a60 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:54:39.0531 0x0a60 cdfs - ok
10:54:39.0547 0x0a60 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:54:39.0562 0x0a60 cdrom - ok
10:54:39.0578 0x0a60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:54:39.0578 0x0a60 CertPropSvc - ok
10:54:39.0594 0x0a60 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:54:39.0594 0x0a60 circlass - ok
10:54:39.0656 0x0a60 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:54:39.0656 0x0a60 CLFS - ok
10:54:39.0734 0x0a60 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:54:39.0734 0x0a60 clr_optimization_v2.0.50727_32 - ok
10:54:39.0765 0x0a60 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:54:39.0765 0x0a60 clr_optimization_v2.0.50727_64 - ok
10:54:39.0874 0x0a60 [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:54:39.0890 0x0a60 clr_optimization_v4.0.30319_32 - ok
10:54:39.0890 0x0a60 [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:54:39.0921 0x0a60 clr_optimization_v4.0.30319_64 - ok
10:54:39.0937 0x0a60 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:54:39.0937 0x0a60 CmBatt - ok
10:54:39.0952 0x0a60 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:54:39.0952 0x0a60 cmdide - ok
10:54:39.0999 0x0a60 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
10:54:40.0015 0x0a60 CNG - ok
10:54:40.0030 0x0a60 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:54:40.0030 0x0a60 Compbatt - ok
10:54:40.0030 0x0a60 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:54:40.0046 0x0a60 CompositeBus - ok
10:54:40.0046 0x0a60 COMSysApp - ok
10:54:40.0140 0x0a60 [ F4FD82F5D6617A45CC3C4B9D4E7DF2C0, 7FD97E17246F53DC191009BE0B434E89C5B9A937D3909FB1A6C43F64822B7421 ] CPUCooLServer C:\Program Files (x86)\CPUCooL\CooLSrv.exe
10:54:40.0171 0x0a60 CPUCooLServer - ok
10:54:40.0186 0x0a60 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:54:40.0186 0x0a60 crcdisk - ok
10:54:40.0233 0x0a60 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:54:40.0233 0x0a60 CryptSvc - ok
10:54:40.0296 0x0a60 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
10:54:40.0311 0x0a60 CSC - ok
10:54:40.0358 0x0a60 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
10:54:40.0374 0x0a60 CscService - ok
10:54:40.0420 0x0a60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:54:40.0436 0x0a60 DcomLaunch - ok
10:54:40.0467 0x0a60 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:54:40.0467 0x0a60 defragsvc - ok
10:54:40.0530 0x0a60 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:54:40.0545 0x0a60 DfsC - ok
10:54:40.0576 0x0a60 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:54:40.0576 0x0a60 Dhcp - ok
10:54:40.0623 0x0a60 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:54:40.0623 0x0a60 discache - ok
10:54:40.0670 0x0a60 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:54:40.0670 0x0a60 Disk - ok
10:54:40.0686 0x0a60 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:54:40.0686 0x0a60 dmvsc - ok
10:54:40.0717 0x0a60 [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:54:40.0717 0x0a60 Dnscache - ok
10:54:40.0732 0x0a60 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:54:40.0748 0x0a60 dot3svc - ok
10:54:40.0779 0x0a60 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:54:40.0779 0x0a60 DPS - ok
10:54:40.0826 0x0a60 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:54:40.0826 0x0a60 drmkaud - ok
10:54:40.0888 0x0a60 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:54:40.0935 0x0a60 DXGKrnl - ok
10:54:40.0966 0x0a60 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:54:40.0966 0x0a60 EapHost - ok
10:54:41.0091 0x0a60 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:54:41.0185 0x0a60 ebdrv - ok
10:54:41.0232 0x0a60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
10:54:41.0232 0x0a60 EFS - ok
10:54:41.0310 0x0a60 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:54:41.0325 0x0a60 ehRecvr - ok
10:54:41.0341 0x0a60 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:54:41.0341 0x0a60 ehSched - ok
10:54:41.0388 0x0a60 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:54:41.0388 0x0a60 ElbyCDIO - ok
10:54:41.0434 0x0a60 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:54:41.0450 0x0a60 elxstor - ok
10:54:41.0466 0x0a60 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:54:41.0466 0x0a60 ErrDev - ok
10:54:41.0559 0x0a60 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:54:41.0575 0x0a60 EventSystem - ok
10:54:41.0590 0x0a60 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:54:41.0590 0x0a60 exfat - ok
10:54:41.0637 0x0a60 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:54:41.0637 0x0a60 fastfat - ok
10:54:41.0700 0x0a60 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:54:41.0715 0x0a60 Fax - ok
10:54:41.0731 0x0a60 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:54:41.0731 0x0a60 fdc - ok
10:54:41.0746 0x0a60 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:54:41.0746 0x0a60 fdPHost - ok
10:54:41.0762 0x0a60 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:54:41.0762 0x0a60 FDResPub - ok
10:54:41.0793 0x0a60 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:54:41.0793 0x0a60 FileInfo - ok
10:54:41.0809 0x0a60 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:54:41.0809 0x0a60 Filetrace - ok
10:54:41.0824 0x0a60 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:54:41.0824 0x0a60 flpydisk - ok
10:54:41.0856 0x0a60 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:54:41.0871 0x0a60 FltMgr - ok
10:54:41.0934 0x0a60 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:54:41.0965 0x0a60 FontCache - ok
10:54:42.0012 0x0a60 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:54:42.0027 0x0a60 FontCache3.0.0.0 - ok
10:54:42.0058 0x0a60 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:54:42.0058 0x0a60 FsDepends - ok
10:54:42.0121 0x0a60 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:54:42.0121 0x0a60 Fs_Rec - ok
10:54:42.0261 0x0a60 [ 014195B03B378CFEAA029958CBC53695, 0F069F37CF83234929D618A78A58F369D0D033A4ABBC4AD02D37825E9857B731 ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
10:54:42.0277 0x0a60 fussvc - ok
10:54:42.0308 0x0a60 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:54:42.0308 0x0a60 fvevol - ok
10:54:42.0339 0x0a60 [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
10:54:42.0339 0x0a60 FwLnk - ok
10:54:42.0355 0x0a60 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:54:42.0355 0x0a60 gagp30kx - ok
10:54:42.0402 0x0a60 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:54:42.0417 0x0a60 gpsvc - ok
10:54:42.0433 0x0a60 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:54:42.0433 0x0a60 hcw85cir - ok
10:54:42.0464 0x0a60 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:54:42.0480 0x0a60 HdAudAddService - ok
10:54:42.0495 0x0a60 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:54:42.0511 0x0a60 HDAudBus - ok
10:54:42.0526 0x0a60 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:54:42.0526 0x0a60 HidBatt - ok
10:54:42.0526 0x0a60 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:54:42.0542 0x0a60 HidBth - ok
10:54:42.0542 0x0a60 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:54:42.0542 0x0a60 HidIr - ok
10:54:42.0573 0x0a60 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:54:42.0573 0x0a60 hidserv - ok
10:54:42.0589 0x0a60 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:54:42.0589 0x0a60 HidUsb - ok
10:54:42.0698 0x0a60 [ F35FCF9824E02F82B21D4DAD2C8311C1, C16B8CB58FB52A9F6CFDB1F488A1644620C4088F9D16AA02968F128010767D34 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
10:54:42.0698 0x0a60 HitmanProScheduler - ok
10:54:42.0729 0x0a60 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:54:42.0729 0x0a60 hkmsvc - ok
10:54:42.0760 0x0a60 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:54:42.0760 0x0a60 HomeGroupListener - ok
10:54:42.0792 0x0a60 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:54:42.0792 0x0a60 HomeGroupProvider - ok
10:54:42.0823 0x0a60 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:54:42.0823 0x0a60 HpSAMD - ok
10:54:42.0870 0x0a60 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:54:42.0901 0x0a60 HTTP - ok
10:54:42.0932 0x0a60 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:54:42.0932 0x0a60 hwpolicy - ok
10:54:43.0010 0x0a60 [ 661FB04A7F7A3E2F1AAD07710B0692F7, A58B6A8FE9BF470426E92042A27BEFA26CC8B881967030B58D3BFA155CDF9AA4 ] i2p C:\Program Files (x86)\i2p\I2Psvc.exe
10:54:43.0026 0x0a60 i2p - ok
10:54:43.0057 0x0a60 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:54:43.0057 0x0a60 i8042prt - ok
10:54:43.0088 0x0a60 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:54:43.0104 0x0a60 iaStorV - ok
10:54:43.0182 0x0a60 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:54:43.0197 0x0a60 IDriverT - ok
10:54:43.0244 0x0a60 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:54:43.0275 0x0a60 idsvc - ok
10:54:43.0275 0x0a60 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:54:43.0275 0x0a60 iirsp - ok
10:54:43.0322 0x0a60 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:54:43.0353 0x0a60 IKEEXT - ok
10:54:43.0369 0x0a60 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:54:43.0369 0x0a60 intelide - ok
10:54:43.0384 0x0a60 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:54:43.0384 0x0a60 intelppm - ok
10:54:43.0416 0x0a60 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:54:43.0416 0x0a60 IPBusEnum - ok
10:54:43.0431 0x0a60 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:54:43.0447 0x0a60 IpFilterDriver - ok
10:54:43.0478 0x0a60 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:54:43.0509 0x0a60 iphlpsvc - ok
10:54:43.0525 0x0a60 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:54:43.0525 0x0a60 IPMIDRV - ok
10:54:43.0540 0x0a60 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:54:43.0540 0x0a60 IPNAT - ok
10:54:43.0556 0x0a60 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:54:43.0556 0x0a60 IRENUM - ok
10:54:43.0556 0x0a60 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:54:43.0556 0x0a60 isapnp - ok
10:54:43.0587 0x0a60 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:54:43.0603 0x0a60 iScsiPrt - ok
10:54:43.0634 0x0a60 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:54:43.0634 0x0a60 kbdclass - ok
10:54:43.0650 0x0a60 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:54:43.0665 0x0a60 kbdhid - ok
10:54:43.0665 0x0a60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
10:54:43.0665 0x0a60 KeyIso - ok
10:54:43.0712 0x0a60 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
10:54:43.0728 0x0a60 kl1 - ok
10:54:43.0806 0x0a60 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
10:54:43.0806 0x0a60 klflt - ok
10:54:43.0852 0x0a60 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\Windows\system32\DRIVERS\klhk.sys
10:54:43.0852 0x0a60 klhk - ok
10:54:43.0930 0x0a60 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
10:54:43.0962 0x0a60 KLIF - ok
10:54:44.0024 0x0a60 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
10:54:44.0024 0x0a60 KLIM6 - ok
10:54:44.0040 0x0a60 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
10:54:44.0040 0x0a60 klkbdflt - ok
10:54:44.0040 0x0a60 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
10:54:44.0040 0x0a60 klmouflt - ok
10:54:44.0055 0x0a60 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
10:54:44.0055 0x0a60 klpd - ok
10:54:44.0071 0x0a60 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
10:54:44.0071 0x0a60 kltdi - ok
10:54:44.0086 0x0a60 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
10:54:44.0086 0x0a60 kneps - ok
10:54:44.0118 0x0a60 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:54:44.0118 0x0a60 KSecDD - ok
10:54:44.0149 0x0a60 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:54:44.0149 0x0a60 KSecPkg - ok
10:54:44.0164 0x0a60 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:54:44.0164 0x0a60 ksthunk - ok
10:54:44.0196 0x0a60 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:54:44.0211 0x0a60 KtmRm - ok
10:54:44.0242 0x0a60 [ 3CE6A9BEF066BF9488E6BC4D6C62F77E, CDE0A0DCD9A5A2E49DE55E720B5A6FFF502EE139C0EC8793638560E75BF2118C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
10:54:44.0242 0x0a60 L1C - ok
10:54:44.0274 0x0a60 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:54:44.0274 0x0a60 LanmanServer - ok
10:54:44.0305 0x0a60 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:54:44.0305 0x0a60 LanmanWorkstation - ok
10:54:44.0320 0x0a60 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:54:44.0320 0x0a60 lltdio - ok
10:54:44.0352 0x0a60 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:54:44.0352 0x0a60 lltdsvc - ok
10:54:44.0367 0x0a60 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:54:44.0367 0x0a60 lmhosts - ok
10:54:44.0383 0x0a60 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:54:44.0383 0x0a60 LSI_FC - ok
10:54:44.0398 0x0a60 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:54:44.0398 0x0a60 LSI_SAS - ok
10:54:44.0414 0x0a60 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:54:44.0430 0x0a60 LSI_SAS2 - ok
10:54:44.0461 0x0a60 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:54:44.0461 0x0a60 LSI_SCSI - ok
10:54:44.0476 0x0a60 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:54:44.0492 0x0a60 luafv - ok
10:54:44.0508 0x0a60 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:54:44.0508 0x0a60 MBAMProtector - ok
10:54:44.0617 0x0a60 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
10:54:44.0664 0x0a60 MBAMScheduler - ok
10:54:44.0726 0x0a60 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:54:44.0757 0x0a60 MBAMService - ok
10:54:44.0788 0x0a60 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:54:44.0788 0x0a60 MBAMWebAccessControl - ok
10:54:44.0820 0x0a60 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:54:44.0820 0x0a60 Mcx2Svc - ok
10:54:44.0835 0x0a60 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:54:44.0835 0x0a60 megasas - ok
10:54:44.0851 0x0a60 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:54:44.0851 0x0a60 MegaSR - ok
10:54:44.0882 0x0a60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:54:44.0882 0x0a60 MMCSS - ok
10:54:44.0898 0x0a60 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:54:44.0898 0x0a60 Modem - ok
10:54:44.0929 0x0a60 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:54:44.0929 0x0a60 monitor - ok
10:54:44.0960 0x0a60 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:54:44.0960 0x0a60 mouclass - ok
10:54:44.0976 0x0a60 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:54:44.0976 0x0a60 mouhid - ok
10:54:44.0991 0x0a60 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:54:44.0991 0x0a60 mountmgr - ok
10:54:45.0038 0x0a60 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:54:45.0038 0x0a60 MozillaMaintenance - ok
10:54:45.0054 0x0a60 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:54:45.0054 0x0a60 mpio - ok
10:54:45.0100 0x0a60 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:54:45.0100 0x0a60 mpsdrv - ok
10:54:45.0147 0x0a60 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:54:45.0178 0x0a60 MpsSvc - ok
10:54:45.0194 0x0a60 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:54:45.0210 0x0a60 MRxDAV - ok
10:54:45.0256 0x0a60 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:54:45.0256 0x0a60 mrxsmb - ok
10:54:45.0288 0x0a60 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:54:45.0303 0x0a60 mrxsmb10 - ok
10:54:45.0319 0x0a60 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:54:45.0319 0x0a60 mrxsmb20 - ok
10:54:45.0350 0x0a60 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:54:45.0350 0x0a60 msahci - ok
10:54:45.0350 0x0a60 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:54:45.0366 0x0a60 msdsm - ok
10:54:45.0366 0x0a60 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:54:45.0381 0x0a60 MSDTC - ok
10:54:45.0412 0x0a60 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:54:45.0412 0x0a60 Msfs - ok
10:54:45.0412 0x0a60 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:54:45.0412 0x0a60 mshidkmdf - ok
10:54:45.0428 0x0a60 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:54:45.0428 0x0a60 msisadrv - ok
10:54:45.0444 0x0a60 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:54:45.0444 0x0a60 MSiSCSI - ok
10:54:45.0444 0x0a60 msiserver - ok
10:54:45.0459 0x0a60 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:54:45.0459 0x0a60 MSKSSRV - ok
10:54:45.0490 0x0a60 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:54:45.0490 0x0a60 MSPCLOCK - ok
10:54:45.0506 0x0a60 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:54:45.0522 0x0a60 MSPQM - ok
10:54:45.0537 0x0a60 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:54:45.0553 0x0a60 MsRPC - ok
10:54:45.0568 0x0a60 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:54:45.0568 0x0a60 mssmbios - ok
10:54:45.0584 0x0a60 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:54:45.0584 0x0a60 MSTEE - ok
10:54:45.0600 0x0a60 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:54:45.0600 0x0a60 MTConfig - ok
10:54:45.0615 0x0a60 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:54:45.0615 0x0a60 Mup - ok
10:54:45.0646 0x0a60 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:54:45.0662 0x0a60 napagent - ok
10:54:45.0678 0x0a60 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:54:45.0678 0x0a60 NativeWifiP - ok
10:54:45.0740 0x0a60 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:54:45.0771 0x0a60 NDIS - ok
10:54:45.0802 0x0a60 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:54:45.0802 0x0a60 NdisCap - ok
10:54:45.0818 0x0a60 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:54:45.0818 0x0a60 NdisTapi - ok
10:54:45.0834 0x0a60 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:54:45.0834 0x0a60 Ndisuio - ok
10:54:45.0849 0x0a60 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:54:45.0849 0x0a60 NdisWan - ok
10:54:45.0880 0x0a60 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:54:45.0880 0x0a60 NDProxy - ok
10:54:45.0912 0x0a60 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
10:54:45.0912 0x0a60 Netaapl - ok
10:54:45.0943 0x0a60 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:54:45.0943 0x0a60 NetBIOS - ok
10:54:45.0974 0x0a60 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:54:45.0974 0x0a60 NetBT - ok
10:54:45.0990 0x0a60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
10:54:45.0990 0x0a60 Netlogon - ok
10:54:46.0036 0x0a60 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:54:46.0036 0x0a60 Netman - ok
10:54:46.0114 0x0a60 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:54:46.0114 0x0a60 NetMsmqActivator - ok
10:54:46.0146 0x0a60 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:54:46.0146 0x0a60 NetPipeActivator - ok
10:54:46.0192 0x0a60 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:54:46.0192 0x0a60 netprofm - ok
10:54:46.0208 0x0a60 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:54:46.0208 0x0a60 NetTcpActivator - ok
10:54:46.0208 0x0a60 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:54:46.0208 0x0a60 NetTcpPortSharing - ok
10:54:46.0224 0x0a60 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:54:46.0224 0x0a60 nfrd960 - ok
10:54:46.0270 0x0a60 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:54:46.0270 0x0a60 NlaSvc - ok
10:54:46.0317 0x0a60 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\Windows\system32\drivers\npf.sys
10:54:46.0317 0x0a60 npf - ok
10:54:46.0364 0x0a60 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:54:46.0364 0x0a60 Npfs - ok
10:54:46.0395 0x0a60 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:54:46.0395 0x0a60 nsi - ok
10:54:46.0411 0x0a60 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:54:46.0411 0x0a60 nsiproxy - ok
10:54:46.0489 0x0a60 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:54:46.0520 0x0a60 Ntfs - ok
10:54:46.0598 0x0a60 [ 69E894C5A09C6A6E6372E35653BB05F3, D377E6D7AF16468559C36D2145FE3AF5D696B57CC9F8A0D47489923D723B8D9D ] ntiopnp C:\Windows\system32\drivers\ntiopnp.sys
10:54:46.0598 0x0a60 ntiopnp - ok
10:54:46.0645 0x0a60 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:54:46.0645 0x0a60 Null - ok
10:54:46.0707 0x0a60 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:54:46.0723 0x0a60 nvraid - ok
10:54:46.0754 0x0a60 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:54:46.0754 0x0a60 nvstor - ok
10:54:46.0785 0x0a60 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:54:46.0785 0x0a60 nv_agp - ok
10:54:46.0816 0x0a60 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:54:46.0816 0x0a60 ohci1394 - ok
10:54:46.0879 0x0a60 [ 0227755477E6B0CECE8CFFF2E6AFEDC0, 9D2B615238CAB50BF0B2E74A1A39CC0258E5AF4F03E4582A353B35E16E7D831A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
10:54:46.0879 0x0a60 OpenVPNService - ok
10:54:46.0910 0x0a60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:54:46.0910 0x0a60 p2pimsvc - ok
10:54:46.0957 0x0a60 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:54:46.0957 0x0a60 p2psvc - ok
10:54:47.0019 0x0a60 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
10:54:47.0019 0x0a60 Parport - ok
10:54:47.0066 0x0a60 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:54:47.0082 0x0a60 partmgr - ok
10:54:47.0097 0x0a60 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:54:47.0113 0x0a60 PcaSvc - ok
10:54:47.0128 0x0a60 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:54:47.0128 0x0a60 pci - ok
10:54:47.0144 0x0a60 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:54:47.0144 0x0a60 pciide - ok
10:54:47.0160 0x0a60 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:54:47.0175 0x0a60 pcmcia - ok
10:54:47.0191 0x0a60 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:54:47.0191 0x0a60 pcw - ok
10:54:47.0222 0x0a60 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:54:47.0269 0x0a60 PEAUTH - ok
10:54:47.0347 0x0a60 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:54:47.0394 0x0a60 PeerDistSvc - ok
10:54:47.0472 0x0a60 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:54:47.0472 0x0a60 PerfHost - ok
10:54:47.0487 0x0a60 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
10:54:47.0487 0x0a60 PGEffect - ok
10:54:47.0565 0x0a60 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:54:47.0612 0x0a60 pla - ok
10:54:47.0659 0x0a60 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:54:47.0659 0x0a60 PlugPlay - ok
10:54:47.0690 0x0a60 PnkBstrA - ok
10:54:47.0706 0x0a60 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:54:47.0706 0x0a60 PNRPAutoReg - ok
10:54:47.0737 0x0a60 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:54:47.0737 0x0a60 PNRPsvc - ok
10:54:47.0768 0x0a60 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:54:47.0768 0x0a60 PolicyAgent - ok
10:54:47.0799 0x0a60 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:54:47.0799 0x0a60 Power - ok
10:54:47.0830 0x0a60 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:54:47.0830 0x0a60 PptpMiniport - ok
10:54:47.0830 0x0a60 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:54:47.0846 0x0a60 Processor - ok
10:54:47.0862 0x0a60 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll
10:54:47.0877 0x0a60 ProfSvc - ok
10:54:47.0877 0x0a60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:54:47.0877 0x0a60 ProtectedStorage - ok
10:54:47.0908 0x0a60 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:54:47.0924 0x0a60 Psched - ok
10:54:47.0971 0x0a60 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:54:48.0018 0x0a60 ql2300 - ok
10:54:48.0033 0x0a60 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:54:48.0033 0x0a60 ql40xx - ok
10:54:48.0080 0x0a60 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:54:48.0080 0x0a60 QWAVE - ok
10:54:48.0096 0x0a60 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:54:48.0096 0x0a60 QWAVEdrv - ok
10:54:48.0111 0x0a60 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:54:48.0111 0x0a60 RasAcd - ok
10:54:48.0127 0x0a60 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:54:48.0142 0x0a60 RasAgileVpn - ok
10:54:48.0158 0x0a60 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:54:48.0158 0x0a60 RasAuto - ok
10:54:48.0189 0x0a60 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:54:48.0189 0x0a60 Rasl2tp - ok
10:54:48.0220 0x0a60 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:54:48.0220 0x0a60 RasMan - ok
10:54:48.0252 0x0a60 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:54:48.0252 0x0a60 RasPppoe - ok
10:54:48.0267 0x0a60 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:54:48.0267 0x0a60 RasSstp - ok
10:54:48.0298 0x0a60 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:54:48.0314 0x0a60 rdbss - ok
10:54:48.0345 0x0a60 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:54:48.0345 0x0a60 rdpbus - ok
10:54:48.0345 0x0a60 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:54:48.0345 0x0a60 RDPCDD - ok
10:54:48.0376 0x0a60 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:54:48.0376 0x0a60 RDPDR - ok
10:54:48.0392 0x0a60 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:54:48.0392 0x0a60 RDPENCDD - ok
10:54:48.0408 0x0a60 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:54:48.0408 0x0a60 RDPREFMP - ok
10:54:48.0454 0x0a60 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:54:48.0454 0x0a60 RDPWD - ok
10:54:48.0470 0x0a60 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:54:48.0470 0x0a60 rdyboost - ok
10:54:48.0501 0x0a60 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:54:48.0501 0x0a60 RemoteAccess - ok
10:54:48.0532 0x0a60 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:54:48.0548 0x0a60 RemoteRegistry - ok
10:54:48.0564 0x0a60 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:54:48.0579 0x0a60 RFCOMM - ok
10:54:48.0579 0x0a60 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:54:48.0579 0x0a60 RpcEptMapper - ok
10:54:48.0610 0x0a60 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:54:48.0626 0x0a60 RpcLocator - ok
10:54:48.0657 0x0a60 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:54:48.0673 0x0a60 RpcSs - ok
10:54:48.0704 0x0a60 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:54:48.0704 0x0a60 rspndr - ok
10:54:48.0766 0x0a60 [ 36FCA0C67BCDC0DA047F5F36743B5CB9, 55B8F43B78B55900DA055206644D1DAD60AE453DB1A8D4527B86FAC346EEE587 ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys
10:54:48.0782 0x0a60 RSUSBVSTOR - ok
10:54:48.0813 0x0a60 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:54:48.0813 0x0a60 s3cap - ok
10:54:48.0829 0x0a60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
10:54:48.0829 0x0a60 SamSs - ok
10:54:48.0844 0x0a60 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:54:48.0844 0x0a60 sbp2port - ok
10:54:48.0876 0x0a60 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:54:48.0876 0x0a60 SCardSvr - ok
10:54:48.0907 0x0a60 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:54:48.0907 0x0a60 scfilter - ok
10:54:48.0954 0x0a60 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:54:49.0000 0x0a60 Schedule - ok
10:54:49.0016 0x0a60 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:54:49.0016 0x0a60 SCPolicySvc - ok
10:54:49.0047 0x0a60 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:54:49.0047 0x0a60 SDRSVC - ok
10:54:49.0110 0x0a60 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:54:49.0110 0x0a60 secdrv - ok
10:54:49.0141 0x0a60 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:54:49.0141 0x0a60 seclogon - ok
10:54:49.0172 0x0a60 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:54:49.0172 0x0a60 SENS - ok
10:54:49.0188 0x0a60 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:54:49.0188 0x0a60 SensrSvc - ok
10:54:49.0203 0x0a60 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:54:49.0203 0x0a60 Serenum - ok
10:54:49.0219 0x0a60 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
10:54:49.0219 0x0a60 Serial - ok
10:54:49.0234 0x0a60 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:54:49.0234 0x0a60 sermouse - ok
10:54:49.0266 0x0a60 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:54:49.0266 0x0a60 SessionEnv - ok
10:54:49.0281 0x0a60 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:54:49.0281 0x0a60 sffdisk - ok
10:54:49.0281 0x0a60 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:54:49.0281 0x0a60 sffp_mmc - ok
10:54:49.0281 0x0a60 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:54:49.0297 0x0a60 sffp_sd - ok
10:54:49.0312 0x0a60 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:54:49.0312 0x0a60 sfloppy - ok
10:54:49.0359 0x0a60 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:54:49.0375 0x0a60 SharedAccess - ok
10:54:49.0390 0x0a60 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:54:49.0406 0x0a60 ShellHWDetection - ok
10:54:49.0437 0x0a60 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:54:49.0437 0x0a60 SiSRaid2 - ok
10:54:49.0453 0x0a60 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:54:49.0453 0x0a60 SiSRaid4 - ok
10:54:49.0562 0x0a60 [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:54:49.0562 0x0a60 SkypeUpdate - ok
10:54:49.0593 0x0a60 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:54:49.0593 0x0a60 Smb - ok
10:54:49.0624 0x0a60 [ E922286ED6677104AEBB210B9F0BF6F3, 080334BA6E82C8FC0D4EFB67313204D46C174CFEBFB2B4BD70CE503B6066EC32 ] SmbDrv C:\Windows\system32\DRIVERS\Smb_driver.sys
10:54:49.0624 0x0a60 SmbDrv - ok
10:54:49.0671 0x0a60 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:54:49.0671 0x0a60 SNMPTRAP - ok
10:54:49.0702 0x0a60 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:54:49.0702 0x0a60 spldr - ok
10:54:49.0718 0x0a60 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
10:54:49.0734 0x0a60 Spooler - ok
10:54:49.0874 0x0a60 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:54:49.0968 0x0a60 sppsvc - ok
10:54:49.0999 0x0a60 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:54:49.0999 0x0a60 sppuinotify - ok
10:54:50.0108 0x0a60 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:54:50.0108 0x0a60 SQLWriter - ok
10:54:50.0436 0x0a60 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:54:50.0451 0x0a60 srv - ok
10:54:50.0482 0x0a60 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:54:50.0498 0x0a60 srv2 - ok
10:54:50.0529 0x0a60 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:54:50.0529 0x0a60 srvnet - ok
10:54:50.0576 0x0a60 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:54:50.0576 0x0a60 SSDPSRV - ok
10:54:50.0607 0x0a60 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:54:50.0607 0x0a60 SstpSvc - ok
10:54:50.0638 0x0a60 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:54:50.0638 0x0a60 stexstor - ok
10:54:50.0685 0x0a60 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:54:50.0716 0x0a60 stisvc - ok
10:54:50.0748 0x0a60 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:54:50.0748 0x0a60 storflt - ok
10:54:50.0794 0x0a60 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
10:54:50.0794 0x0a60 StorSvc - ok
10:54:50.0810 0x0a60 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:54:50.0810 0x0a60 storvsc - ok
10:54:50.0841 0x0a60 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:54:50.0841 0x0a60 swenum - ok
10:54:50.0888 0x0a60 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:54:50.0904 0x0a60 swprv - ok
10:54:50.0966 0x0a60 [ 92F4AFC1FDE7A4CA0C88F9143F4DD323, FF8796BD6CD15853E22FE2A7B4B10F189316A00F78E52A1BD9CE4F8667452F1B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:54:50.0966 0x0a60 SynTP - ok
10:54:51.0044 0x0a60 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:54:51.0106 0x0a60 SysMain - ok
10:54:51.0138 0x0a60 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:54:51.0138 0x0a60 TabletInputService - ok
10:54:51.0184 0x0a60 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
10:54:51.0184 0x0a60 tap0901 - ok
10:54:51.0200 0x0a60 taphss6 - ok
10:54:51.0216 0x0a60 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:54:51.0231 0x0a60 TapiSrv - ok
10:54:51.0231 0x0a60 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:54:51.0247 0x0a60 TBS - ok
10:54:51.0340 0x0a60 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:54:51.0403 0x0a60 Tcpip - ok
10:54:51.0465 0x0a60 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:54:51.0496 0x0a60 TCPIP6 - ok
10:54:51.0559 0x0a60 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:54:51.0559 0x0a60 tcpipreg - ok
10:54:51.0574 0x0a60 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:54:51.0590 0x0a60 tdcmdpst - ok
10:54:51.0590 0x0a60 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:54:51.0590 0x0a60 TDPIPE - ok
10:54:51.0637 0x0a60 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:54:51.0637 0x0a60 TDTCP - ok
10:54:51.0652 0x0a60 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:54:51.0652 0x0a60 tdx - ok
10:54:51.0777 0x0a60 [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
10:54:51.0777 0x0a60 Te.Service - ok
10:54:51.0808 0x0a60 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:54:51.0808 0x0a60 TermDD - ok
10:54:51.0840 0x0a60 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
10:54:51.0855 0x0a60 TermService - ok
10:54:51.0886 0x0a60 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes C:\Windows\system32\themeservice.dll
10:54:51.0886 0x0a60 Themes - ok
10:54:51.0918 0x0a60 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:54:51.0918 0x0a60 THREADORDER - ok
10:54:51.0964 0x0a60 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv C:\Windows\system32\TODDSrv.exe
10:54:51.0964 0x0a60 TODDSrv - ok
10:54:51.0996 0x0a60 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:54:51.0996 0x0a60 TrkWks - ok
10:54:52.0042 0x0a60 [ 643F853A22B405E2D5AAB5927AE32DEC, E6A62D6E99C61A0903F671C0EB692488DA1493904ED913107D50527647F505FE ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
10:54:52.0042 0x0a60 truecrypt - ok
10:54:52.0120 0x0a60 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:54:52.0120 0x0a60 TrustedInstaller - ok
10:54:52.0152 0x0a60 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:54:52.0152 0x0a60 tssecsrv - ok
10:54:52.0198 0x0a60 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:54:52.0198 0x0a60 TsUsbFlt - ok
10:54:52.0214 0x0a60 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:54:52.0214 0x0a60 TsUsbGD - ok
10:54:52.0261 0x0a60 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:54:52.0261 0x0a60 tunnel - ok
10:54:52.0276 0x0a60 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:54:52.0276 0x0a60 uagp35 - ok
10:54:52.0323 0x0a60 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:54:52.0323 0x0a60 udfs - ok
10:54:52.0354 0x0a60 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:54:52.0354 0x0a60 UI0Detect - ok
10:54:52.0354 0x0a60 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:54:52.0354 0x0a60 uliagpkx - ok
10:54:52.0401 0x0a60 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:54:52.0401 0x0a60 umbus - ok
10:54:52.0417 0x0a60 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:54:52.0417 0x0a60 UmPass - ok
10:54:52.0432 0x0a60 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
10:54:52.0448 0x0a60 UmRdpService - ok
10:54:52.0479 0x0a60 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:54:52.0495 0x0a60 upnphost - ok
10:54:52.0526 0x0a60 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:54:52.0526 0x0a60 USBAAPL64 - ok
10:54:52.0573 0x0a60 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:54:52.0573 0x0a60 usbccgp - ok
10:54:52.0604 0x0a60 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:54:52.0604 0x0a60 usbcir - ok
10:54:52.0635 0x0a60 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:54:52.0635 0x0a60 usbehci - ok
10:54:52.0666 0x0a60 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:54:52.0682 0x0a60 usbhub - ok
10:54:52.0698 0x0a60 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:54:52.0698 0x0a60 usbohci - ok
10:54:52.0713 0x0a60 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:54:52.0713 0x0a60 usbprint - ok
10:54:52.0744 0x0a60 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:54:52.0744 0x0a60 usbscan - ok
10:54:52.0791 0x0a60 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:54:52.0791 0x0a60 USBSTOR - ok
10:54:52.0807 0x0a60 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:54:52.0807 0x0a60 usbuhci - ok
10:54:52.0838 0x0a60 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:54:52.0854 0x0a60 usbvideo - ok
10:54:52.0900 0x0a60 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
10:54:52.0900 0x0a60 usb_rndisx - ok
10:54:52.0932 0x0a60 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:54:52.0932 0x0a60 UxSms - ok
10:54:52.0932 0x0a60 uxstyle - ok
10:54:52.0947 0x0a60 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
10:54:52.0947 0x0a60 VaultSvc - ok
10:54:52.0994 0x0a60 [ FA778992885636644FAE843E479A6774, C43789E3500F7B20D3AA234F806EEDC77C29AD71289FA1ADA6B2527978CC58A8 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
10:54:53.0025 0x0a60 VBoxDrv - ok
10:54:53.0088 0x0a60 [ 63A1DDA8A5B1229A9F7A301EF9385909, D9053B0E311C34DC5ECAEFB34B8522F34C0627FFC547B0271313F570F20B9BF8 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
10:54:53.0088 0x0a60 VBoxNetAdp - ok
10:54:53.0103 0x0a60 [ 5269C8EAA3499A3D371BEA543955540F, 4E02FC198F1F4E202989628657658C5354C4F9B2CA37A49425C7A617A8DD85A2 ] VBoxNetLwf C:\Windows\system32\DRIVERS\VBoxNetLwf.sys
10:54:53.0119 0x0a60 VBoxNetLwf - ok
10:54:53.0134 0x0a60 [ 38450E440C613D0C88FD29716E159F68, 797DB2242E5AC2D126130E295B4AF832A394AAC43F0E21811CC94EE8A009C479 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
10:54:53.0150 0x0a60 VBoxUSBMon - ok
10:54:53.0166 0x0a60 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
10:54:53.0166 0x0a60 VClone - ok
10:54:53.0197 0x0a60 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:54:53.0197 0x0a60 vdrvroot - ok
10:54:53.0244 0x0a60 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:54:53.0259 0x0a60 vds - ok
10:54:53.0275 0x0a60 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:54:53.0275 0x0a60 vga - ok
10:54:53.0290 0x0a60 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:54:53.0290 0x0a60 VgaSave - ok
10:54:53.0306 0x0a60 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:54:53.0306 0x0a60 vhdmp - ok
10:54:53.0322 0x0a60 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:54:53.0322 0x0a60 viaide - ok
10:54:53.0353 0x0a60 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:54:53.0368 0x0a60 vmbus - ok
10:54:53.0384 0x0a60 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:54:53.0384 0x0a60 VMBusHID - ok
10:54:53.0400 0x0a60 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:54:53.0400 0x0a60 volmgr - ok
10:54:53.0415 0x0a60 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:54:53.0431 0x0a60 volmgrx - ok
10:54:53.0446 0x0a60 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:54:53.0462 0x0a60 volsnap - ok
10:54:53.0524 0x0a60 [ 9B4F6978628D07FAEBF77FF6F8F2960D, FC36FE6BE77445D55E4E92CE3EAF172E253EC8CF8D2EBCA204969CF21FFA5600 ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
10:54:53.0524 0x0a60 VsEtwService120 - ok
10:54:53.0556 0x0a60 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:54:53.0556 0x0a60 vsmraid - ok
10:54:53.0618 0x0a60 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:54:53.0665 0x0a60 VSS - ok
10:54:53.0696 0x0a60 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:54:53.0696 0x0a60 vwifibus - ok
10:54:53.0712 0x0a60 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:54:53.0712 0x0a60 vwififlt - ok
10:54:53.0727 0x0a60 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:54:53.0743 0x0a60 W32Time - ok
10:54:53.0758 0x0a60 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:54:53.0758 0x0a60 WacomPen - ok
10:54:53.0774 0x0a60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:54:53.0790 0x0a60 WANARP - ok
10:54:53.0790 0x0a60 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:54:53.0790 0x0a60 Wanarpv6 - ok
10:54:53.0836 0x0a60 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:54:53.0883 0x0a60 wbengine - ok
10:54:53.0914 0x0a60 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:54:53.0930 0x0a60 WbioSrvc - ok
10:54:53.0930 0x0a60 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:54:53.0946 0x0a60 wcncsvc - ok
10:54:53.0992 0x0a60 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:54:53.0992 0x0a60 WcsPlugInService - ok
10:54:54.0039 0x0a60 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:54:54.0039 0x0a60 Wd - ok
10:54:54.0102 0x0a60 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:54:54.0133 0x0a60 Wdf01000 - ok
10:54:54.0148 0x0a60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:54:54.0148 0x0a60 WdiServiceHost - ok
10:54:54.0164 0x0a60 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:54:54.0164 0x0a60 WdiSystemHost - ok
10:54:54.0180 0x0a60 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
10:54:54.0180 0x0a60 WebClient - ok
10:54:54.0195 0x0a60 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:54:54.0211 0x0a60 Wecsvc - ok
10:54:54.0211 0x0a60 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:54:54.0226 0x0a60 wercplsupport - ok
10:54:54.0242 0x0a60 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:54:54.0242 0x0a60 WerSvc - ok
10:54:54.0273 0x0a60 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:54:54.0273 0x0a60 WfpLwf - ok
10:54:54.0289 0x0a60 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:54:54.0289 0x0a60 WIMMount - ok
10:54:54.0336 0x0a60 WinDefend - ok
10:54:54.0351 0x0a60 WinHttpAutoProxySvc - ok
10:54:54.0414 0x0a60 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:54:54.0414 0x0a60 Winmgmt - ok
10:54:54.0492 0x0a60 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:54:54.0554 0x0a60 WinRM - ok
10:54:54.0616 0x0a60 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:54:54.0616 0x0a60 WinUsb - ok
10:54:54.0648 0x0a60 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:54:54.0694 0x0a60 Wlansvc - ok
10:54:54.0710 0x0a60 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:54:54.0710 0x0a60 WmiAcpi - ok
10:54:54.0757 0x0a60 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:54:54.0757 0x0a60 wmiApSrv - ok
10:54:54.0788 0x0a60 WMPNetworkSvc - ok
10:54:54.0804 0x0a60 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:54:54.0804 0x0a60 WPCSvc - ok
10:54:54.0835 0x0a60 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:54:54.0835 0x0a60 WPDBusEnum - ok
10:54:54.0850 0x0a60 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:54:54.0850 0x0a60 ws2ifsl - ok
10:54:54.0866 0x0a60 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:54:54.0866 0x0a60 wscsvc - ok
10:54:54.0882 0x0a60 WSearch - ok
10:54:54.0975 0x0a60 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
10:54:55.0053 0x0a60 wuauserv - ok
10:54:55.0069 0x0a60 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:54:55.0069 0x0a60 WudfPf - ok
10:54:55.0100 0x0a60 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:54:55.0100 0x0a60 WUDFRd - ok
10:54:55.0131 0x0a60 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:54:55.0131 0x0a60 wudfsvc - ok
10:54:55.0147 0x0a60 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:54:55.0162 0x0a60 WwanSvc - ok
10:54:55.0162 0x0a60 ================ Scan global ===============================
10:54:55.0209 0x0a60 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:54:55.0256 0x0a60 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:54:55.0272 0x0a60 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:54:55.0303 0x0a60 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:54:55.0334 0x0a60 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:54:55.0334 0x0a60 [ Global ] - ok
10:54:55.0334 0x0a60 ================ Scan MBR ==================================
10:54:55.0350 0x0a60 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:54:55.0552 0x0a60 \Device\Harddisk0\DR0 - ok
10:54:55.0552 0x0a60 ================ Scan VBR ==================================
10:54:55.0552 0x0a60 [ 3843FF536F141C77423BBB9EB9D1F932 ] \Device\Harddisk0\DR0\Partition1
10:54:55.0599 0x0a60 \Device\Harddisk0\DR0\Partition1 - ok
10:54:55.0599 0x0a60 [ 3622C9273DABFBC340D8A77BD0AB7222 ] \Device\Harddisk0\DR0\Partition2
10:54:55.0646 0x0a60 \Device\Harddisk0\DR0\Partition2 - ok
10:54:55.0646 0x0a60 ================ Scan generic autorun ======================
10:54:55.0646 0x0a60 SynTPEnh - ok
10:54:55.0833 0x0a60 [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
10:54:55.0849 0x0a60 AdobeAAMUpdater-1.0 - ok
10:54:55.0927 0x0a60 InstallerLauncher - ok
10:54:56.0020 0x0a60 [ 1B6E310EA9D99D340D00D7954F42E1E4, 123B77ED9A42F84B6F621C5835E20E9458C6A4BEFFE30B1B000E17EE283B640A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:54:56.0301 0x0a60 StartCCC - ok
10:54:56.0364 0x0a60 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:54:56.0379 0x0a60 QuickTime Task - ok
10:54:56.0473 0x0a60 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
10:54:56.0520 0x0a60 AdobeCS6ServiceManager - ok
10:54:56.0566 0x0a60 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
10:54:56.0566 0x0a60 VirtualCloneDrive - ok
10:54:56.0629 0x0a60 [ 1D8F25EB5405C8FFFA0DE6EE4E139841, E7D22C1F3694F5B993469308F8750DE575AB27A4388897803632AB91C0D3CEB9 ] C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe
10:54:56.0660 0x0a60 bdruninstaller - ok
10:54:56.0722 0x0a60 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
10:54:56.0722 0x0a60 SunJavaUpdateSched - ok
10:54:56.0785 0x0a60 [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:54:56.0816 0x0a60 Adobe ARM - ok
10:54:56.0894 0x0a60 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:54:56.0910 0x0a60 Sidebar - ok
10:54:56.0941 0x0a60 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:54:56.0941 0x0a60 mctadmin - ok
10:54:56.0972 0x0a60 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:54:57.0003 0x0a60 Sidebar - ok
10:54:57.0003 0x0a60 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:54:57.0003 0x0a60 mctadmin - ok
10:54:57.0144 0x0a60 [ 8150D92888E57CFBC48119DD32ABE7AA, 1F3B344B3755892549E319906C721603388722D436648067322F8B5090A1AC28 ] C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
10:54:57.0206 0x0a60 uTorrent - ok
10:54:57.0253 0x0a60 Skype - ok
10:54:57.0253 0x0a60 Waiting for KSN requests completion. In queue: 371
10:54:58.0267 0x0a60 Waiting for KSN requests completion. In queue: 371
10:54:59.0281 0x0a60 Waiting for KSN requests completion. In queue: 371
10:55:00.0295 0x0a60 Waiting for KSN requests completion. In queue: 371
10:55:01.0309 0x0a60 Waiting for KSN requests completion. In queue: 371
10:55:02.0323 0x0a60 Waiting for KSN requests completion. In queue: 371
10:55:03.0337 0x0a60 Waiting for KSN requests completion. In queue: 62
10:55:04.0351 0x0a60 Waiting for KSN requests completion. In queue: 62
10:55:05.0365 0x0a60 Waiting for KSN requests completion. In queue: 62
10:55:06.0379 0x0a60 Waiting for KSN requests completion. In queue: 62
10:55:07.0393 0x0a60 Waiting for KSN requests completion. In queue: 62
10:55:08.0781 0x0a60 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
10:55:08.0781 0x0a60 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
|
|
01.09.2015, 10:20
| #4 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild TDSS KILLER LOG 2/3 Code:
ATTFilter 10:55:08.0781 0x0a60 ============================================================ 10:55:08.0781 0x0a60 Scan finished 10:55:08.0781 0x0a60 ============================================================ 10:55:08.0781 0x0b34 Detected object count: 0 10:55:08.0781 0x0b34 Actual detected object count: 0 10:56:51.0835 0x0850 ============================================================ 10:56:51.0835 0x0850 Scan started 10:56:51.0835 0x0850 Mode: Manual; 10:56:51.0835 0x0850 ============================================================ 10:56:51.0835 0x0850 KSN ping started 10:56:55.0595 0x0850 KSN ping finished: true 10:56:56.0390 0x0850 ================ Scan system memory ======================== 10:56:56.0390 0x0850 System memory - ok 10:56:56.0390 0x0850 ================ Scan services ============================= 10:56:56.0499 0x0850 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 10:56:56.0499 0x0850 1394ohci - ok 10:56:56.0515 0x0850 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 10:56:56.0531 0x0850 ACPI - ok 10:56:56.0546 0x0850 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 10:56:56.0546 0x0850 AcpiPmi - ok 10:56:56.0640 0x0850 [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 10:56:56.0640 0x0850 AdobeARMservice - ok 10:56:56.0671 0x0850 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 10:56:56.0671 0x0850 adp94xx - ok 10:56:56.0702 0x0850 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 10:56:56.0702 0x0850 adpahci - ok 10:56:56.0718 0x0850 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 10:56:56.0718 0x0850 adpu320 - ok 10:56:56.0749 0x0850 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:56:56.0749 0x0850 AeLookupSvc - ok 10:56:56.0796 0x0850 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys 10:56:56.0796 0x0850 AFD - ok 10:56:56.0811 0x0850 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 10:56:56.0811 0x0850 agp440 - ok 10:56:56.0827 0x0850 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 10:56:56.0827 0x0850 ALG - ok 10:56:56.0843 0x0850 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 10:56:56.0843 0x0850 aliide - ok 10:56:56.0889 0x0850 [ 2437C0697BA89FC5FCF2ADE491BDC2B3, D29D34C1A1CA2F5773C64B2914113E62DD5990CC1FA92C6056EB956003761D7D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 10:56:56.0889 0x0850 AMD External Events Utility - ok 10:56:56.0905 0x0850 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 10:56:56.0905 0x0850 amdide - ok 10:56:56.0921 0x0850 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 10:56:56.0921 0x0850 AmdK8 - ok 10:56:57.0279 0x0850 [ 184F11D8B76FACFE16390C4C47D32B5D, 712A89DD1E803254A206A796C134E1B9F5BAAF54303591BDA384AD7754FAD6AF ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 10:56:57.0451 0x0850 amdkmdag - ok 10:56:57.0513 0x0850 [ 54BC6F0E471033D8B22FB5E5BEA343EE, D8D75D2B43BBD4CF6B773BF01F4013F4F2BAD0807561A9CE2042FA0D575A69D0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 10:56:57.0529 0x0850 amdkmdap - ok 10:56:57.0545 0x0850 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 10:56:57.0545 0x0850 AmdPPM - ok 10:56:57.0576 0x0850 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys 10:56:57.0576 0x0850 amdsata - ok 10:56:57.0591 0x0850 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 10:56:57.0591 0x0850 amdsbs - ok 10:56:57.0607 0x0850 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys 10:56:57.0607 0x0850 amdxata - ok 10:56:57.0623 0x0850 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 10:56:57.0623 0x0850 AppID - ok 10:56:57.0654 0x0850 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 10:56:57.0654 0x0850 AppIDSvc - ok 10:56:57.0685 0x0850 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 10:56:57.0685 0x0850 Appinfo - ok 10:56:57.0716 0x0850 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 10:56:57.0716 0x0850 AppMgmt - ok 10:56:57.0732 0x0850 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 10:56:57.0732 0x0850 arc - ok 10:56:57.0763 0x0850 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 10:56:57.0763 0x0850 arcsas - ok 10:56:57.0872 0x0850 [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 10:56:57.0872 0x0850 aspnet_state - ok 10:56:57.0888 0x0850 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:56:57.0888 0x0850 AsyncMac - ok 10:56:57.0903 0x0850 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 10:56:57.0903 0x0850 atapi - ok 10:56:57.0997 0x0850 [ DE9FB3DADE8FD39AE2C587DF22D36B8E, 5315448D41661E625D51330E689139E914E7173DF1F8593C9F81ABC959F5F85D ] athr C:\Windows\system32\DRIVERS\athrx.sys 10:56:58.0044 0x0850 athr - ok 10:56:58.0059 0x0850 [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 10:56:58.0059 0x0850 AtiHDAudioService - ok 10:56:58.0091 0x0850 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:56:58.0106 0x0850 AudioEndpointBuilder - ok 10:56:58.0137 0x0850 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 10:56:58.0153 0x0850 AudioSrv - ok 10:56:58.0231 0x0850 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe 10:56:58.0231 0x0850 AVP15.0.0 - ok 10:56:58.0247 0x0850 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 10:56:58.0262 0x0850 AxInstSV - ok 10:56:58.0293 0x0850 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 10:56:58.0309 0x0850 b06bdrv - ok 10:56:58.0309 0x0850 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 10:56:58.0325 0x0850 b57nd60a - ok 10:56:58.0340 0x0850 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 10:56:58.0340 0x0850 BDESVC - ok 10:56:58.0356 0x0850 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 10:56:58.0356 0x0850 Beep - ok 10:56:58.0387 0x0850 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 10:56:58.0403 0x0850 BFE - ok 10:56:58.0449 0x0850 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 10:56:58.0465 0x0850 BITS - ok 10:56:58.0481 0x0850 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 10:56:58.0481 0x0850 blbdrive - ok 10:56:58.0527 0x0850 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:56:58.0527 0x0850 bowser - ok 10:56:58.0527 0x0850 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 10:56:58.0543 0x0850 BrFiltLo - ok 10:56:58.0559 0x0850 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 10:56:58.0559 0x0850 BrFiltUp - ok 10:56:58.0590 0x0850 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 10:56:58.0590 0x0850 Browser - ok 10:56:58.0621 0x0850 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 10:56:58.0637 0x0850 Brserid - ok 10:56:58.0652 0x0850 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 10:56:58.0652 0x0850 BrSerWdm - ok 10:56:58.0668 0x0850 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 10:56:58.0668 0x0850 BrUsbMdm - ok 10:56:58.0683 0x0850 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 10:56:58.0683 0x0850 BrUsbSer - ok 10:56:58.0715 0x0850 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 10:56:58.0715 0x0850 BthEnum - ok 10:56:58.0730 0x0850 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 10:56:58.0730 0x0850 BTHMODEM - ok 10:56:58.0746 0x0850 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 10:56:58.0746 0x0850 BthPan - ok 10:56:58.0777 0x0850 [ 0D25B6D300BA26A5F2C3B2A8E96B158B, 45C4D18367BDBD85D442221286FE4E9EBC053F1927A32403B2DEBF95AD4E6676 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 10:56:58.0777 0x0850 BTHPORT - ok 10:56:58.0808 0x0850 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 10:56:58.0808 0x0850 bthserv - ok 10:56:58.0855 0x0850 [ 1F9912F8EC5BFA53432E71E150636A8A, D8DE353FA5A6B95EA1CBC79731657044C09BED38B831B8365DCCA8A6DEA67111 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 10:56:58.0855 0x0850 BTHUSB - ok 10:56:58.0871 0x0850 c2wts - ok 10:56:58.0902 0x0850 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:56:58.0902 0x0850 cdfs - ok 10:56:58.0933 0x0850 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 10:56:58.0933 0x0850 cdrom - ok 10:56:58.0949 0x0850 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 10:56:58.0949 0x0850 CertPropSvc - ok 10:56:58.0964 0x0850 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 10:56:58.0964 0x0850 circlass - ok 10:56:58.0995 0x0850 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 10:56:59.0011 0x0850 CLFS - ok 10:56:59.0073 0x0850 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:56:59.0073 0x0850 clr_optimization_v2.0.50727_32 - ok 10:56:59.0089 0x0850 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:56:59.0089 0x0850 clr_optimization_v2.0.50727_64 - ok 10:56:59.0183 0x0850 [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:56:59.0183 0x0850 clr_optimization_v4.0.30319_32 - ok 10:56:59.0198 0x0850 [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:56:59.0198 0x0850 clr_optimization_v4.0.30319_64 - ok 10:56:59.0214 0x0850 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 10:56:59.0214 0x0850 CmBatt - ok 10:56:59.0229 0x0850 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:56:59.0229 0x0850 cmdide - ok 10:56:59.0276 0x0850 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 10:56:59.0276 0x0850 CNG - ok 10:56:59.0292 0x0850 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 10:56:59.0292 0x0850 Compbatt - ok 10:56:59.0307 0x0850 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 10:56:59.0307 0x0850 CompositeBus - ok 10:56:59.0307 0x0850 COMSysApp - ok 10:56:59.0385 0x0850 [ F4FD82F5D6617A45CC3C4B9D4E7DF2C0, 7FD97E17246F53DC191009BE0B434E89C5B9A937D3909FB1A6C43F64822B7421 ] CPUCooLServer C:\Program Files (x86)\CPUCooL\CooLSrv.exe 10:56:59.0401 0x0850 CPUCooLServer - ok 10:56:59.0417 0x0850 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 10:56:59.0417 0x0850 crcdisk - ok 10:56:59.0463 0x0850 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:56:59.0479 0x0850 CryptSvc - ok 10:56:59.0510 0x0850 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 10:56:59.0510 0x0850 CSC - ok 10:56:59.0541 0x0850 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 10:56:59.0557 0x0850 CscService - ok 10:56:59.0619 0x0850 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 10:56:59.0619 0x0850 DcomLaunch - ok 10:56:59.0651 0x0850 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 10:56:59.0651 0x0850 defragsvc - ok 10:56:59.0666 0x0850 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:56:59.0666 0x0850 DfsC - ok 10:56:59.0682 0x0850 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 10:56:59.0682 0x0850 Dhcp - ok 10:56:59.0713 0x0850 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 10:56:59.0713 0x0850 discache - ok 10:56:59.0744 0x0850 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 10:56:59.0744 0x0850 Disk - ok 10:56:59.0760 0x0850 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 10:56:59.0775 0x0850 dmvsc - ok 10:56:59.0791 0x0850 [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:56:59.0807 0x0850 Dnscache - ok 10:56:59.0822 0x0850 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 10:56:59.0822 0x0850 dot3svc - ok 10:56:59.0838 0x0850 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 10:56:59.0838 0x0850 DPS - ok 10:56:59.0885 0x0850 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:56:59.0885 0x0850 drmkaud - ok 10:56:59.0931 0x0850 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:56:59.0947 0x0850 DXGKrnl - ok 10:56:59.0994 0x0850 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 10:56:59.0994 0x0850 EapHost - ok 10:57:00.0119 0x0850 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 10:57:00.0165 0x0850 ebdrv - ok 10:57:00.0212 0x0850 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe 10:57:00.0212 0x0850 EFS - ok 10:57:00.0290 0x0850 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 10:57:00.0306 0x0850 ehRecvr - ok 10:57:00.0321 0x0850 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 10:57:00.0321 0x0850 ehSched - ok 10:57:00.0321 0x0850 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 10:57:00.0321 0x0850 ElbyCDIO - ok 10:57:00.0368 0x0850 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 10:57:00.0384 0x0850 elxstor - ok 10:57:00.0399 0x0850 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:57:00.0399 0x0850 ErrDev - ok 10:57:00.0462 0x0850 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 10:57:00.0462 0x0850 EventSystem - ok 10:57:00.0477 0x0850 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 10:57:00.0493 0x0850 exfat - ok 10:57:00.0524 0x0850 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:57:00.0524 0x0850 fastfat - ok 10:57:00.0571 0x0850 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 10:57:00.0587 0x0850 Fax - ok 10:57:00.0602 0x0850 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 10:57:00.0602 0x0850 fdc - ok 10:57:00.0618 0x0850 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 10:57:00.0618 0x0850 fdPHost - ok 10:57:00.0633 0x0850 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 10:57:00.0633 0x0850 FDResPub - ok 10:57:00.0665 0x0850 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:57:00.0665 0x0850 FileInfo - ok 10:57:00.0665 0x0850 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:57:00.0680 0x0850 Filetrace - ok 10:57:00.0680 0x0850 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 10:57:00.0680 0x0850 flpydisk - ok 10:57:00.0711 0x0850 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:57:00.0711 0x0850 FltMgr - ok 10:57:00.0774 0x0850 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 10:57:00.0789 0x0850 FontCache - ok 10:57:00.0852 0x0850 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:57:00.0852 0x0850 FontCache3.0.0.0 - ok 10:57:00.0883 0x0850 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 10:57:00.0883 0x0850 FsDepends - ok 10:57:00.0930 0x0850 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:57:00.0930 0x0850 Fs_Rec - ok 10:57:01.0039 0x0850 [ 014195B03B378CFEAA029958CBC53695, 0F069F37CF83234929D618A78A58F369D0D033A4ABBC4AD02D37825E9857B731 ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe 10:57:01.0039 0x0850 fussvc - ok 10:57:01.0055 0x0850 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 10:57:01.0070 0x0850 fvevol - ok 10:57:01.0070 0x0850 [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys 10:57:01.0070 0x0850 FwLnk - ok 10:57:01.0101 0x0850 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 10:57:01.0117 0x0850 gagp30kx - ok 10:57:01.0148 0x0850 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 10:57:01.0164 0x0850 gpsvc - ok 10:57:01.0179 0x0850 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 10:57:01.0179 0x0850 hcw85cir - ok 10:57:01.0211 0x0850 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 10:57:01.0211 0x0850 HdAudAddService - ok 10:57:01.0226 0x0850 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 10:57:01.0242 0x0850 HDAudBus - ok 10:57:01.0257 0x0850 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 10:57:01.0257 0x0850 HidBatt - ok 10:57:01.0257 0x0850 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 10:57:01.0257 0x0850 HidBth - ok 10:57:01.0289 0x0850 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 10:57:01.0289 0x0850 HidIr - ok 10:57:01.0320 0x0850 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 10:57:01.0320 0x0850 hidserv - ok 10:57:01.0320 0x0850 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:57:01.0320 0x0850 HidUsb - ok 10:57:01.0398 0x0850 [ F35FCF9824E02F82B21D4DAD2C8311C1, C16B8CB58FB52A9F6CFDB1F488A1644620C4088F9D16AA02968F128010767D34 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe 10:57:01.0398 0x0850 HitmanProScheduler - ok 10:57:01.0398 0x0850 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 10:57:01.0398 0x0850 hkmsvc - ok 10:57:01.0413 0x0850 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 10:57:01.0429 0x0850 HomeGroupListener - ok 10:57:01.0445 0x0850 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 10:57:01.0460 0x0850 HomeGroupProvider - ok 10:57:01.0491 0x0850 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 10:57:01.0491 0x0850 HpSAMD - ok 10:57:01.0523 0x0850 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:57:01.0523 0x0850 HTTP - ok 10:57:01.0538 0x0850 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 10:57:01.0538 0x0850 hwpolicy - ok 10:57:01.0616 0x0850 [ 661FB04A7F7A3E2F1AAD07710B0692F7, A58B6A8FE9BF470426E92042A27BEFA26CC8B881967030B58D3BFA155CDF9AA4 ] i2p C:\Program Files (x86)\i2p\I2Psvc.exe 10:57:01.0632 0x0850 i2p - ok 10:57:01.0647 0x0850 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 10:57:01.0647 0x0850 i8042prt - ok 10:57:01.0679 0x0850 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 10:57:01.0679 0x0850 iaStorV - ok 10:57:01.0757 0x0850 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 10:57:01.0772 0x0850 IDriverT - ok 10:57:01.0819 0x0850 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:57:01.0835 0x0850 idsvc - ok 10:57:01.0850 0x0850 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 10:57:01.0850 0x0850 iirsp - ok 10:57:01.0897 0x0850 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 10:57:01.0913 0x0850 IKEEXT - ok 10:57:01.0944 0x0850 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 10:57:01.0944 0x0850 intelide - ok 10:57:01.0959 0x0850 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 10:57:01.0959 0x0850 intelppm - ok 10:57:01.0991 0x0850 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:57:01.0991 0x0850 IPBusEnum - ok 10:57:02.0006 0x0850 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:57:02.0006 0x0850 IpFilterDriver - ok 10:57:02.0037 0x0850 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:57:02.0053 0x0850 iphlpsvc - ok 10:57:02.0069 0x0850 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 10:57:02.0069 0x0850 IPMIDRV - ok 10:57:02.0084 0x0850 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 10:57:02.0084 0x0850 IPNAT - ok 10:57:02.0100 0x0850 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:57:02.0100 0x0850 IRENUM - ok 10:57:02.0115 0x0850 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:57:02.0115 0x0850 isapnp - ok 10:57:02.0147 0x0850 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 10:57:02.0147 0x0850 iScsiPrt - ok 10:57:02.0162 0x0850 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 10:57:02.0162 0x0850 kbdclass - ok 10:57:02.0178 0x0850 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 10:57:02.0178 0x0850 kbdhid - ok 10:57:02.0193 0x0850 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe 10:57:02.0193 0x0850 KeyIso - ok 10:57:02.0240 0x0850 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 10:57:02.0240 0x0850 kl1 - ok 10:57:02.0287 0x0850 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\Windows\system32\DRIVERS\klflt.sys 10:57:02.0287 0x0850 klflt - ok 10:57:02.0318 0x0850 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\Windows\system32\DRIVERS\klhk.sys 10:57:02.0334 0x0850 klhk - ok 10:57:02.0396 0x0850 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys 10:57:02.0412 0x0850 KLIF - ok 10:57:02.0443 0x0850 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 10:57:02.0443 0x0850 KLIM6 - ok 10:57:02.0459 0x0850 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 10:57:02.0459 0x0850 klkbdflt - ok 10:57:02.0474 0x0850 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 10:57:02.0474 0x0850 klmouflt - ok 10:57:02.0474 0x0850 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys 10:57:02.0474 0x0850 klpd - ok 10:57:02.0490 0x0850 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 10:57:02.0490 0x0850 kltdi - ok 10:57:02.0505 0x0850 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys 10:57:02.0505 0x0850 kneps - ok 10:57:02.0537 0x0850 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:57:02.0537 0x0850 KSecDD - ok 10:57:02.0552 0x0850 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 10:57:02.0568 0x0850 KSecPkg - ok 10:57:02.0583 0x0850 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:57:02.0583 0x0850 ksthunk - ok 10:57:02.0615 0x0850 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 10:57:02.0630 0x0850 KtmRm - ok 10:57:02.0677 0x0850 [ 3CE6A9BEF066BF9488E6BC4D6C62F77E, CDE0A0DCD9A5A2E49DE55E720B5A6FFF502EE139C0EC8793638560E75BF2118C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 10:57:02.0677 0x0850 L1C - ok 10:57:02.0708 0x0850 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 10:57:02.0708 0x0850 LanmanServer - ok 10:57:02.0724 0x0850 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:57:02.0724 0x0850 LanmanWorkstation - ok 10:57:02.0755 0x0850 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:57:02.0755 0x0850 lltdio - ok 10:57:02.0786 0x0850 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:57:02.0802 0x0850 lltdsvc - ok 10:57:02.0802 0x0850 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:57:02.0802 0x0850 lmhosts - ok 10:57:02.0833 0x0850 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 10:57:02.0833 0x0850 LSI_FC - ok 10:57:02.0849 0x0850 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 10:57:02.0849 0x0850 LSI_SAS - ok 10:57:02.0864 0x0850 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 10:57:02.0864 0x0850 LSI_SAS2 - ok 10:57:02.0911 0x0850 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 10:57:02.0911 0x0850 LSI_SCSI - ok 10:57:02.0942 0x0850 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 10:57:02.0942 0x0850 luafv - ok 10:57:02.0958 0x0850 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 10:57:02.0958 0x0850 MBAMProtector - ok 10:57:03.0067 0x0850 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 10:57:03.0098 0x0850 MBAMScheduler - ok 10:57:03.0145 0x0850 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 10:57:03.0161 0x0850 MBAMService - ok 10:57:03.0176 0x0850 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 10:57:03.0176 0x0850 MBAMWebAccessControl - ok 10:57:03.0192 0x0850 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 10:57:03.0207 0x0850 Mcx2Svc - ok 10:57:03.0223 0x0850 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 10:57:03.0223 0x0850 megasas - ok 10:57:03.0239 0x0850 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 10:57:03.0239 0x0850 MegaSR - ok 10:57:03.0270 0x0850 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 10:57:03.0270 0x0850 MMCSS - ok 10:57:03.0285 0x0850 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 10:57:03.0285 0x0850 Modem - ok 10:57:03.0301 0x0850 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:57:03.0301 0x0850 monitor - ok 10:57:03.0317 0x0850 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:57:03.0317 0x0850 mouclass - ok 10:57:03.0332 0x0850 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:57:03.0332 0x0850 mouhid - ok 10:57:03.0348 0x0850 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 10:57:03.0348 0x0850 mountmgr - ok 10:57:03.0410 0x0850 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 10:57:03.0410 0x0850 MozillaMaintenance - ok 10:57:03.0426 0x0850 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 10:57:03.0426 0x0850 mpio - ok 10:57:03.0457 0x0850 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:57:03.0457 0x0850 mpsdrv - ok 10:57:03.0504 0x0850 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 10:57:03.0519 0x0850 MpsSvc - ok 10:57:03.0535 0x0850 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:57:03.0535 0x0850 MRxDAV - ok 10:57:03.0566 0x0850 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:57:03.0582 0x0850 mrxsmb - ok 10:57:03.0597 0x0850 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:57:03.0613 0x0850 mrxsmb10 - ok 10:57:03.0613 0x0850 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:57:03.0613 0x0850 mrxsmb20 - ok 10:57:03.0644 0x0850 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 10:57:03.0644 0x0850 msahci - ok 10:57:03.0660 0x0850 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:57:03.0660 0x0850 msdsm - ok 10:57:03.0675 0x0850 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 10:57:03.0675 0x0850 MSDTC - ok 10:57:03.0691 0x0850 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:57:03.0691 0x0850 Msfs - ok 10:57:03.0691 0x0850 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 10:57:03.0691 0x0850 mshidkmdf - ok 10:57:03.0707 0x0850 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:57:03.0707 0x0850 msisadrv - ok 10:57:03.0738 0x0850 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:57:03.0738 0x0850 MSiSCSI - ok 10:57:03.0738 0x0850 msiserver - ok 10:57:03.0753 0x0850 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:57:03.0753 0x0850 MSKSSRV - ok 10:57:03.0769 0x0850 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:57:03.0769 0x0850 MSPCLOCK - ok 10:57:03.0785 0x0850 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:57:03.0785 0x0850 MSPQM - ok 10:57:03.0800 0x0850 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:57:03.0816 0x0850 MsRPC - ok 10:57:03.0831 0x0850 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 10:57:03.0831 0x0850 mssmbios - ok 10:57:03.0831 0x0850 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:57:03.0831 0x0850 MSTEE - ok 10:57:03.0847 0x0850 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 10:57:03.0847 0x0850 MTConfig - ok 10:57:03.0863 0x0850 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 10:57:03.0863 0x0850 Mup - ok 10:57:03.0878 0x0850 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 10:57:03.0894 0x0850 napagent - ok 10:57:03.0925 0x0850 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:57:03.0925 0x0850 NativeWifiP - ok 10:57:03.0956 0x0850 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys 10:57:03.0987 0x0850 NDIS - ok 10:57:03.0987 0x0850 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 10:57:04.0003 0x0850 NdisCap - ok 10:57:04.0019 0x0850 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:57:04.0019 0x0850 NdisTapi - ok 10:57:04.0034 0x0850 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:57:04.0034 0x0850 Ndisuio - ok 10:57:04.0050 0x0850 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:57:04.0050 0x0850 NdisWan - ok 10:57:04.0065 0x0850 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:57:04.0065 0x0850 NDProxy - ok 10:57:04.0112 0x0850 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 10:57:04.0112 0x0850 Netaapl - ok 10:57:04.0128 0x0850 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:57:04.0128 0x0850 NetBIOS - ok 10:57:04.0143 0x0850 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 10:57:04.0159 0x0850 NetBT - ok 10:57:04.0175 0x0850 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe 10:57:04.0175 0x0850 Netlogon - ok 10:57:04.0206 0x0850 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 10:57:04.0206 0x0850 Netman - ok 10:57:04.0253 0x0850 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:57:04.0253 0x0850 NetMsmqActivator - ok 10:57:04.0268 0x0850 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:57:04.0268 0x0850 NetPipeActivator - ok 10:57:04.0299 0x0850 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 10:57:04.0315 0x0850 netprofm - ok 10:57:04.0315 0x0850 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:57:04.0315 0x0850 NetTcpActivator - ok 10:57:04.0331 0x0850 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:57:04.0331 0x0850 NetTcpPortSharing - ok 10:57:04.0346 0x0850 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 10:57:04.0362 0x0850 nfrd960 - ok 10:57:04.0393 0x0850 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll 10:57:04.0393 0x0850 NlaSvc - ok 10:57:04.0424 0x0850 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\Windows\system32\drivers\npf.sys 10:57:04.0424 0x0850 npf - ok 10:57:04.0440 0x0850 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:57:04.0440 0x0850 Npfs - ok 10:57:04.0471 0x0850 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 10:57:04.0471 0x0850 nsi - ok 10:57:04.0471 0x0850 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:57:04.0471 0x0850 nsiproxy - ok 10:57:04.0549 0x0850 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:57:04.0580 0x0850 Ntfs - ok 10:57:04.0611 0x0850 [ 69E894C5A09C6A6E6372E35653BB05F3, D377E6D7AF16468559C36D2145FE3AF5D696B57CC9F8A0D47489923D723B8D9D ] ntiopnp C:\Windows\system32\drivers\ntiopnp.sys 10:57:04.0611 0x0850 ntiopnp - ok 10:57:04.0658 0x0850 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 10:57:04.0658 0x0850 Null - ok 10:57:04.0658 0x0850 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:57:04.0674 0x0850 nvraid - ok 10:57:04.0674 0x0850 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:57:04.0674 0x0850 nvstor - ok 10:57:04.0689 0x0850 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:57:04.0689 0x0850 nv_agp - ok 10:57:04.0705 0x0850 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 10:57:04.0705 0x0850 ohci1394 - ok 10:57:04.0752 0x0850 [ 0227755477E6B0CECE8CFFF2E6AFEDC0, 9D2B615238CAB50BF0B2E74A1A39CC0258E5AF4F03E4582A353B35E16E7D831A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe 10:57:04.0767 0x0850 OpenVPNService - ok 10:57:04.0799 0x0850 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 10:57:04.0799 0x0850 p2pimsvc - ok 10:57:04.0814 0x0850 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 10:57:04.0830 0x0850 p2psvc - ok 10:57:04.0861 0x0850 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 10:57:04.0861 0x0850 Parport - ok 10:57:04.0892 0x0850 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:57:04.0892 0x0850 partmgr - ok 10:57:04.0923 0x0850 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 10:57:04.0923 0x0850 PcaSvc - ok 10:57:04.0939 0x0850 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 10:57:04.0955 0x0850 pci - ok 10:57:04.0970 0x0850 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 10:57:04.0970 0x0850 pciide - ok 10:57:05.0001 0x0850 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 10:57:05.0001 0x0850 pcmcia - ok 10:57:05.0017 0x0850 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 10:57:05.0017 0x0850 pcw - ok 10:57:05.0033 0x0850 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:57:05.0048 0x0850 PEAUTH - ok 10:57:05.0111 0x0850 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 10:57:05.0126 0x0850 PeerDistSvc - ok 10:57:05.0220 0x0850 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:57:05.0220 0x0850 PerfHost - ok 10:57:05.0235 0x0850 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys 10:57:05.0235 0x0850 PGEffect - ok 10:57:05.0313 0x0850 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 10:57:05.0329 0x0850 pla - ok 10:57:05.0391 0x0850 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:57:05.0391 0x0850 PlugPlay - ok 10:57:05.0391 0x0850 PnkBstrA - ok 10:57:05.0423 0x0850 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 10:57:05.0423 0x0850 PNRPAutoReg - ok 10:57:05.0438 0x0850 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 10:57:05.0438 0x0850 PNRPsvc - ok 10:57:05.0563 0x0850 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:57:05.0563 0x0850 PolicyAgent - ok 10:57:05.0735 0x0850 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 10:57:05.0735 0x0850 Power - ok 10:57:05.0750 0x0850 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:57:05.0766 0x0850 PptpMiniport - ok 10:57:05.0781 0x0850 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 10:57:05.0781 0x0850 Processor - ok 10:57:05.0813 0x0850 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll 10:57:05.0813 0x0850 ProfSvc - ok 10:57:05.0828 0x0850 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe 10:57:05.0828 0x0850 ProtectedStorage - ok 10:57:05.0844 0x0850 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 10:57:05.0844 0x0850 Psched - ok 10:57:05.0891 0x0850 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 10:57:05.0922 0x0850 ql2300 - ok 10:57:05.0937 0x0850 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 10:57:05.0937 0x0850 ql40xx - ok 10:57:05.0969 0x0850 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 10:57:05.0984 0x0850 QWAVE - ok 10:57:06.0000 0x0850 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:57:06.0000 0x0850 QWAVEdrv - ok 10:57:06.0015 0x0850 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:57:06.0015 0x0850 RasAcd - ok 10:57:06.0031 0x0850 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 10:57:06.0031 0x0850 RasAgileVpn - ok 10:57:06.0047 0x0850 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 10:57:06.0047 0x0850 RasAuto - ok 10:57:06.0078 0x0850 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:57:06.0078 0x0850 Rasl2tp - ok 10:57:06.0093 0x0850 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 10:57:06.0109 0x0850 RasMan - ok 10:57:06.0125 0x0850 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:57:06.0125 0x0850 RasPppoe - ok 10:57:06.0140 0x0850 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:57:06.0140 0x0850 RasSstp - ok 10:57:06.0156 0x0850 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:57:06.0156 0x0850 rdbss - ok 10:57:06.0187 0x0850 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 10:57:06.0187 0x0850 rdpbus - ok 10:57:06.0203 0x0850 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:57:06.0203 0x0850 RDPCDD - ok 10:57:06.0218 0x0850 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 10:57:06.0234 0x0850 RDPDR - ok 10:57:06.0234 0x0850 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:57:06.0234 0x0850 RDPENCDD - ok 10:57:06.0249 0x0850 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 10:57:06.0249 0x0850 RDPREFMP - ok 10:57:06.0296 0x0850 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:57:06.0296 0x0850 RDPWD - ok 10:57:06.0312 0x0850 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 10:57:06.0312 0x0850 rdyboost - ok 10:57:06.0327 0x0850 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:57:06.0343 0x0850 RemoteAccess - ok 10:57:06.0374 0x0850 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:57:06.0374 0x0850 RemoteRegistry - ok 10:57:06.0390 0x0850 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 10:57:06.0390 0x0850 RFCOMM - ok 10:57:06.0405 0x0850 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 10:57:06.0405 0x0850 RpcEptMapper - ok 10:57:06.0421 0x0850 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 10:57:06.0421 0x0850 RpcLocator - ok 10:57:06.0468 0x0850 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 10:57:06.0483 0x0850 RpcSs - ok 10:57:06.0499 0x0850 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:57:06.0499 0x0850 rspndr - ok 10:57:06.0546 0x0850 [ 36FCA0C67BCDC0DA047F5F36743B5CB9, 55B8F43B78B55900DA055206644D1DAD60AE453DB1A8D4527B86FAC346EEE587 ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys 10:57:06.0546 0x0850 RSUSBVSTOR - ok 10:57:06.0593 0x0850 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 10:57:06.0593 0x0850 s3cap - ok 10:57:06.0608 0x0850 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe 10:57:06.0608 0x0850 SamSs - ok 10:57:06.0624 0x0850 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:57:06.0624 0x0850 sbp2port - ok 10:57:06.0655 0x0850 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:57:06.0655 0x0850 SCardSvr - ok 10:57:06.0686 0x0850 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 10:57:06.0686 0x0850 scfilter - ok 10:57:06.0717 0x0850 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 10:57:06.0749 0x0850 Schedule - ok 10:57:06.0764 0x0850 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 10:57:06.0764 0x0850 SCPolicySvc - ok 10:57:06.0795 0x0850 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:57:06.0795 0x0850 SDRSVC - ok 10:57:06.0827 0x0850 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:57:06.0827 0x0850 secdrv - ok 10:57:06.0842 0x0850 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 10:57:06.0842 0x0850 seclogon - ok 10:57:06.0889 0x0850 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 10:57:06.0889 0x0850 SENS - ok 10:57:06.0905 0x0850 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 10:57:06.0905 0x0850 SensrSvc - ok 10:57:06.0920 0x0850 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 10:57:06.0920 0x0850 Serenum - ok 10:57:06.0936 0x0850 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 10:57:06.0951 0x0850 Serial - ok 10:57:06.0951 0x0850 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 10:57:06.0951 0x0850 sermouse - ok 10:57:06.0983 0x0850 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 10:57:06.0983 0x0850 SessionEnv - ok 10:57:06.0998 0x0850 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:57:06.0998 0x0850 sffdisk - ok 10:57:06.0998 0x0850 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:57:06.0998 0x0850 sffp_mmc - ok 10:57:07.0014 0x0850 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:57:07.0014 0x0850 sffp_sd - ok 10:57:07.0029 0x0850 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 10:57:07.0029 0x0850 sfloppy - ok 10:57:07.0061 0x0850 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:57:07.0061 0x0850 SharedAccess - ok 10:57:07.0092 0x0850 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:57:07.0107 0x0850 ShellHWDetection - ok 10:57:07.0123 0x0850 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 10:57:07.0123 0x0850 SiSRaid2 - ok 10:57:07.0139 0x0850 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 10:57:07.0154 0x0850 SiSRaid4 - ok 10:57:07.0248 0x0850 [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 10:57:07.0248 0x0850 SkypeUpdate - ok 10:57:07.0279 0x0850 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:57:07.0279 0x0850 Smb - ok 10:57:07.0279 0x0850 [ E922286ED6677104AEBB210B9F0BF6F3, 080334BA6E82C8FC0D4EFB67313204D46C174CFEBFB2B4BD70CE503B6066EC32 ] SmbDrv C:\Windows\system32\DRIVERS\Smb_driver.sys 10:57:07.0279 0x0850 SmbDrv - ok 10:57:07.0310 0x0850 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:57:07.0310 0x0850 SNMPTRAP - ok 10:57:07.0310 0x0850 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 10:57:07.0310 0x0850 spldr - ok 10:57:07.0341 0x0850 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe 10:57:07.0341 0x0850 Spooler - ok 10:57:07.0482 0x0850 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 10:57:07.0544 0x0850 sppsvc - ok 10:57:07.0560 0x0850 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 10:57:07.0575 0x0850 sppuinotify - ok 10:57:07.0653 0x0850 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 10:57:07.0653 0x0850 SQLWriter - ok 10:57:07.0700 0x0850 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 10:57:07.0716 0x0850 srv - ok 10:57:07.0731 0x0850 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:57:07.0747 0x0850 srv2 - ok 10:57:07.0778 0x0850 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:57:07.0794 0x0850 srvnet - ok 10:57:07.0809 0x0850 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:57:07.0825 0x0850 SSDPSRV - ok 10:57:07.0841 0x0850 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:57:07.0841 0x0850 SstpSvc - ok 10:57:07.0872 0x0850 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 10:57:07.0872 0x0850 stexstor - ok 10:57:07.0903 0x0850 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 10:57:07.0919 0x0850 stisvc - ok 10:57:07.0934 0x0850 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 10:57:07.0934 0x0850 storflt - ok 10:57:07.0965 0x0850 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 10:57:07.0965 0x0850 StorSvc - ok 10:57:07.0981 0x0850 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 10:57:07.0981 0x0850 storvsc - ok 10:57:08.0012 0x0850 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 10:57:08.0012 0x0850 swenum - ok 10:57:08.0043 0x0850 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 10:57:08.0043 0x0850 swprv - ok 10:57:08.0090 0x0850 [ 92F4AFC1FDE7A4CA0C88F9143F4DD323, FF8796BD6CD15853E22FE2A7B4B10F189316A00F78E52A1BD9CE4F8667452F1B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 10:57:08.0106 0x0850 SynTP - ok 10:57:08.0184 0x0850 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 10:57:08.0215 0x0850 SysMain - ok 10:57:08.0231 0x0850 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:57:08.0231 0x0850 TabletInputService - ok 10:57:08.0262 0x0850 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 10:57:08.0262 0x0850 tap0901 - ok 10:57:08.0262 0x0850 taphss6 - ok 10:57:08.0293 0x0850 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 10:57:08.0309 0x0850 TapiSrv - ok 10:57:08.0324 0x0850 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 10:57:08.0324 0x0850 TBS - ok 10:57:08.0402 0x0850 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:57:08.0433 0x0850 Tcpip - ok 10:57:08.0511 0x0850 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 10:57:08.0543 0x0850 TCPIP6 - ok 10:57:08.0574 0x0850 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:57:08.0574 0x0850 tcpipreg - ok 10:57:08.0589 0x0850 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys 10:57:08.0589 0x0850 tdcmdpst - ok 10:57:08.0605 0x0850 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:57:08.0605 0x0850 TDPIPE - ok 10:57:08.0636 0x0850 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:57:08.0636 0x0850 TDTCP - ok 10:57:08.0652 0x0850 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:57:08.0667 0x0850 tdx - ok 10:57:08.0777 0x0850 [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe 10:57:08.0777 0x0850 Te.Service - ok 10:57:08.0792 0x0850 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 10:57:08.0792 0x0850 TermDD - ok 10:57:08.0823 0x0850 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 10:57:08.0839 0x0850 TermService - ok 10:57:08.0870 0x0850 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes C:\Windows\system32\themeservice.dll 10:57:08.0870 0x0850 Themes - ok 10:57:08.0901 0x0850 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 10:57:08.0901 0x0850 THREADORDER - ok 10:57:08.0948 0x0850 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv C:\Windows\system32\TODDSrv.exe 10:57:08.0948 0x0850 TODDSrv - ok 10:57:08.0979 0x0850 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 10:57:08.0979 0x0850 TrkWks - ok 10:57:08.0995 0x0850 [ 643F853A22B405E2D5AAB5927AE32DEC, E6A62D6E99C61A0903F671C0EB692488DA1493904ED913107D50527647F505FE ] truecrypt C:\Windows\system32\drivers\truecrypt.sys 10:57:09.0011 0x0850 truecrypt - ok 10:57:09.0073 0x0850 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:57:09.0073 0x0850 TrustedInstaller - ok 10:57:09.0104 0x0850 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:57:09.0104 0x0850 tssecsrv - ok 10:57:09.0151 0x0850 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 10:57:09.0151 0x0850 TsUsbFlt - ok 10:57:09.0167 0x0850 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 10:57:09.0167 0x0850 TsUsbGD - ok 10:57:09.0182 0x0850 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:57:09.0182 0x0850 tunnel - ok 10:57:09.0213 0x0850 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 10:57:09.0213 0x0850 uagp35 - ok 10:57:09.0229 0x0850 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:57:09.0245 0x0850 udfs - ok 10:57:09.0276 0x0850 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:57:09.0276 0x0850 UI0Detect - ok 10:57:09.0276 0x0850 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:57:09.0276 0x0850 uliagpkx - ok 10:57:09.0307 0x0850 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 10:57:09.0307 0x0850 umbus - ok 10:57:09.0323 0x0850 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 10:57:09.0323 0x0850 UmPass - ok 10:57:09.0354 0x0850 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 10:57:09.0354 0x0850 UmRdpService - ok 10:57:09.0385 0x0850 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 10:57:09.0401 0x0850 upnphost - ok 10:57:09.0432 0x0850 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 10:57:09.0432 0x0850 USBAAPL64 - ok 10:57:09.0463 0x0850 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:57:09.0463 0x0850 usbccgp - ok 10:57:09.0494 0x0850 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys 10:57:09.0494 0x0850 usbcir - ok 10:57:09.0510 0x0850 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 10:57:09.0510 0x0850 usbehci - ok 10:57:09.0525 0x0850 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:57:09.0541 0x0850 usbhub - ok 10:57:09.0557 0x0850 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:57:09.0557 0x0850 usbohci - ok 10:57:09.0572 0x0850 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:57:09.0572 0x0850 usbprint - ok 10:57:09.0588 0x0850 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 10:57:09.0588 0x0850 usbscan - ok 10:57:09.0635 0x0850 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:57:09.0635 0x0850 USBSTOR - ok 10:57:09.0650 0x0850 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 10:57:09.0650 0x0850 usbuhci - ok 10:57:09.0666 0x0850 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 10:57:09.0681 0x0850 usbvideo - ok 10:57:09.0713 0x0850 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 10:57:09.0713 0x0850 usb_rndisx - ok 10:57:09.0744 0x0850 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 10:57:09.0744 0x0850 UxSms - ok 10:57:09.0744 0x0850 uxstyle - ok 10:57:09.0759 0x0850 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe 10:57:09.0759 0x0850 VaultSvc - ok 10:57:09.0791 0x0850 [ FA778992885636644FAE843E479A6774, C43789E3500F7B20D3AA234F806EEDC77C29AD71289FA1ADA6B2527978CC58A8 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys 10:57:09.0806 0x0850 VBoxDrv - ok 10:57:09.0869 0x0850 [ 63A1DDA8A5B1229A9F7A301EF9385909, D9053B0E311C34DC5ECAEFB34B8522F34C0627FFC547B0271313F570F20B9BF8 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys 10:57:09.0869 0x0850 VBoxNetAdp - ok 10:57:09.0884 0x0850 [ 5269C8EAA3499A3D371BEA543955540F, 4E02FC198F1F4E202989628657658C5354C4F9B2CA37A49425C7A617A8DD85A2 ] VBoxNetLwf C:\Windows\system32\DRIVERS\VBoxNetLwf.sys 10:57:09.0884 0x0850 VBoxNetLwf - ok 10:57:09.0884 0x0850 [ 38450E440C613D0C88FD29716E159F68, 797DB2242E5AC2D126130E295B4AF832A394AAC43F0E21811CC94EE8A009C479 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 10:57:09.0900 0x0850 VBoxUSBMon - ok 10:57:09.0900 0x0850 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys 10:57:09.0900 0x0850 VClone - ok 10:57:09.0931 0x0850 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 10:57:09.0931 0x0850 vdrvroot - ok 10:57:09.0978 0x0850 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 10:57:09.0978 0x0850 vds - ok 10:57:09.0993 0x0850 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:57:09.0993 0x0850 vga - ok 10:57:10.0009 0x0850 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 10:57:10.0009 0x0850 VgaSave - ok 10:57:10.0025 0x0850 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 10:57:10.0025 0x0850 vhdmp - ok 10:57:10.0056 0x0850 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 10:57:10.0056 0x0850 viaide - ok 10:57:10.0087 0x0850 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 10:57:10.0087 0x0850 vmbus - ok 10:57:10.0103 0x0850 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 10:57:10.0103 0x0850 VMBusHID - ok 10:57:10.0118 0x0850 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:57:10.0118 0x0850 volmgr - ok 10:57:10.0134 0x0850 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:57:10.0149 0x0850 volmgrx - ok 10:57:10.0165 0x0850 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:57:10.0181 0x0850 volsnap - ok 10:57:10.0227 0x0850 [ 9B4F6978628D07FAEBF77FF6F8F2960D, FC36FE6BE77445D55E4E92CE3EAF172E253EC8CF8D2EBCA204969CF21FFA5600 ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe 10:57:10.0227 0x0850 VsEtwService120 - ok 10:57:10.0259 0x0850 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 10:57:10.0259 0x0850 vsmraid - ok 10:57:10.0337 0x0850 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 10:57:10.0352 0x0850 VSS - ok 10:57:10.0368 0x0850 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 10:57:10.0368 0x0850 vwifibus - ok 10:57:10.0384 0x0850 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 10:57:10.0384 0x0850 vwififlt - ok 10:57:10.0399 0x0850 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 10:57:10.0415 0x0850 W32Time - ok 10:57:10.0446 0x0850 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 10:57:10.0446 0x0850 WacomPen - ok 10:57:10.0462 0x0850 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 10:57:10.0462 0x0850 WANARP - ok 10:57:10.0462 0x0850 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:57:10.0462 0x0850 Wanarpv6 - ok 10:57:10.0524 0x0850 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 10:57:10.0555 0x0850 wbengine - ok 10:57:10.0586 0x0850 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 10:57:10.0586 0x0850 WbioSrvc - ok 10:57:10.0602 0x0850 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:57:10.0602 0x0850 wcncsvc - ok 10:57:10.0649 0x0850 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:57:10.0649 0x0850 WcsPlugInService - ok 10:57:10.0680 0x0850 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 10:57:10.0680 0x0850 Wd - ok 10:57:10.0742 0x0850 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:57:10.0758 0x0850 Wdf01000 - ok 10:57:10.0789 0x0850 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:57:10.0789 0x0850 WdiServiceHost - ok 10:57:10.0805 0x0850 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:57:10.0805 0x0850 WdiSystemHost - ok 10:57:10.0820 0x0850 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll 10:57:10.0820 0x0850 WebClient - ok 10:57:10.0836 0x0850 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:57:10.0852 0x0850 Wecsvc - ok 10:57:10.0867 0x0850 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:57:10.0867 0x0850 wercplsupport - ok 10:57:10.0883 0x0850 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 10:57:10.0883 0x0850 WerSvc - ok 10:57:10.0898 0x0850 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 10:57:10.0898 0x0850 WfpLwf - ok 10:57:10.0914 0x0850 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 10:57:10.0914 0x0850 WIMMount - ok 10:57:10.0930 0x0850 WinDefend - ok 10:57:10.0945 0x0850 WinHttpAutoProxySvc - ok 10:57:11.0008 0x0850 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:57:11.0008 0x0850 Winmgmt - ok 10:57:11.0086 0x0850 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 10:57:11.0117 0x0850 WinRM - ok 10:57:11.0164 0x0850 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 10:57:11.0164 0x0850 WinUsb - ok 10:57:11.0210 0x0850 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 10:57:11.0226 0x0850 Wlansvc - ok 10:57:11.0242 0x0850 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:57:11.0242 0x0850 WmiAcpi - ok 10:57:11.0304 0x0850 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:57:11.0304 0x0850 wmiApSrv - ok 10:57:11.0335 0x0850 WMPNetworkSvc - ok 10:57:11.0351 0x0850 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:57:11.0351 0x0850 WPCSvc - ok 10:57:11.0366 0x0850 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:57:11.0366 0x0850 WPDBusEnum - ok 10:57:11.0398 0x0850 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:57:11.0398 0x0850 ws2ifsl - ok 10:57:11.0413 0x0850 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 10:57:11.0429 0x0850 wscsvc - ok 10:57:11.0429 0x0850 WSearch - ok 10:57:11.0538 0x0850 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 10:57:11.0569 0x0850 wuauserv - ok 10:57:11.0585 0x0850 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 10:57:11.0600 0x0850 WudfPf - ok 10:57:11.0600 0x0850 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:57:11.0616 0x0850 WUDFRd - ok 10:57:11.0632 0x0850 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:57:11.0632 0x0850 wudfsvc - ok 10:57:11.0663 0x0850 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll 10:57:11.0663 0x0850 WwanSvc - ok 10:57:11.0678 0x0850 ================ Scan global =============================== 10:57:11.0710 0x0850 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 10:57:11.0756 0x0850 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 10:57:11.0772 0x0850 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 10:57:11.0788 0x0850 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 10:57:11.0819 0x0850 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 10:57:11.0819 0x0850 [ Global ] - ok 10:57:11.0819 0x0850 ================ Scan MBR ================================== 10:57:11.0834 0x0850 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 10:57:12.0022 0x0850 \Device\Harddisk0\DR0 - ok 10:57:12.0022 0x0850 ================ Scan VBR ================================== 10:57:12.0022 0x0850 [ 3843FF536F141C77423BBB9EB9D1F932 ] \Device\Harddisk0\DR0\Partition1 10:57:12.0068 0x0850 \Device\Harddisk0\DR0\Partition1 - ok 10:57:12.0068 0x0850 [ 3622C9273DABFBC340D8A77BD0AB7222 ] \Device\Harddisk0\DR0\Partition2 10:57:12.0115 0x0850 \Device\Harddisk0\DR0\Partition2 - ok 10:57:12.0115 0x0850 ================ Scan generic autorun ====================== 10:57:12.0115 0x0850 SynTPEnh - ok 10:57:12.0302 0x0850 [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 10:57:12.0318 0x0850 AdobeAAMUpdater-1.0 - ok 10:57:12.0396 0x0850 InstallerLauncher - ok 10:57:12.0490 0x0850 [ 1B6E310EA9D99D340D00D7954F42E1E4, 123B77ED9A42F84B6F621C5835E20E9458C6A4BEFFE30B1B000E17EE283B640A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 10:57:12.0490 0x0850 StartCCC - ok 10:57:12.0536 0x0850 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe 10:57:12.0552 0x0850 QuickTime Task - ok 10:57:12.0661 0x0850 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe 10:57:12.0677 0x0850 AdobeCS6ServiceManager - ok 10:57:12.0724 0x0850 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 10:57:12.0724 0x0850 VirtualCloneDrive - ok 10:57:12.0786 0x0850 [ 1D8F25EB5405C8FFFA0DE6EE4E139841, E7D22C1F3694F5B993469308F8750DE575AB27A4388897803632AB91C0D3CEB9 ] C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe 10:57:12.0786 0x0850 bdruninstaller - ok 10:57:12.0848 0x0850 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 10:57:12.0848 0x0850 SunJavaUpdateSched - ok 10:57:12.0911 0x0850 [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 10:57:12.0926 0x0850 Adobe ARM - ok 10:57:12.0989 0x0850 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:57:13.0004 0x0850 Sidebar - ok 10:57:13.0036 0x0850 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:57:13.0036 0x0850 mctadmin - ok 10:57:13.0067 0x0850 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:57:13.0098 0x0850 Sidebar - ok 10:57:13.0098 0x0850 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32 |
|
01.09.2015, 10:22
| #5 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild TDSS KILLER LOG 3/3: Code:
ATTFilter \mctadmin.exe 10:57:13.0098 0x0850 mctadmin - ok 10:57:13.0238 0x0850 [ 8150D92888E57CFBC48119DD32ABE7AA, 1F3B344B3755892549E319906C721603388722D436648067322F8B5090A1AC28 ] C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe 10:57:13.0270 0x0850 uTorrent - ok 10:57:13.0332 0x0850 Skype - ok 10:57:13.0394 0x0850 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated ) 10:57:13.0394 0x0850 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled ) 10:57:13.0394 0x0850 ============================================================ 10:57:13.0394 0x0850 Scan finished 10:57:13.0394 0x0850 ============================================================ 10:57:13.0394 0x0504 Detected object count: 0 10:57:13.0394 0x0504 Actual detected object count: 0 10:59:04.0953 0x0510 ============================================================ 10:59:04.0953 0x0510 Scan started 10:59:04.0953 0x0510 Mode: Manual; SigCheck; TDLFS; 10:59:04.0953 0x0510 ============================================================ 10:59:04.0953 0x0510 KSN ping started 10:59:08.0322 0x0510 KSN ping finished: true 10:59:09.0036 0x0510 ================ Scan system memory ======================== 10:59:09.0036 0x0510 System memory - ok 10:59:09.0037 0x0510 ================ Scan services ============================= 10:59:09.0135 0x0510 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 10:59:09.0437 0x0510 1394ohci - ok 10:59:09.0455 0x0510 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 10:59:09.0469 0x0510 ACPI - ok 10:59:09.0493 0x0510 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 10:59:09.0595 0x0510 AcpiPmi - ok 10:59:09.0692 0x0510 [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 10:59:09.0700 0x0510 AdobeARMservice - ok 10:59:09.0737 0x0510 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 10:59:09.0754 0x0510 adp94xx - ok 10:59:09.0785 0x0510 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 10:59:09.0799 0x0510 adpahci - ok 10:59:09.0813 0x0510 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 10:59:09.0823 0x0510 adpu320 - ok 10:59:09.0845 0x0510 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 10:59:10.0013 0x0510 AeLookupSvc - ok 10:59:10.0062 0x0510 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys 10:59:10.0177 0x0510 AFD - ok 10:59:10.0207 0x0510 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 10:59:10.0215 0x0510 agp440 - ok 10:59:10.0232 0x0510 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 10:59:10.0313 0x0510 ALG - ok 10:59:10.0321 0x0510 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 10:59:10.0328 0x0510 aliide - ok 10:59:10.0370 0x0510 [ 2437C0697BA89FC5FCF2ADE491BDC2B3, D29D34C1A1CA2F5773C64B2914113E62DD5990CC1FA92C6056EB956003761D7D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 10:59:10.0462 0x0510 AMD External Events Utility - ok 10:59:10.0476 0x0510 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 10:59:10.0483 0x0510 amdide - ok 10:59:10.0499 0x0510 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 10:59:10.0535 0x0510 AmdK8 - ok 10:59:10.0920 0x0510 [ 184F11D8B76FACFE16390C4C47D32B5D, 712A89DD1E803254A206A796C134E1B9F5BAAF54303591BDA384AD7754FAD6AF ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 10:59:11.0255 0x0510 amdkmdag - ok 10:59:11.0301 0x0510 [ 54BC6F0E471033D8B22FB5E5BEA343EE, D8D75D2B43BBD4CF6B773BF01F4013F4F2BAD0807561A9CE2042FA0D575A69D0 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 10:59:11.0349 0x0510 amdkmdap - ok 10:59:11.0397 0x0510 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 10:59:11.0447 0x0510 AmdPPM - ok 10:59:11.0472 0x0510 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys 10:59:11.0481 0x0510 amdsata - ok 10:59:11.0494 0x0510 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 10:59:11.0505 0x0510 amdsbs - ok 10:59:11.0520 0x0510 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys 10:59:11.0527 0x0510 amdxata - ok 10:59:11.0543 0x0510 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 10:59:11.0695 0x0510 AppID - ok 10:59:11.0717 0x0510 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 10:59:11.0787 0x0510 AppIDSvc - ok 10:59:11.0835 0x0510 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 10:59:11.0918 0x0510 Appinfo - ok 10:59:11.0951 0x0510 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll 10:59:12.0037 0x0510 AppMgmt - ok 10:59:12.0048 0x0510 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 10:59:12.0057 0x0510 arc - ok 10:59:12.0081 0x0510 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 10:59:12.0090 0x0510 arcsas - ok 10:59:12.0212 0x0510 [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 10:59:12.0221 0x0510 aspnet_state - ok 10:59:12.0237 0x0510 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 10:59:12.0309 0x0510 AsyncMac - ok 10:59:12.0344 0x0510 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 10:59:12.0355 0x0510 atapi - ok 10:59:12.0439 0x0510 [ DE9FB3DADE8FD39AE2C587DF22D36B8E, 5315448D41661E625D51330E689139E914E7173DF1F8593C9F81ABC959F5F85D ] athr C:\Windows\system32\DRIVERS\athrx.sys 10:59:12.0571 0x0510 athr - ok 10:59:12.0590 0x0510 [ 2B3B05C0A7768BF033217EB8F33F9C35, F7B13158440CAE46EC93F29BA47A960194A5A2AD71B5BF628AF4661CEE096402 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 10:59:12.0610 0x0510 AtiHDAudioService - ok 10:59:12.0654 0x0510 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 10:59:12.0738 0x0510 AudioEndpointBuilder - ok 10:59:12.0788 0x0510 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll 10:59:12.0830 0x0510 AudioSrv - ok 10:59:12.0912 0x0510 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe 10:59:12.0924 0x0510 AVP15.0.0 - ok 10:59:12.0945 0x0510 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 10:59:13.0067 0x0510 AxInstSV - ok 10:59:13.0109 0x0510 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 10:59:13.0193 0x0510 b06bdrv - ok 10:59:13.0209 0x0510 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 10:59:13.0259 0x0510 b57nd60a - ok 10:59:13.0301 0x0510 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 10:59:13.0383 0x0510 BDESVC - ok 10:59:13.0393 0x0510 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 10:59:13.0420 0x0510 Beep - ok 10:59:13.0450 0x0510 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 10:59:13.0530 0x0510 BFE - ok 10:59:13.0579 0x0510 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 10:59:13.0652 0x0510 BITS - ok 10:59:13.0688 0x0510 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 10:59:13.0726 0x0510 blbdrive - ok 10:59:13.0772 0x0510 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 10:59:13.0837 0x0510 bowser - ok 10:59:13.0860 0x0510 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 10:59:13.0907 0x0510 BrFiltLo - ok 10:59:13.0933 0x0510 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 10:59:13.0943 0x0510 BrFiltUp - ok 10:59:13.0986 0x0510 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 10:59:14.0049 0x0510 Browser - ok 10:59:14.0080 0x0510 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 10:59:14.0158 0x0510 Brserid - ok 10:59:14.0174 0x0510 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 10:59:14.0221 0x0510 BrSerWdm - ok 10:59:14.0236 0x0510 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 10:59:14.0283 0x0510 BrUsbMdm - ok 10:59:14.0314 0x0510 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 10:59:14.0345 0x0510 BrUsbSer - ok 10:59:14.0392 0x0510 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 10:59:14.0423 0x0510 BthEnum - ok 10:59:14.0455 0x0510 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 10:59:14.0501 0x0510 BTHMODEM - ok 10:59:14.0548 0x0510 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 10:59:14.0579 0x0510 BthPan - ok 10:59:14.0626 0x0510 [ 0D25B6D300BA26A5F2C3B2A8E96B158B, 45C4D18367BDBD85D442221286FE4E9EBC053F1927A32403B2DEBF95AD4E6676 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 10:59:14.0673 0x0510 BTHPORT - ok 10:59:14.0720 0x0510 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 10:59:14.0751 0x0510 bthserv - ok 10:59:14.0798 0x0510 [ 1F9912F8EC5BFA53432E71E150636A8A, D8DE353FA5A6B95EA1CBC79731657044C09BED38B831B8365DCCA8A6DEA67111 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 10:59:14.0798 0x0510 BTHUSB - ok 10:59:14.0829 0x0510 c2wts - ok 10:59:14.0845 0x0510 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 10:59:14.0938 0x0510 cdfs - ok 10:59:14.0985 0x0510 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 10:59:14.0985 0x0510 cdrom - ok 10:59:15.0016 0x0510 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 10:59:15.0063 0x0510 CertPropSvc - ok 10:59:15.0094 0x0510 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 10:59:15.0141 0x0510 circlass - ok 10:59:15.0188 0x0510 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 10:59:15.0203 0x0510 CLFS - ok 10:59:15.0250 0x0510 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 10:59:15.0266 0x0510 clr_optimization_v2.0.50727_32 - ok 10:59:15.0281 0x0510 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 10:59:15.0297 0x0510 clr_optimization_v2.0.50727_64 - ok 10:59:15.0391 0x0510 [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 10:59:15.0391 0x0510 clr_optimization_v4.0.30319_32 - ok 10:59:15.0406 0x0510 [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 10:59:15.0422 0x0510 clr_optimization_v4.0.30319_64 - ok 10:59:15.0437 0x0510 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 10:59:15.0469 0x0510 CmBatt - ok 10:59:15.0500 0x0510 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 10:59:15.0500 0x0510 cmdide - ok 10:59:15.0562 0x0510 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 10:59:15.0578 0x0510 CNG - ok 10:59:15.0609 0x0510 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 10:59:15.0609 0x0510 Compbatt - ok 10:59:15.0640 0x0510 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 10:59:15.0671 0x0510 CompositeBus - ok 10:59:15.0671 0x0510 COMSysApp - ok 10:59:15.0781 0x0510 [ F4FD82F5D6617A45CC3C4B9D4E7DF2C0, 7FD97E17246F53DC191009BE0B434E89C5B9A937D3909FB1A6C43F64822B7421 ] CPUCooLServer C:\Program Files (x86)\CPUCooL\CooLSrv.exe 10:59:15.0843 0x0510 CPUCooLServer - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:15.0843 0x0510 Detect skipped due to KSN trusted 10:59:15.0843 0x0510 CPUCooLServer - ok 10:59:15.0874 0x0510 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 10:59:15.0874 0x0510 crcdisk - ok 10:59:15.0921 0x0510 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 10:59:16.0015 0x0510 CryptSvc - ok 10:59:16.0046 0x0510 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys 10:59:16.0124 0x0510 CSC - ok 10:59:16.0155 0x0510 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll 10:59:16.0202 0x0510 CscService - ok 10:59:16.0249 0x0510 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 10:59:16.0327 0x0510 DcomLaunch - ok 10:59:16.0358 0x0510 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 10:59:16.0420 0x0510 defragsvc - ok 10:59:16.0451 0x0510 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 10:59:16.0514 0x0510 DfsC - ok 10:59:16.0545 0x0510 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 10:59:16.0607 0x0510 Dhcp - ok 10:59:16.0654 0x0510 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 10:59:16.0717 0x0510 discache - ok 10:59:16.0763 0x0510 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 10:59:16.0763 0x0510 Disk - ok 10:59:16.0779 0x0510 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys 10:59:16.0841 0x0510 dmvsc - ok 10:59:16.0873 0x0510 [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache C:\Windows\System32\dnsrslvr.dll 10:59:16.0919 0x0510 Dnscache - ok 10:59:16.0951 0x0510 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 10:59:17.0013 0x0510 dot3svc - ok 10:59:17.0044 0x0510 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 10:59:17.0075 0x0510 DPS - ok 10:59:17.0107 0x0510 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 10:59:17.0169 0x0510 drmkaud - ok 10:59:17.0231 0x0510 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 10:59:17.0263 0x0510 DXGKrnl - ok 10:59:17.0278 0x0510 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 10:59:17.0341 0x0510 EapHost - ok 10:59:17.0465 0x0510 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 10:59:17.0621 0x0510 ebdrv - ok 10:59:17.0668 0x0510 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe 10:59:17.0731 0x0510 EFS - ok 10:59:17.0793 0x0510 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 10:59:17.0887 0x0510 ehRecvr - ok 10:59:17.0902 0x0510 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 10:59:17.0949 0x0510 ehSched - ok 10:59:17.0980 0x0510 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 10:59:17.0980 0x0510 ElbyCDIO - ok 10:59:18.0027 0x0510 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 10:59:18.0043 0x0510 elxstor - ok 10:59:18.0058 0x0510 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 10:59:18.0089 0x0510 ErrDev - ok 10:59:18.0152 0x0510 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 10:59:18.0214 0x0510 EventSystem - ok 10:59:18.0245 0x0510 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 10:59:18.0277 0x0510 exfat - ok 10:59:18.0308 0x0510 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 10:59:18.0355 0x0510 fastfat - ok 10:59:18.0417 0x0510 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 10:59:18.0511 0x0510 Fax - ok 10:59:18.0526 0x0510 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 10:59:18.0557 0x0510 fdc - ok 10:59:18.0589 0x0510 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 10:59:18.0620 0x0510 fdPHost - ok 10:59:18.0635 0x0510 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 10:59:18.0651 0x0510 FDResPub - ok 10:59:18.0682 0x0510 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 10:59:18.0682 0x0510 FileInfo - ok 10:59:18.0698 0x0510 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 10:59:18.0745 0x0510 Filetrace - ok 10:59:18.0776 0x0510 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 10:59:18.0776 0x0510 flpydisk - ok 10:59:18.0791 0x0510 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 10:59:18.0807 0x0510 FltMgr - ok 10:59:18.0869 0x0510 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 10:59:18.0932 0x0510 FontCache - ok 10:59:18.0979 0x0510 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 10:59:18.0979 0x0510 FontCache3.0.0.0 - ok 10:59:19.0010 0x0510 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 10:59:19.0025 0x0510 FsDepends - ok 10:59:19.0057 0x0510 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 10:59:19.0072 0x0510 Fs_Rec - ok 10:59:19.0197 0x0510 [ 014195B03B378CFEAA029958CBC53695, 0F069F37CF83234929D618A78A58F369D0D033A4ABBC4AD02D37825E9857B731 ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe 10:59:19.0228 0x0510 fussvc - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:19.0291 0x0510 fussvc ( UnsignedFile.Multi.Generic ) - warning 10:59:19.0306 0x0510 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 10:59:19.0322 0x0510 fvevol - ok 10:59:19.0337 0x0510 [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys 10:59:19.0384 0x0510 FwLnk - ok 10:59:19.0400 0x0510 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 10:59:19.0415 0x0510 gagp30kx - ok 10:59:19.0462 0x0510 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 10:59:19.0509 0x0510 gpsvc - ok 10:59:19.0525 0x0510 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 10:59:19.0634 0x0510 hcw85cir - ok 10:59:19.0665 0x0510 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 10:59:19.0712 0x0510 HdAudAddService - ok 10:59:19.0743 0x0510 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 10:59:19.0774 0x0510 HDAudBus - ok 10:59:19.0821 0x0510 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 10:59:19.0852 0x0510 HidBatt - ok 10:59:19.0883 0x0510 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 10:59:19.0930 0x0510 HidBth - ok 10:59:19.0961 0x0510 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 10:59:19.0961 0x0510 HidIr - ok 10:59:20.0008 0x0510 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 10:59:20.0039 0x0510 hidserv - ok 10:59:20.0071 0x0510 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 10:59:20.0086 0x0510 HidUsb - ok 10:59:20.0164 0x0510 [ F35FCF9824E02F82B21D4DAD2C8311C1, C16B8CB58FB52A9F6CFDB1F488A1644620C4088F9D16AA02968F128010767D34 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe 10:59:20.0164 0x0510 HitmanProScheduler - ok 10:59:20.0195 0x0510 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 10:59:20.0258 0x0510 hkmsvc - ok 10:59:20.0273 0x0510 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 10:59:20.0367 0x0510 HomeGroupListener - ok 10:59:20.0398 0x0510 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 10:59:20.0429 0x0510 HomeGroupProvider - ok 10:59:20.0476 0x0510 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 10:59:20.0492 0x0510 HpSAMD - ok 10:59:20.0523 0x0510 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 10:59:20.0585 0x0510 HTTP - ok 10:59:20.0617 0x0510 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 10:59:20.0617 0x0510 hwpolicy - ok 10:59:20.0695 0x0510 [ 661FB04A7F7A3E2F1AAD07710B0692F7, A58B6A8FE9BF470426E92042A27BEFA26CC8B881967030B58D3BFA155CDF9AA4 ] i2p C:\Program Files (x86)\i2p\I2Psvc.exe 10:59:20.0726 0x0510 i2p - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:20.0726 0x0510 i2p ( UnsignedFile.Multi.Generic ) - warning 10:59:20.0757 0x0510 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 10:59:20.0773 0x0510 i8042prt - ok 10:59:20.0804 0x0510 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 10:59:20.0819 0x0510 iaStorV - ok 10:59:20.0897 0x0510 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 10:59:20.0929 0x0510 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:20.0929 0x0510 IDriverT ( UnsignedFile.Multi.Generic ) - warning 10:59:21.0007 0x0510 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 10:59:21.0022 0x0510 idsvc - ok 10:59:21.0053 0x0510 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 10:59:21.0053 0x0510 iirsp - ok 10:59:21.0116 0x0510 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 10:59:21.0163 0x0510 IKEEXT - ok 10:59:21.0209 0x0510 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 10:59:21.0209 0x0510 intelide - ok 10:59:21.0225 0x0510 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 10:59:21.0256 0x0510 intelppm - ok 10:59:21.0303 0x0510 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 10:59:21.0365 0x0510 IPBusEnum - ok 10:59:21.0381 0x0510 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 10:59:21.0412 0x0510 IpFilterDriver - ok 10:59:21.0443 0x0510 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 10:59:21.0506 0x0510 iphlpsvc - ok 10:59:21.0537 0x0510 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 10:59:21.0553 0x0510 IPMIDRV - ok 10:59:21.0568 0x0510 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 10:59:21.0615 0x0510 IPNAT - ok 10:59:21.0646 0x0510 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 10:59:21.0677 0x0510 IRENUM - ok 10:59:21.0709 0x0510 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 10:59:21.0724 0x0510 isapnp - ok 10:59:21.0755 0x0510 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 10:59:21.0755 0x0510 iScsiPrt - ok 10:59:21.0771 0x0510 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 10:59:21.0787 0x0510 kbdclass - ok 10:59:21.0802 0x0510 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 10:59:21.0833 0x0510 kbdhid - ok 10:59:21.0865 0x0510 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe 10:59:21.0865 0x0510 KeyIso - ok 10:59:21.0927 0x0510 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 10:59:21.0943 0x0510 kl1 - ok 10:59:21.0989 0x0510 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\Windows\system32\DRIVERS\klflt.sys 10:59:21.0989 0x0510 klflt - ok 10:59:22.0036 0x0510 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\Windows\system32\DRIVERS\klhk.sys 10:59:22.0052 0x0510 klhk - ok 10:59:22.0114 0x0510 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys 10:59:22.0130 0x0510 KLIF - ok 10:59:22.0161 0x0510 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 10:59:22.0177 0x0510 KLIM6 - ok 10:59:22.0177 0x0510 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 10:59:22.0192 0x0510 klkbdflt - ok 10:59:22.0192 0x0510 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 10:59:22.0192 0x0510 klmouflt - ok 10:59:22.0208 0x0510 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys 10:59:22.0208 0x0510 klpd - ok 10:59:22.0223 0x0510 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 10:59:22.0239 0x0510 kltdi - ok 10:59:22.0255 0x0510 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys 10:59:22.0270 0x0510 kneps - ok 10:59:22.0301 0x0510 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 10:59:22.0317 0x0510 KSecDD - ok 10:59:22.0333 0x0510 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 10:59:22.0348 0x0510 KSecPkg - ok 10:59:22.0364 0x0510 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 10:59:22.0411 0x0510 ksthunk - ok 10:59:22.0458 0x0510 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 10:59:22.0520 0x0510 KtmRm - ok 10:59:22.0567 0x0510 [ 3CE6A9BEF066BF9488E6BC4D6C62F77E, CDE0A0DCD9A5A2E49DE55E720B5A6FFF502EE139C0EC8793638560E75BF2118C ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 10:59:22.0567 0x0510 L1C - ok 10:59:22.0582 0x0510 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 10:59:22.0645 0x0510 LanmanServer - ok 10:59:22.0676 0x0510 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 10:59:22.0738 0x0510 LanmanWorkstation - ok 10:59:22.0770 0x0510 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 10:59:22.0816 0x0510 lltdio - ok 10:59:22.0848 0x0510 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 10:59:22.0894 0x0510 lltdsvc - ok 10:59:22.0910 0x0510 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 10:59:22.0957 0x0510 lmhosts - ok 10:59:22.0988 0x0510 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 10:59:23.0004 0x0510 LSI_FC - ok 10:59:23.0019 0x0510 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 10:59:23.0019 0x0510 LSI_SAS - ok 10:59:23.0035 0x0510 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 10:59:23.0050 0x0510 LSI_SAS2 - ok 10:59:23.0082 0x0510 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 10:59:23.0097 0x0510 LSI_SCSI - ok 10:59:23.0128 0x0510 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 10:59:23.0175 0x0510 luafv - ok 10:59:23.0206 0x0510 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 10:59:23.0206 0x0510 MBAMProtector - ok 10:59:23.0316 0x0510 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe 10:59:23.0362 0x0510 MBAMScheduler - ok 10:59:23.0409 0x0510 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 10:59:23.0440 0x0510 MBAMService - ok 10:59:23.0456 0x0510 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 10:59:23.0456 0x0510 MBAMWebAccessControl - ok 10:59:23.0487 0x0510 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 10:59:23.0518 0x0510 Mcx2Svc - ok 10:59:23.0565 0x0510 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 10:59:23.0565 0x0510 megasas - ok 10:59:23.0581 0x0510 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 10:59:23.0596 0x0510 MegaSR - ok 10:59:23.0628 0x0510 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 10:59:23.0690 0x0510 MMCSS - ok 10:59:23.0706 0x0510 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 10:59:23.0752 0x0510 Modem - ok 10:59:23.0784 0x0510 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 10:59:23.0830 0x0510 monitor - ok 10:59:23.0846 0x0510 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 10:59:23.0862 0x0510 mouclass - ok 10:59:23.0862 0x0510 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 10:59:23.0893 0x0510 mouhid - ok 10:59:23.0924 0x0510 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 10:59:23.0940 0x0510 mountmgr - ok 10:59:23.0986 0x0510 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 10:59:24.0002 0x0510 MozillaMaintenance - ok 10:59:24.0018 0x0510 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 10:59:24.0033 0x0510 mpio - ok 10:59:24.0064 0x0510 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 10:59:24.0111 0x0510 mpsdrv - ok 10:59:24.0189 0x0510 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 10:59:24.0236 0x0510 MpsSvc - ok 10:59:24.0252 0x0510 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 10:59:24.0283 0x0510 MRxDAV - ok 10:59:24.0330 0x0510 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 10:59:24.0392 0x0510 mrxsmb - ok 10:59:24.0408 0x0510 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 10:59:24.0423 0x0510 mrxsmb10 - ok 10:59:24.0439 0x0510 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 10:59:24.0439 0x0510 mrxsmb20 - ok 10:59:24.0454 0x0510 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 10:59:24.0470 0x0510 msahci - ok 10:59:24.0486 0x0510 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 10:59:24.0486 0x0510 msdsm - ok 10:59:24.0626 0x0510 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 10:59:24.0673 0x0510 MSDTC - ok 10:59:24.0704 0x0510 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 10:59:24.0751 0x0510 Msfs - ok 10:59:24.0782 0x0510 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 10:59:24.0829 0x0510 mshidkmdf - ok 10:59:24.0860 0x0510 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 10:59:24.0876 0x0510 msisadrv - ok 10:59:24.0891 0x0510 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 10:59:24.0954 0x0510 MSiSCSI - ok 10:59:24.0954 0x0510 msiserver - ok 10:59:24.0969 0x0510 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 10:59:25.0032 0x0510 MSKSSRV - ok 10:59:25.0063 0x0510 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 10:59:25.0125 0x0510 MSPCLOCK - ok 10:59:25.0156 0x0510 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 10:59:25.0203 0x0510 MSPQM - ok 10:59:25.0250 0x0510 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 10:59:25.0266 0x0510 MsRPC - ok 10:59:25.0266 0x0510 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 10:59:25.0281 0x0510 mssmbios - ok 10:59:25.0281 0x0510 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 10:59:25.0344 0x0510 MSTEE - ok 10:59:25.0359 0x0510 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 10:59:25.0390 0x0510 MTConfig - ok 10:59:25.0437 0x0510 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 10:59:25.0437 0x0510 Mup - ok 10:59:25.0468 0x0510 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 10:59:25.0531 0x0510 napagent - ok 10:59:25.0578 0x0510 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 10:59:25.0593 0x0510 NativeWifiP - ok 10:59:25.0624 0x0510 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys 10:59:25.0656 0x0510 NDIS - ok 10:59:25.0671 0x0510 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 10:59:25.0718 0x0510 NdisCap - ok 10:59:25.0749 0x0510 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 10:59:25.0765 0x0510 NdisTapi - ok 10:59:25.0780 0x0510 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 10:59:25.0858 0x0510 Ndisuio - ok 10:59:25.0890 0x0510 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 10:59:25.0952 0x0510 NdisWan - ok 10:59:25.0968 0x0510 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 10:59:25.0999 0x0510 NDProxy - ok 10:59:26.0046 0x0510 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys 10:59:26.0077 0x0510 Netaapl - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:26.0077 0x0510 Netaapl ( UnsignedFile.Multi.Generic ) - warning 10:59:26.0108 0x0510 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 10:59:26.0155 0x0510 NetBIOS - ok 10:59:26.0202 0x0510 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 10:59:26.0233 0x0510 NetBT - ok 10:59:26.0248 0x0510 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe 10:59:26.0248 0x0510 Netlogon - ok 10:59:26.0280 0x0510 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 10:59:26.0342 0x0510 Netman - ok 10:59:26.0389 0x0510 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:59:26.0389 0x0510 NetMsmqActivator - ok 10:59:26.0404 0x0510 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:59:26.0404 0x0510 NetPipeActivator - ok 10:59:26.0451 0x0510 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 10:59:26.0529 0x0510 netprofm - ok 10:59:26.0529 0x0510 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:59:26.0545 0x0510 NetTcpActivator - ok 10:59:26.0545 0x0510 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 10:59:26.0560 0x0510 NetTcpPortSharing - ok 10:59:26.0592 0x0510 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 10:59:26.0607 0x0510 nfrd960 - ok 10:59:26.0638 0x0510 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll 10:59:26.0685 0x0510 NlaSvc - ok 10:59:26.0732 0x0510 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] npf C:\Windows\system32\drivers\npf.sys 10:59:26.0732 0x0510 npf - ok 10:59:26.0748 0x0510 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 10:59:26.0763 0x0510 Npfs - ok 10:59:26.0779 0x0510 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 10:59:26.0841 0x0510 nsi - ok 10:59:26.0872 0x0510 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 10:59:26.0919 0x0510 nsiproxy - ok 10:59:26.0997 0x0510 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 10:59:27.0044 0x0510 Ntfs - ok 10:59:27.0075 0x0510 [ 69E894C5A09C6A6E6372E35653BB05F3, D377E6D7AF16468559C36D2145FE3AF5D696B57CC9F8A0D47489923D723B8D9D ] ntiopnp C:\Windows\system32\drivers\ntiopnp.sys 10:59:27.0091 0x0510 ntiopnp - ok 10:59:27.0122 0x0510 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 10:59:27.0169 0x0510 Null - ok 10:59:27.0200 0x0510 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys 10:59:27.0200 0x0510 nvraid - ok 10:59:27.0216 0x0510 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys 10:59:27.0216 0x0510 nvstor - ok 10:59:27.0231 0x0510 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 10:59:27.0247 0x0510 nv_agp - ok 10:59:27.0262 0x0510 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 10:59:27.0294 0x0510 ohci1394 - ok 10:59:27.0356 0x0510 [ 0227755477E6B0CECE8CFFF2E6AFEDC0, 9D2B615238CAB50BF0B2E74A1A39CC0258E5AF4F03E4582A353B35E16E7D831A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe 10:59:27.0356 0x0510 OpenVPNService - ok 10:59:27.0387 0x0510 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 10:59:27.0465 0x0510 p2pimsvc - ok 10:59:27.0496 0x0510 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 10:59:27.0528 0x0510 p2psvc - ok 10:59:27.0559 0x0510 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 10:59:27.0590 0x0510 Parport - ok 10:59:27.0637 0x0510 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 10:59:27.0637 0x0510 partmgr - ok 10:59:27.0668 0x0510 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 10:59:27.0699 0x0510 PcaSvc - ok 10:59:27.0746 0x0510 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 10:59:27.0746 0x0510 pci - ok 10:59:27.0762 0x0510 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 10:59:27.0762 0x0510 pciide - ok 10:59:27.0793 0x0510 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 10:59:27.0808 0x0510 pcmcia - ok 10:59:27.0824 0x0510 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 10:59:27.0824 0x0510 pcw - ok 10:59:27.0855 0x0510 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 10:59:27.0918 0x0510 PEAUTH - ok 10:59:27.0996 0x0510 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 10:59:28.0089 0x0510 PeerDistSvc - ok 10:59:28.0167 0x0510 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 10:59:28.0183 0x0510 PerfHost - ok 10:59:28.0198 0x0510 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys 10:59:28.0198 0x0510 PGEffect - ok 10:59:28.0276 0x0510 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 10:59:28.0370 0x0510 pla - ok 10:59:28.0432 0x0510 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 10:59:28.0510 0x0510 PlugPlay - ok 10:59:28.0510 0x0510 PnkBstrA - ok 10:59:28.0542 0x0510 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 10:59:28.0573 0x0510 PNRPAutoReg - ok 10:59:28.0620 0x0510 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 10:59:28.0635 0x0510 PNRPsvc - ok 10:59:28.0651 0x0510 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 10:59:28.0729 0x0510 PolicyAgent - ok 10:59:28.0776 0x0510 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 10:59:28.0838 0x0510 Power - ok 10:59:28.0869 0x0510 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 10:59:28.0932 0x0510 PptpMiniport - ok 10:59:28.0963 0x0510 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 10:59:28.0994 0x0510 Processor - ok 10:59:29.0041 0x0510 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll 10:59:29.0088 0x0510 ProfSvc - ok 10:59:29.0119 0x0510 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe 10:59:29.0134 0x0510 ProtectedStorage - ok 10:59:29.0134 0x0510 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 10:59:29.0197 0x0510 Psched - ok 10:59:29.0275 0x0510 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 10:59:29.0306 0x0510 ql2300 - ok 10:59:29.0322 0x0510 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 10:59:29.0337 0x0510 ql40xx - ok 10:59:29.0353 0x0510 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 10:59:29.0384 0x0510 QWAVE - ok 10:59:29.0384 0x0510 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 10:59:29.0431 0x0510 QWAVEdrv - ok 10:59:29.0446 0x0510 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 10:59:29.0509 0x0510 RasAcd - ok 10:59:29.0540 0x0510 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 10:59:29.0571 0x0510 RasAgileVpn - ok 10:59:29.0587 0x0510 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 10:59:29.0649 0x0510 RasAuto - ok 10:59:29.0696 0x0510 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 10:59:29.0758 0x0510 Rasl2tp - ok 10:59:29.0790 0x0510 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 10:59:29.0821 0x0510 RasMan - ok 10:59:29.0836 0x0510 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 10:59:29.0883 0x0510 RasPppoe - ok 10:59:29.0914 0x0510 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 10:59:29.0977 0x0510 RasSstp - ok 10:59:30.0008 0x0510 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 10:59:30.0070 0x0510 rdbss - ok 10:59:30.0117 0x0510 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 10:59:30.0148 0x0510 rdpbus - ok 10:59:30.0164 0x0510 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 10:59:30.0195 0x0510 RDPCDD - ok 10:59:30.0211 0x0510 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 10:59:30.0273 0x0510 RDPDR - ok 10:59:30.0289 0x0510 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 10:59:30.0336 0x0510 RDPENCDD - ok 10:59:30.0382 0x0510 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 10:59:30.0398 0x0510 RDPREFMP - ok 10:59:30.0445 0x0510 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 10:59:30.0507 0x0510 RDPWD - ok 10:59:30.0523 0x0510 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 10:59:30.0538 0x0510 rdyboost - ok 10:59:30.0570 0x0510 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 10:59:30.0601 0x0510 RemoteAccess - ok 10:59:30.0616 0x0510 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 10:59:30.0679 0x0510 RemoteRegistry - ok 10:59:30.0710 0x0510 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 10:59:30.0741 0x0510 RFCOMM - ok 10:59:30.0757 0x0510 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 10:59:30.0819 0x0510 RpcEptMapper - ok 10:59:30.0866 0x0510 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 10:59:30.0897 0x0510 RpcLocator - ok 10:59:30.0960 0x0510 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 10:59:30.0991 0x0510 RpcSs - ok 10:59:31.0022 0x0510 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 10:59:31.0053 0x0510 rspndr - ok 10:59:31.0100 0x0510 [ 36FCA0C67BCDC0DA047F5F36743B5CB9, 55B8F43B78B55900DA055206644D1DAD60AE453DB1A8D4527B86FAC346EEE587 ] RSUSBVSTOR C:\Windows\system32\Drivers\RTSUVSTOR.sys 10:59:31.0100 0x0510 RSUSBVSTOR - ok 10:59:31.0131 0x0510 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys 10:59:31.0162 0x0510 s3cap - ok 10:59:31.0194 0x0510 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe 10:59:31.0194 0x0510 SamSs - ok 10:59:31.0209 0x0510 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 10:59:31.0225 0x0510 sbp2port - ok 10:59:31.0256 0x0510 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 10:59:31.0287 0x0510 SCardSvr - ok 10:59:31.0318 0x0510 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 10:59:31.0365 0x0510 scfilter - ok 10:59:31.0428 0x0510 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 10:59:31.0490 0x0510 Schedule - ok 10:59:31.0537 0x0510 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 10:59:31.0568 0x0510 SCPolicySvc - ok 10:59:31.0599 0x0510 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 10:59:31.0677 0x0510 SDRSVC - ok 10:59:31.0708 0x0510 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 10:59:31.0771 0x0510 secdrv - ok 10:59:31.0802 0x0510 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 10:59:31.0833 0x0510 seclogon - ok 10:59:31.0880 0x0510 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 10:59:31.0927 0x0510 SENS - ok 10:59:31.0958 0x0510 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 10:59:32.0020 0x0510 SensrSvc - ok 10:59:32.0036 0x0510 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 10:59:32.0067 0x0510 Serenum - ok 10:59:32.0114 0x0510 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 10:59:32.0145 0x0510 Serial - ok 10:59:32.0176 0x0510 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 10:59:32.0208 0x0510 sermouse - ok 10:59:32.0254 0x0510 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 10:59:32.0301 0x0510 SessionEnv - ok 10:59:32.0348 0x0510 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 10:59:32.0364 0x0510 sffdisk - ok 10:59:32.0364 0x0510 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 10:59:32.0395 0x0510 sffp_mmc - ok 10:59:32.0410 0x0510 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 10:59:32.0426 0x0510 sffp_sd - ok 10:59:32.0457 0x0510 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 10:59:32.0488 0x0510 sfloppy - ok 10:59:32.0535 0x0510 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 10:59:32.0598 0x0510 SharedAccess - ok 10:59:32.0644 0x0510 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 10:59:32.0707 0x0510 ShellHWDetection - ok 10:59:32.0754 0x0510 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 10:59:32.0754 0x0510 SiSRaid2 - ok 10:59:32.0769 0x0510 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 10:59:32.0769 0x0510 SiSRaid4 - ok 10:59:32.0863 0x0510 [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 10:59:32.0878 0x0510 SkypeUpdate - ok 10:59:32.0910 0x0510 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 10:59:32.0956 0x0510 Smb - ok 10:59:32.0988 0x0510 [ E922286ED6677104AEBB210B9F0BF6F3, 080334BA6E82C8FC0D4EFB67313204D46C174CFEBFB2B4BD70CE503B6066EC32 ] SmbDrv C:\Windows\system32\DRIVERS\Smb_driver.sys 10:59:33.0003 0x0510 SmbDrv - ok 10:59:33.0019 0x0510 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 10:59:33.0050 0x0510 SNMPTRAP - ok 10:59:33.0081 0x0510 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 10:59:33.0081 0x0510 spldr - ok 10:59:33.0112 0x0510 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe 10:59:33.0159 0x0510 Spooler - ok 10:59:33.0284 0x0510 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 10:59:33.0424 0x0510 sppsvc - ok 10:59:33.0456 0x0510 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 10:59:33.0487 0x0510 sppuinotify - ok 10:59:33.0580 0x0510 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 10:59:33.0580 0x0510 SQLWriter - ok 10:59:33.0643 0x0510 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 10:59:33.0736 0x0510 srv - ok 10:59:33.0752 0x0510 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 10:59:33.0799 0x0510 srv2 - ok 10:59:33.0846 0x0510 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 10:59:33.0861 0x0510 srvnet - ok 10:59:33.0892 0x0510 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 10:59:33.0924 0x0510 SSDPSRV - ok 10:59:33.0939 0x0510 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 10:59:33.0970 0x0510 SstpSvc - ok 10:59:33.0986 0x0510 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 10:59:34.0002 0x0510 stexstor - ok 10:59:34.0017 0x0510 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 10:59:34.0080 0x0510 stisvc - ok 10:59:34.0111 0x0510 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys 10:59:34.0126 0x0510 storflt - ok 10:59:34.0142 0x0510 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll 10:59:34.0220 0x0510 StorSvc - ok 10:59:34.0236 0x0510 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys 10:59:34.0251 0x0510 storvsc - ok 10:59:34.0267 0x0510 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 10:59:34.0267 0x0510 swenum - ok 10:59:34.0298 0x0510 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 10:59:34.0376 0x0510 swprv - ok 10:59:34.0423 0x0510 [ 92F4AFC1FDE7A4CA0C88F9143F4DD323, FF8796BD6CD15853E22FE2A7B4B10F189316A00F78E52A1BD9CE4F8667452F1B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 10:59:34.0438 0x0510 SynTP - ok 10:59:34.0501 0x0510 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 10:59:34.0579 0x0510 SysMain - ok 10:59:34.0626 0x0510 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 10:59:34.0657 0x0510 TabletInputService - ok 10:59:34.0704 0x0510 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 10:59:34.0766 0x0510 tap0901 - ok 10:59:34.0766 0x0510 taphss6 - ok 10:59:34.0813 0x0510 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 10:59:34.0860 0x0510 TapiSrv - ok 10:59:34.0891 0x0510 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 10:59:34.0922 0x0510 TBS - ok 10:59:35.0000 0x0510 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 10:59:35.0047 0x0510 Tcpip - ok 10:59:35.0109 0x0510 [ DB74544B75566C974815E79A62433F29, 035EBF70FDA28CF2B6C1FD7EE0ED703DB4B647064B5DBA6E258878A19B1BCCA4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 10:59:35.0156 0x0510 TCPIP6 - ok 10:59:35.0187 0x0510 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 10:59:35.0250 0x0510 tcpipreg - ok 10:59:35.0281 0x0510 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys 10:59:35.0281 0x0510 tdcmdpst - ok 10:59:35.0296 0x0510 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 10:59:35.0343 0x0510 TDPIPE - ok 10:59:35.0374 0x0510 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 10:59:35.0406 0x0510 TDTCP - ok 10:59:35.0452 0x0510 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 10:59:35.0468 0x0510 tdx - ok 10:59:35.0593 0x0510 [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe 10:59:35.0624 0x0510 Te.Service - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:35.0624 0x0510 Te.Service ( UnsignedFile.Multi.Generic ) - warning 10:59:35.0624 0x0510 Force sending object to P2P due to detect: Te.Service 10:59:35.0624 0x0510 Object send P2P result: false 10:59:35.0655 0x0510 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 10:59:35.0671 0x0510 TermDD - ok 10:59:35.0702 0x0510 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll 10:59:35.0764 0x0510 TermService - ok 10:59:35.0811 0x0510 [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes C:\Windows\system32\themeservice.dll 10:59:35.0842 0x0510 Themes - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:35.0842 0x0510 Themes ( UnsignedFile.Multi.Generic ) - warning 10:59:35.0874 0x0510 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 10:59:35.0905 0x0510 THREADORDER - ok 10:59:35.0936 0x0510 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv C:\Windows\system32\TODDSrv.exe 10:59:35.0952 0x0510 TODDSrv - ok 10:59:35.0983 0x0510 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 10:59:36.0030 0x0510 TrkWks - ok 10:59:36.0061 0x0510 [ 643F853A22B405E2D5AAB5927AE32DEC, E6A62D6E99C61A0903F671C0EB692488DA1493904ED913107D50527647F505FE ] truecrypt C:\Windows\system32\drivers\truecrypt.sys 10:59:36.0076 0x0510 truecrypt - ok 10:59:36.0139 0x0510 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 10:59:36.0186 0x0510 TrustedInstaller - ok 10:59:36.0232 0x0510 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 10:59:36.0279 0x0510 tssecsrv - ok 10:59:36.0326 0x0510 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 10:59:36.0388 0x0510 TsUsbFlt - ok 10:59:36.0420 0x0510 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 10:59:36.0451 0x0510 TsUsbGD - ok 10:59:36.0498 0x0510 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 10:59:36.0544 0x0510 tunnel - ok 10:59:36.0576 0x0510 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 10:59:36.0591 0x0510 uagp35 - ok 10:59:36.0607 0x0510 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 10:59:36.0669 0x0510 udfs - ok 10:59:36.0716 0x0510 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 10:59:36.0747 0x0510 UI0Detect - ok 10:59:36.0778 0x0510 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 10:59:36.0778 0x0510 uliagpkx - ok 10:59:36.0810 0x0510 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 10:59:36.0856 0x0510 umbus - ok 10:59:36.0872 0x0510 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 10:59:36.0903 0x0510 UmPass - ok 10:59:36.0950 0x0510 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll 10:59:36.0997 0x0510 UmRdpService - ok 10:59:37.0044 0x0510 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 10:59:37.0075 0x0510 upnphost - ok 10:59:37.0122 0x0510 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 10:59:37.0153 0x0510 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:37.0153 0x0510 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning 10:59:37.0184 0x0510 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 10:59:37.0200 0x0510 usbccgp - ok 10:59:37.0231 0x0510 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys 10:59:37.0231 0x0510 usbcir - ok 10:59:37.0262 0x0510 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 10:59:37.0262 0x0510 usbehci - ok 10:59:37.0278 0x0510 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 10:59:37.0324 0x0510 usbhub - ok 10:59:37.0356 0x0510 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 10:59:37.0356 0x0510 usbohci - ok 10:59:37.0371 0x0510 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 10:59:37.0402 0x0510 usbprint - ok 10:59:37.0449 0x0510 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 10:59:37.0449 0x0510 usbscan - ok 10:59:37.0496 0x0510 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 10:59:37.0527 0x0510 USBSTOR - ok 10:59:37.0558 0x0510 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 10:59:37.0590 0x0510 usbuhci - ok 10:59:37.0621 0x0510 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 10:59:37.0652 0x0510 usbvideo - ok 10:59:37.0699 0x0510 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 10:59:37.0777 0x0510 usb_rndisx - ok 10:59:37.0792 0x0510 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 10:59:37.0855 0x0510 UxSms - ok 10:59:37.0855 0x0510 uxstyle - ok 10:59:37.0870 0x0510 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe 10:59:37.0870 0x0510 VaultSvc - ok 10:59:37.0917 0x0510 [ FA778992885636644FAE843E479A6774, C43789E3500F7B20D3AA234F806EEDC77C29AD71289FA1ADA6B2527978CC58A8 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys 10:59:37.0948 0x0510 VBoxDrv - ok 10:59:37.0995 0x0510 [ 63A1DDA8A5B1229A9F7A301EF9385909, D9053B0E311C34DC5ECAEFB34B8522F34C0627FFC547B0271313F570F20B9BF8 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys 10:59:37.0995 0x0510 VBoxNetAdp - ok 10:59:38.0011 0x0510 [ 5269C8EAA3499A3D371BEA543955540F, 4E02FC198F1F4E202989628657658C5354C4F9B2CA37A49425C7A617A8DD85A2 ] VBoxNetLwf C:\Windows\system32\DRIVERS\VBoxNetLwf.sys 10:59:38.0011 0x0510 VBoxNetLwf - ok 10:59:38.0011 0x0510 [ 38450E440C613D0C88FD29716E159F68, 797DB2242E5AC2D126130E295B4AF832A394AAC43F0E21811CC94EE8A009C479 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 10:59:38.0026 0x0510 VBoxUSBMon - ok 10:59:38.0026 0x0510 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys 10:59:38.0058 0x0510 VClone - ok 10:59:38.0089 0x0510 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 10:59:38.0089 0x0510 vdrvroot - ok 10:59:38.0120 0x0510 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 10:59:38.0182 0x0510 vds - ok 10:59:38.0214 0x0510 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 10:59:38.0229 0x0510 vga - ok 10:59:38.0245 0x0510 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 10:59:38.0292 0x0510 VgaSave - ok 10:59:38.0323 0x0510 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 10:59:38.0338 0x0510 vhdmp - ok 10:59:38.0354 0x0510 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 10:59:38.0354 0x0510 viaide - ok 10:59:38.0385 0x0510 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys 10:59:38.0401 0x0510 vmbus - ok 10:59:38.0416 0x0510 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 10:59:38.0448 0x0510 VMBusHID - ok 10:59:38.0479 0x0510 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 10:59:38.0494 0x0510 volmgr - ok 10:59:38.0510 0x0510 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 10:59:38.0526 0x0510 volmgrx - ok 10:59:38.0541 0x0510 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 10:59:38.0557 0x0510 volsnap - ok 10:59:38.0604 0x0510 [ 9B4F6978628D07FAEBF77FF6F8F2960D, FC36FE6BE77445D55E4E92CE3EAF172E253EC8CF8D2EBCA204969CF21FFA5600 ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe 10:59:38.0604 0x0510 VsEtwService120 - ok 10:59:38.0650 0x0510 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 10:59:38.0650 0x0510 vsmraid - ok 10:59:38.0713 0x0510 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 10:59:38.0806 0x0510 VSS - ok 10:59:38.0838 0x0510 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 10:59:38.0884 0x0510 vwifibus - ok 10:59:38.0900 0x0510 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 10:59:38.0947 0x0510 vwififlt - ok 10:59:38.0994 0x0510 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 10:59:39.0025 0x0510 W32Time - ok 10:59:39.0056 0x0510 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 10:59:39.0087 0x0510 WacomPen - ok 10:59:39.0118 0x0510 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 10:59:39.0181 0x0510 WANARP - ok 10:59:39.0181 0x0510 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 10:59:39.0212 0x0510 Wanarpv6 - ok 10:59:39.0290 0x0510 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 10:59:39.0384 0x0510 wbengine - ok 10:59:39.0399 0x0510 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 10:59:39.0415 0x0510 WbioSrvc - ok 10:59:39.0446 0x0510 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 10:59:39.0493 0x0510 wcncsvc - ok 10:59:39.0540 0x0510 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 10:59:39.0618 0x0510 WcsPlugInService - ok 10:59:39.0649 0x0510 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 10:59:39.0664 0x0510 Wd - ok 10:59:39.0727 0x0510 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 10:59:39.0742 0x0510 Wdf01000 - ok 10:59:39.0774 0x0510 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 10:59:39.0867 0x0510 WdiServiceHost - ok 10:59:39.0867 0x0510 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 10:59:39.0883 0x0510 WdiSystemHost - ok 10:59:39.0898 0x0510 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll 10:59:39.0945 0x0510 WebClient - ok 10:59:39.0992 0x0510 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 10:59:40.0039 0x0510 Wecsvc - ok 10:59:40.0086 0x0510 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 10:59:40.0101 0x0510 wercplsupport - ok 10:59:40.0117 0x0510 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 10:59:40.0148 0x0510 WerSvc - ok 10:59:40.0179 0x0510 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 10:59:40.0210 0x0510 WfpLwf - ok 10:59:40.0226 0x0510 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 10:59:40.0226 0x0510 WIMMount - ok 10:59:40.0242 0x0510 WinDefend - ok 10:59:40.0242 0x0510 WinHttpAutoProxySvc - ok 10:59:40.0320 0x0510 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 10:59:40.0366 0x0510 Winmgmt - ok 10:59:40.0460 0x0510 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 10:59:40.0538 0x0510 WinRM - ok 10:59:40.0569 0x0510 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 10:59:40.0616 0x0510 WinUsb - ok 10:59:40.0663 0x0510 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 10:59:40.0694 0x0510 Wlansvc - ok 10:59:40.0710 0x0510 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 10:59:40.0725 0x0510 WmiAcpi - ok 10:59:40.0772 0x0510 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 10:59:40.0803 0x0510 wmiApSrv - ok 10:59:40.0850 0x0510 WMPNetworkSvc - ok 10:59:40.0866 0x0510 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 10:59:40.0897 0x0510 WPCSvc - ok 10:59:40.0912 0x0510 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 10:59:40.0944 0x0510 WPDBusEnum - ok 10:59:40.0975 0x0510 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 10:59:40.0990 0x0510 ws2ifsl - ok 10:59:41.0022 0x0510 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 10:59:41.0068 0x0510 wscsvc - ok 10:59:41.0068 0x0510 WSearch - ok 10:59:41.0178 0x0510 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 10:59:41.0240 0x0510 wuauserv - ok 10:59:41.0256 0x0510 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 10:59:41.0302 0x0510 WudfPf - ok 10:59:41.0334 0x0510 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 10:59:41.0396 0x0510 WUDFRd - ok 10:59:41.0427 0x0510 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 10:59:41.0458 0x0510 wudfsvc - ok 10:59:41.0474 0x0510 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll 10:59:41.0521 0x0510 WwanSvc - ok 10:59:41.0536 0x0510 ================ Scan global =============================== 10:59:41.0568 0x0510 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 10:59:41.0614 0x0510 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 10:59:41.0646 0x0510 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 10:59:41.0677 0x0510 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 10:59:41.0708 0x0510 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 10:59:41.0708 0x0510 [ Global ] - ok 10:59:41.0708 0x0510 ================ Scan MBR ================================== 10:59:41.0724 0x0510 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 10:59:42.0098 0x0510 \Device\Harddisk0\DR0 - ok 10:59:42.0098 0x0510 ================ Scan VBR ================================== 10:59:42.0129 0x0510 [ 3843FF536F141C77423BBB9EB9D1F932 ] \Device\Harddisk0\DR0\Partition1 10:59:42.0176 0x0510 \Device\Harddisk0\DR0\Partition1 - ok 10:59:42.0207 0x0510 [ 3622C9273DABFBC340D8A77BD0AB7222 ] \Device\Harddisk0\DR0\Partition2 10:59:42.0254 0x0510 \Device\Harddisk0\DR0\Partition2 - ok 10:59:42.0254 0x0510 ================ Scan generic autorun ====================== 10:59:42.0254 0x0510 SynTPEnh - ok 10:59:42.0441 0x0510 [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 10:59:42.0457 0x0510 AdobeAAMUpdater-1.0 - ok 10:59:42.0519 0x0510 InstallerLauncher - ok 10:59:42.0613 0x0510 [ 1B6E310EA9D99D340D00D7954F42E1E4, 123B77ED9A42F84B6F621C5835E20E9458C6A4BEFFE30B1B000E17EE283B640A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 10:59:42.0628 0x0510 StartCCC - ok 10:59:42.0691 0x0510 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe 10:59:42.0722 0x0510 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 ) 10:59:42.0722 0x0510 QuickTime Task ( UnsignedFile.Multi.Generic ) - warning 10:59:42.0722 0x0510 Force sending object to P2P due to detect: C:\Program Files (x86)\QuickTime\QTTask.exe 10:59:42.0722 0x0510 Object send P2P result: false 10:59:42.0831 0x0510 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe 10:59:42.0862 0x0510 AdobeCS6ServiceManager - ok 10:59:42.0909 0x0510 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 10:59:42.0909 0x0510 VirtualCloneDrive - ok 10:59:42.0956 0x0510 [ 1D8F25EB5405C8FFFA0DE6EE4E139841, E7D22C1F3694F5B993469308F8750DE575AB27A4388897803632AB91C0D3CEB9 ] C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe 10:59:42.0972 0x0510 bdruninstaller - ok 10:59:43.0034 0x0510 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 10:59:43.0050 0x0510 SunJavaUpdateSched - ok 10:59:43.0096 0x0510 [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 10:59:43.0128 0x0510 Adobe ARM - ok 10:59:43.0190 0x0510 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:59:43.0252 0x0510 Sidebar - ok 10:59:43.0284 0x0510 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:59:43.0330 0x0510 mctadmin - ok 10:59:43.0377 0x0510 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 10:59:43.0424 0x0510 Sidebar - ok 10:59:43.0424 0x0510 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 10:59:43.0440 0x0510 mctadmin - ok 10:59:43.0611 0x0510 [ 8150D92888E57CFBC48119DD32ABE7AA, 1F3B344B3755892549E319906C721603388722D436648067322F8B5090A1AC28 ] C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe 10:59:43.0642 0x0510 uTorrent - ok 10:59:43.0705 0x0510 Skype - ok 10:59:43.0720 0x0510 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated ) 10:59:43.0720 0x0510 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled ) 10:59:43.0720 0x0510 ============================================================ 10:59:43.0720 0x0510 Scan finished 10:59:43.0720 0x0510 ============================================================ 10:59:43.0720 0x02f0 Detected object count: 8 10:59:43.0720 0x02f0 Actual detected object count: 8 11:02:01.0982 0x02f0 fussvc ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:01.0982 0x02f0 fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:01.0988 0x02f0 i2p ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:01.0988 0x02f0 i2p ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:01.0995 0x02f0 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:01.0995 0x02f0 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:02.0001 0x02f0 Netaapl ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:02.0001 0x02f0 Netaapl ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:02.0007 0x02f0 Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:02.0007 0x02f0 Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:02.0014 0x02f0 Themes ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:02.0014 0x02f0 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:02.0020 0x02f0 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:02.0020 0x02f0 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:02.0026 0x02f0 QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user 11:02:02.0026 0x02f0 QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
01.09.2015, 17:44
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild hi, Scan mit Combofix
__________________ --> Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild |
|
01.09.2015, 19:41
| #7 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Guten Abend habe gerade combofix durchlaufen lassen beim ersten mal hat er gemeldet das kaspersky geoefnnet ist ich habe nirgends den prozess gefunden geoeffnet war es nicht...habe combofix daraufhin neu gestartet und es lief ohne irgendwelche fehler... nochmals danke fuer deine Muehe und Hilfe !hier der log:Combofix : Code:
ATTFilter ComboFix 15-09-01.01 - xxx 01.09.2015 20:21:47.2.8 - x64 NETWORK
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8155.7185 [GMT 2:00]
ausgeführt von:: c:\users\xxx\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
C:\DSC01954.jpg
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\desktop.ini
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Speech Disambiguation.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Speech Misrecognition.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Speech Off.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Speech On.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Speech Sleep.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Balloon.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Battery Critical.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Battery Low.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Critical Stop.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Default.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Ding.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Error.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Exclamation.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Feed Discovered.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Hardware Fail.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Hardware Insert.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Hardware Remove.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Information Bar.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Logoff.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Logon.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Menu Command.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Minimize.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Navigation Start.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Notify.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Pop-up Blocked.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Print Complete.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Recycle.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Restore.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Ringin.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Shutdown.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows Start.wav
c:\programdata\Local\temp\7tsp\Extra\Media\Schemes\Tinker\Windows User Account Control.wav
c:\programdata\Local\temp\7tsp\Extra\Shell32\632.bmp
c:\programdata\Local\temp\7tsp\Extra\Shell32\633.bmp
c:\programdata\Local\temp\7tsp\Extra\Shell32\634.bmp
c:\programdata\Local\temp\7tsp\Extra\Shell32\635.bmp
c:\programdata\Local\temp\7tsp\programs\7tsp.bmp
c:\programdata\Local\temp\7tsp\programs\7za.dll
c:\programdata\Local\temp\7tsp\programs\7za.exe
c:\programdata\Local\temp\7tsp\programs\about.bmp
c:\programdata\Local\temp\7tsp\programs\bru.exe
c:\programdata\Local\temp\7tsp\programs\Dialogs.def
c:\programdata\Local\temp\7tsp\programs\lang.ini
c:\programdata\Local\temp\7tsp\programs\logo.bmp
c:\programdata\Local\temp\7tsp\programs\logon.bmp
c:\programdata\Local\temp\7tsp\programs\logos.bmp
c:\programdata\Local\temp\7tsp\programs\options.bmp
c:\programdata\Local\temp\7tsp\programs\optionsm.bmp
c:\programdata\Local\temp\7tsp\programs\panel.bmp
c:\programdata\Local\temp\7tsp\programs\Preview.bmp
c:\programdata\Local\temp\7tsp\programs\ResHacker.cnt
c:\programdata\Local\temp\7tsp\programs\ResHacker.exe
c:\programdata\Local\temp\7tsp\programs\ResHacker.GID
c:\programdata\Local\temp\7tsp\programs\ResHacker.ini
c:\programdata\Local\temp\7tsp\programs\ResHacker.log
c:\programdata\Local\temp\7tsp\Resources\DiagCpl.dll.res
c:\programdata\Local\temp\7tsp\Resources\explorer.exe.res
c:\programdata\Local\temp\7tsp\Resources\ExplorerFrame.dll.res
c:\programdata\Local\temp\7tsp\Resources\fontext.dll.res
c:\programdata\Local\temp\7tsp\Resources\ieakui.dll.res
c:\programdata\Local\temp\7tsp\Resources\ieframe.dll.res
c:\programdata\Local\temp\7tsp\Resources\imageres.dll.res
c:\programdata\Local\temp\7tsp\Resources\imagesp1.dll.res
c:\programdata\Local\temp\7tsp\Resources\main.cpl.res
c:\programdata\Local\temp\7tsp\Resources\mydocs.dll.res
c:\programdata\Local\temp\7tsp\Resources\ntshrui.dll.res
c:\programdata\Local\temp\7tsp\Resources\occache.dll.res
c:\programdata\Local\temp\7tsp\Resources\Oobefldr.dll.res
c:\programdata\Local\temp\7tsp\Resources\shell32.dll.res
c:\programdata\Local\temp\7tsp\Resources\shellbrd.dll.res
c:\programdata\Local\temp\7tsp\Resources\taskmgr.exe.res
c:\programdata\Local\temp\7tsp\Resources\timedate.cpl.res
c:\programdata\Local\temp\7tsp\Resources\wmploc.DLL.res
c:\programdata\Local\temp\7tsp\Resources\zipfldr.dll.res
c:\programdata\Local\temp\7tsp\temp\orb.bmp
c:\programdata\Local\temp\c.i.c.exe
c:\programdata\Services
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-08-01 bis 2015-09-01 ))))))))))))))))))))))))))))))
.
.
2015-09-01 18:30 . 2015-09-01 18:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-09-01 07:58 . 2015-09-01 08:52 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-09-01 02:32 . 2015-09-01 02:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{937E0D48-701D-491B-A7A2-350FF01E9E2B}\offreg.1928.dll
2015-09-01 00:38 . 2015-09-01 00:38 -------- d-----w- c:\programdata\Hotspot Shield
2015-08-31 23:07 . 2015-08-31 23:07 -------- d-----w- c:\users\xxx\AppData\Local\CrashRpt
2015-08-31 01:21 . 2015-08-31 01:55 -------- d-----w- C:\FRST
2015-08-30 23:16 . 2015-08-20 02:18 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{937E0D48-701D-491B-A7A2-350FF01E9E2B}\mpengine.dll
2015-08-30 19:44 . 2015-08-30 19:44 -------- d-----w- c:\program files\HitmanPro
2015-08-30 19:40 . 2015-08-30 19:56 -------- d-----w- c:\programdata\HitmanPro
2015-08-27 21:12 . 2015-08-27 21:12 113880 ----a-w- c:\windows\system32\drivers\2B0C5369.sys
2015-08-25 21:16 . 2015-08-25 21:16 113880 ----a-w- c:\windows\system32\drivers\61973A00.sys
2015-08-19 16:02 . 2015-08-19 16:02 -------- d-----w- c:\program files (x86)\Aspyr
2015-08-19 09:52 . 2015-08-19 15:20 -------- d-----w- c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}
2015-08-19 09:22 . 2015-08-26 21:07 -------- d-----w- c:\users\xxx\AppData\Local\NFS Underground 2
2015-08-19 09:15 . 2015-08-19 09:15 -------- d-----w- c:\program files (x86)\EA GAMES
2015-08-19 00:14 . 2015-08-19 00:14 -------- d-----w- c:\program files (x86)\GameSpy Arcade
2015-08-18 23:49 . 2015-08-18 23:49 -------- d-----w- c:\program files (x86)\Activision
2015-08-18 23:44 . 2015-08-18 23:44 -------- d-----w- c:\programdata\Steam
2015-08-18 23:39 . 2015-08-19 15:50 -------- d-----w- c:\program files (x86)\Age of Empires II HD The Forgotten
2015-08-18 14:31 . 2015-08-18 14:31 -------- d-----w- c:\users\xxx\AppData\Roaming\Dev-Cpp
2015-08-13 04:11 . 2015-08-13 04:11 113880 ----a-w- c:\windows\system32\drivers\0CCB001E.sys
2015-08-13 03:46 . 2015-08-13 04:06 -------- d-----w- c:\windows\system32\Taskman
2015-08-13 02:36 . 2015-08-13 02:36 -------- d-----w- c:\users\xxx\AppData\Roaming\Windows SideBar
2015-08-13 02:31 . 2015-08-13 03:07 -------- d-----w- C:\Gadgets
2015-08-12 22:04 . 2015-08-13 01:34 113880 ----a-w- c:\windows\system32\drivers\22116713.sys
2015-08-12 15:02 . 2015-08-12 15:02 113880 ----a-w- c:\windows\system32\drivers\7ED024B6.sys
2015-08-12 15:00 . 2015-08-12 15:00 113880 ----a-w- c:\windows\system32\drivers\1B282295.sys
2015-08-12 14:13 . 2015-08-12 14:13 -------- d-----w- c:\windows\SysWow64\Hotspot Shield
2015-08-10 23:30 . 2015-09-01 18:02 -------- d-----w- c:\programdata\i2p
2015-08-10 23:20 . 2015-08-19 15:11 -------- d-----w- c:\users\xxx\AppData\Roaming\I2P
2015-08-10 23:18 . 2015-08-30 17:26 -------- d-----w- c:\program files (x86)\i2p
2015-08-10 21:03 . 2015-08-11 01:18 -------- d-----w- c:\program files (x86)\Tor Browser
2015-08-10 20:40 . 2015-08-10 20:41 -------- d-----w- c:\program files\OpenVPN
2015-08-10 10:21 . 2015-08-10 10:21 -------- d-----w- c:\users\xxx\AppData\Local\IsolatedStorage
2015-08-09 00:01 . 2015-08-11 02:54 -------- d-----w- c:\users\xxx\.zenmap
2015-08-09 00:00 . 2015-08-09 00:00 -------- d-----w- c:\program files\WinPcap
2015-08-08 23:59 . 2015-08-09 00:01 -------- d-----w- c:\program files (x86)\Nmap
2015-08-08 23:58 . 2015-08-18 23:37 -------- d-----w- c:\users\xxx\AppData\Roaming\inkscape
2015-08-08 21:09 . 2015-08-08 21:13 -------- d-----w- c:\program files (x86)\Inkscape
2015-08-08 15:57 . 2015-08-08 15:57 113880 ----a-w- c:\windows\system32\drivers\6A4515E8.sys
2015-08-08 14:42 . 2015-08-08 14:42 -------- d-----w- c:\program files (x86)\Stardock
2015-08-08 14:15 . 2015-08-08 14:15 -------- d-----w- c:\programdata\Stardock
2015-08-08 14:02 . 2015-08-08 14:02 -------- d-----w- c:\users\xxx\AppData\Local\Stardock
2015-08-08 13:43 . 2015-08-08 13:43 -------- d--h--w- c:\program files (x86)\InstallJammer Registry
2015-08-08 13:33 . 2015-08-12 14:10 -------- d-----w- c:\programdata\{430548d0-bab8-9b04-4305-548d0bab2342}
2015-08-08 13:33 . 2015-08-08 13:33 -------- d-----w- c:\users\xxx\AppData\Roaming\Purposeful Advice
2015-08-08 13:20 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2015-08-08 13:20 . 2015-08-08 13:20 -------- d-----w- c:\windows\ELAMBKUP
2015-08-08 13:20 . 2015-09-01 17:47 -------- d-----w- c:\programdata\Kaspersky Lab
2015-08-08 13:20 . 2015-08-08 13:20 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2015-08-08 13:19 . 2015-08-08 13:55 793800 ----a-w- c:\windows\system32\drivers\klif.sys
2015-08-08 13:19 . 2015-08-08 13:55 141320 ----a-w- c:\windows\system32\drivers\klflt.sys
2015-08-08 13:19 . 2014-04-10 15:25 243808 ----a-w- c:\windows\system32\drivers\klhk.sys
2015-08-07 10:49 . 2015-08-07 10:49 -------- d-----w- c:\program files (x86)\VirtualDJ
2015-08-04 15:16 . 2015-08-04 15:16 -------- d-----w- c:\users\xxx\AppData\Roaming\IrfanView
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-01 18:03 . 2015-07-15 00:52 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-01 07:57 . 2015-07-15 00:51 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-13 03:37 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2015-08-13 03:37 . 2010-11-21 03:23 2851840 ----a-w- c:\windows\system32\themeui.dll
2015-08-13 03:37 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2015-08-09 23:41 . 2013-04-25 17:58 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-09 23:41 . 2013-04-25 17:58 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-08 13:43 . 2015-08-08 13:43 1486069 ----a-w- c:\windows\cursors\uninstall.exe
2015-07-29 10:34 . 2015-07-29 11:22 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-19 15:13 . 2015-07-13 22:49 84848 ----a-w- c:\windows\system32\bdsandboxuiskin.dll
2015-07-19 15:13 . 2015-07-13 22:49 33360 ----a-w- c:\windows\system32\bdsandboxuh.dll
2015-07-15 01:07 . 2009-07-13 23:39 245760 ----a-w- c:\windows\SysWow64\uxtheme.dll
2015-07-15 01:07 . 2010-11-21 03:24 2755072 ----a-w- c:\windows\SysWow64\themeui.dll
2015-07-14 00:22 . 2015-07-14 00:22 74000 ----a-w- c:\windows\system32\bdsandboxuiskin32.dll
2015-07-13 16:35 . 2015-07-13 16:35 2784960 ----a-w- c:\programdata\Microsoft\VisualStudio\12.0\1033\ResourceCache.dll
2015-07-13 08:29 . 2015-07-13 08:29 224016 --s-a-r- c:\windows\SysWow64\TABCTL32.OCX
2015-07-13 08:29 . 2015-07-13 08:29 1010720 --s-a-r- c:\windows\SysWow64\MSCHRT20.OCX
2015-07-09 10:09 . 2015-07-14 18:55 958736 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2015-07-09 10:09 . 2015-07-14 18:55 138904 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2015-07-09 10:09 . 2015-07-09 10:09 146072 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys
2015-07-09 10:09 . 2015-07-09 10:09 117768 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys
2015-06-25 11:38 . 2015-06-25 11:38 230840 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2015-06-21 03:23 . 2015-06-21 03:23 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
2015-06-21 03:19 . 2015-06-21 03:19 57344 ----a-r- c:\users\xxx\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2015-06-20 11:45 . 2015-06-20 02:38 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2015-06-20 11:45 . 2015-06-20 01:47 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-06-20 11:26 . 2015-06-20 01:47 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-06-20 03:22 . 2015-06-20 01:47 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2015-06-20 01:47 . 2015-06-20 01:47 912744 ----a-w- c:\windows\SysWow64\pbsvc (1).exe
2015-06-19 21:14 . 2015-06-19 21:14 27840 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2015-06-19 21:14 . 2015-06-19 21:14 17576 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2015-06-19 21:14 . 2015-06-19 21:14 17576 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2015-06-19 21:14 . 2015-06-19 21:14 17576 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2015-06-19 21:04 . 2015-06-19 21:04 29888 ----a-w- c:\windows\system32\aspnet_counters.dll
2015-06-19 21:04 . 2015-06-19 21:04 17576 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2015-06-19 21:04 . 2015-06-19 21:04 17576 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2015-06-19 21:04 . 2015-06-19 21:04 17576 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2015-06-18 06:41 . 2015-07-15 00:51 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2015-07-15 00:51 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-11 06:01 . 2015-06-11 06:01 233472 ----a-w- c:\windows\SysWow64\SafeAppLM.ocx
2015-06-10 21:08 . 2015-06-10 21:08 6112072 ----a-w- c:\windows\system32\usbaaplrc.dll
2015-06-10 21:08 . 2015-06-10 21:08 54784 ----a-w- c:\windows\system32\drivers\usbaapl64.sys
2015-06-04 10:37 . 2015-06-04 10:37 993632 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-06-04 10:37 . 2015-06-04 10:37 987848 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-06-04 10:37 . 2015-06-04 10:37 690016 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-06-04 10:37 . 2015-06-04 10:37 484552 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\xxx\AppData\Roaming\uTorrent\uTorrent.exe" [2015-08-28 1696096]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-07-28 53655680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-01-20 343168]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"bdruninstaller"="c:\program files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" [2014-08-08 519472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
R1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
R1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp6.sys [x]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
R2 i2p;I2P Service;c:\program files (x86)\i2p\I2Psvc.exe;c:\program files (x86)\i2p\I2Psvc.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 uxstyle;uxstyle;c:\windows\system32\Drivers\uxstyle.sys;c:\windows\SYSNATIVE\Drivers\uxstyle.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetLwf.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetLwf.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\
FF - prefs.js: browser.startup.homepage - about:home
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-InstallerLauncher - c:\program files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}"=hex:51,66,7a,6c,4c,1d,38,12,4d,0e,7e,
9a,40,73,fa,0f,d1,09,6e,56,73,7a,a7,cd
"{73455575-E40C-433C-9784-C78DC7761455}"=hex:51,66,7a,6c,4c,1d,38,12,1b,56,56,
77,3e,aa,52,06,e8,92,84,cd,c2,28,50,41
"{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}"=hex:51,66,7a,6c,4c,1d,38,12,1d,cf,77,
51,95,a1,d1,09,ee,9c,1f,b7,fe,e1,bb,5b
"{310CA7B9-D56B-499A-B786-D9648270585E}"=hex:51,66,7a,6c,4c,1d,38,12,84,89,2e,
18,6c,b6,c5,34,9b,bd,ab,09,b2,03,2d,72
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E33CF602-D945-461A-83F0-819F76A199F8}"=hex:51,66,7a,6c,4c,1d,38,12,6c,f5,2f,
e7,77,97,74,03,fc,e6,c2,df,73,ff,dd,ec
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:0f,13,f1,d0,0f,d4,d0,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-09-01 20:32:39
ComboFix-quarantined-files.txt 2015-09-01 18:32
.
Vor Suchlauf: 14 Verzeichnis(se), 633.928.683.520 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 633.655.013.376 Bytes frei
.
- - End Of File - - 5D9FE3644FC395A9E4C6E2D38B2F0F59
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
Geändert von daniel1989 (01.09.2015 um 19:44 Uhr) Grund: das lodfile hatte bereits vorher die code boxen.... |
|
02.09.2015, 17:45
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.09.2015, 21:23
| #9 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Guten abend  eine Frage bevor ich sofort anfange ! Muss ich mbam, und co neu runterladen und installieren oder kann ich diese Programme die ich alle schon installiert habe einfach benutzen? Nette grüße ! Danke für deine Hilfe bis jetzt!MBAM LOG: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.09.2015 Suchlaufzeit: 21:14 Protokolldatei: mbam-log-2015-09-02 (21-13-56).txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.02.07 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Premium-Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: xxx Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 451731 Abgelaufene Zeit: 36 Min., 5 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 02/09/2015 um 21:56:04
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : xxx - XXX
# Gestartet von : C:\Users\xxx\Desktop\AdwCleaner_5.005.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\ProgramData\{430548d0-bab8-9b04-4305-548d0bab2342}
Ordner Gefunden : C:\ProgramData\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}
Ordner Gefunden : C:\ProgramData\{a5905ac1-5b3c-288b-a590-05ac15b36b05}
Ordner Gefunden : C:\ProgramData\{e31b31d3-f761-e6ac-e31b-b31d3f76c74f}
***** [ Dateien ] *****
Datei Gefunden : C:\Windows\SysWOW64\SafeAppLM.ocx
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-5.5-bg.exe]
Schlüssel Gefunden : HKLM\SOFTWARE\38233515-9420-8571-ff45-4811c0aec2a0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{062D6B05-B83A-46DE-81AD-1750FB7C8DE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{92B0265C-B929-4D42-BA54-75AA39C99198}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{062D6B05-B83A-46DE-81AD-1750FB7C8DE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{92B0265C-B929-4D42-BA54-75AA39C99198}
Schlüssel Gefunden : HKU\.DEFAULT\Software\AppDataLow\Software\Compete
Schlüssel Gefunden : HKU\.DEFAULT\Software\AppDataLow\Software\Compete
Schlüssel Gefunden : HKU\S-1-5-18\Software\AppDataLow\Software\Compete
***** [ Internetbrowser ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S17].txt - [1934 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Professional x64
Ran by xxx on 02.09.2015 at 22:06:04,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Failed to delete: [File] C:\Windows\SysWOW64\number of results
~~~ Folders
Successfully deleted: [Folder] C:\Users\xxx\Appdata\Local\crashrpt
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.09.2015 at 22:08:32,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von xxx (Administrator) auf XXX (02-09-2015 22:11:51)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2011-12-22] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [bdruninstaller] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"setupdownloader.exe" /args:"/token:64b /after_restart"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\Run: [uTorrent] => C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-29] (BitTorrent Inc.)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C15].txt [2281 2015-09-02] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6EF27CF9-2594-4B68-8B80-9276E723E19E}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{8541C6AF-41FF-4C87-A65C-38721CCEE50C}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FD42EE94-C8AB-4635-97A2-B585F803CAB0}: [DhcpNameServer] 193.189.244.206 193.189.244.225
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-08] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-08] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-08-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-08-10] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com [2015-08-08] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com [2015-08-30] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-08-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-12-18] (Apple Inc.)
FF Extension: YouTube Unblocker - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\youtubeunblocker@unblocker.yt [2015-08-06]
FF Extension: Flashblock - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-08-05]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\adblockpopups@jessehakanen.net.xpi [2015-08-19]
FF Extension: Ghostery - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\firefox@ghostery.com.xpi [2015-08-08]
FF Extension: Stop YouTube Autoplay - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\jid0-Pm0nbsggUvL00CBoW6YwCaqv8bk@jetpack.xpi [2015-08-17]
FF Extension: NoScript - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-08]
FF Extension: Adblock Plus - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-24]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\url_advisor@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\anti_banner@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com [2015-08-08]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-08-30] (SurfRight B.V.)
S2 i2p; C:\Program Files (x86)\i2p\I2Psvc.exe [389632 2015-08-11] (Tanuki Software, Ltd.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-08-04] (The OpenVPN Project)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-20] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-08-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-08-08] (Kaspersky Lab ZAO)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-08-08] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-02] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
S1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2011-12-22] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S2 uxstyle; \??\C:\Windows\system32\Drivers\uxstyle.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-02 22:11 - 2015-09-02 22:12 - 00019098 _____ C:\Users\xxx\Desktop\FRST.txt
2015-09-02 22:11 - 2015-09-02 22:11 - 00000000 ____D C:\Users\xxx\Desktop\FRST-OlderVersion
2015-09-02 22:08 - 2015-09-02 22:08 - 00000843 _____ C:\Users\xxx\Desktop\JRT.txt
2015-09-02 22:06 - 2015-09-02 22:06 - 00000000 _____ C:\Users\xxx\Desktop\failed 08007043c.txt
2015-09-02 22:05 - 2015-09-02 22:05 - 01799392 _____ (Malwarebytes Corporation) C:\Users\xxx\Downloads\JRT(1).exe
2015-09-02 22:05 - 2015-09-02 22:05 - 01799392 _____ (Malwarebytes Corporation) C:\Users\xxx\Desktop\JRT(1).exe
2015-09-02 22:01 - 2015-09-02 21:57 - 00001478 _____ C:\Users\xxx\Desktop\Quarantine.log
2015-09-02 22:01 - 2015-09-02 21:56 - 00002022 _____ C:\Users\xxx\Desktop\AdwCleaner[S17].txt
2015-09-02 21:50 - 2015-09-02 21:50 - 00002488 _____ C:\Users\xxx\Desktop\mbam-log-2015-09-02 (21-13-56).xml
2015-09-02 21:17 - 2015-09-02 21:18 - 01654272 _____ C:\Users\xxx\Desktop\AdwCleaner_5.005.exe
2015-09-02 21:11 - 2015-09-02 21:12 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-02 21:11 - 2015-09-02 21:11 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-02 21:11 - 2015-09-02 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-02 21:11 - 2015-09-02 21:11 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-02 21:11 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-02 21:11 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-02 21:11 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-02 21:00 - 2015-09-02 21:02 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-01 20:32 - 2015-09-01 20:32 - 00030733 _____ C:\ComboFix.txt
2015-09-01 19:51 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-01 19:51 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-01 19:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-01 19:42 - 2015-09-01 20:32 - 00000000 ____D C:\Qoobox
2015-09-01 19:42 - 2015-09-01 20:31 - 00000000 ____D C:\Windows\erdnt
2015-09-01 19:23 - 2015-09-01 19:23 - 05635829 _____ (Swearware) C:\Users\xxx\Downloads\ComboFix(1).exe
2015-09-01 19:22 - 2015-09-01 19:22 - 05635829 ____R (Swearware) C:\Users\xxx\Desktop\ComboFix.exe
2015-09-01 10:11 - 2015-09-01 10:11 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\xxx\Desktop\tdsskiller.exe
2015-09-01 09:58 - 2015-09-01 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-01 09:56 - 2015-09-01 10:52 - 00000000 ____D C:\Users\xxx\Desktop\mbar
2015-09-01 09:55 - 2015-09-01 09:55 - 16563304 _____ (Malwarebytes Corp.) C:\Users\xxx\Desktop\mbar-1.09.2.1008.exe
2015-09-01 03:29 - 2015-09-02 21:27 - 00000000 ____D C:\Users\xxx\Desktop\Neuer Ordner
2015-09-01 02:38 - 2015-09-01 02:38 - 00000000 ____D C:\ProgramData\Hotspot Shield
2015-09-01 00:56 - 2015-09-01 00:43 - 01799392 _____ (Malwarebytes Corporation) C:\Users\xxx\Desktop\JRT.exe
2015-09-01 00:51 - 2015-09-01 00:55 - 01798640 _____ (Malwarebytes Corporation) C:\Users\xxx\Downloads\JRT.exe
2015-08-31 23:27 - 2015-09-01 00:17 - 00113536 _____ C:\tb.txt
2015-08-31 03:21 - 2015-09-02 22:11 - 00000000 ____D C:\FRST
2015-08-31 03:07 - 2015-08-31 03:07 - 00000000 _____ C:\Users\xxx\defogger_reenable
2015-08-31 02:25 - 2015-08-31 02:25 - 00380416 _____ C:\Users\xxx\Desktop\9ie9fcez.exe
2015-08-31 02:22 - 2015-09-02 22:11 - 02188800 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2015-08-31 02:15 - 2015-08-31 02:15 - 00050477 _____ C:\Users\xxx\Desktop\Defogger.exe
2015-08-31 00:17 - 2015-08-31 00:17 - 00003360 ____N C:\bootsqm.dat
2015-08-30 23:20 - 2015-08-30 23:20 - 00008754 _____ C:\HitmanPro_20150830_2320.log
2015-08-30 21:55 - 2015-08-30 23:19 - 00000640 _____ C:\Windows\system32\.crusader
2015-08-30 21:44 - 2015-08-30 21:44 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-08-30 21:44 - 2015-08-30 21:44 - 00000000 ____D C:\Program Files\HitmanPro
2015-08-30 21:41 - 2015-08-30 21:43 - 11352032 _____ (SurfRight B.V.) C:\Users\xxx\Downloads\HitmanPro_x64.exe
2015-08-30 21:40 - 2015-08-30 21:56 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-30 19:22 - 2015-08-30 19:22 - 00299544 _____ C:\Windows\Minidump\083015-20280-01.dmp
2015-08-29 01:34 - 2015-08-29 01:34 - 00332344 _____ C:\Windows\Minidump\082915-32900-01.dmp
2015-08-29 01:33 - 2015-08-30 19:22 - 487727759 _____ C:\Windows\MEMORY.DMP
2015-08-28 23:21 - 2015-08-29 00:38 - 00000000 ____D C:\Users\xxx\Downloads\MW3 ChromatiX
2015-08-27 23:12 - 2015-08-27 23:12 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2B0C5369.sys
2015-08-25 23:16 - 2015-08-25 23:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\61973A00.sys
2015-08-20 01:32 - 2015-08-20 01:33 - 00000000 ____D C:\Users\xxx\Desktop\Games
2015-08-19 22:03 - 2015-08-19 22:03 - 00000218 _____ C:\Users\xxx\AppData\Local\recently-used.xbel
2015-08-19 18:04 - 2015-08-19 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2015-08-19 18:02 - 2015-08-19 18:02 - 00000000 ____D C:\Program Files (x86)\Aspyr
2015-08-19 11:52 - 2015-08-19 11:52 - 00003236 _____ C:\Windows\System32\Tasks\LoudProof
2015-08-19 11:22 - 2015-08-26 23:07 - 00000000 ____D C:\Users\xxx\AppData\Local\NFS Underground 2
2015-08-19 11:17 - 2015-08-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-08-19 11:15 - 2015-08-19 11:15 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-08-19 11:07 - 2015-08-31 01:05 - 00000000 ____D C:\Users\xxx\Downloads\nfsu2
2015-08-19 02:14 - 2015-08-19 02:14 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2015-08-19 01:53 - 2015-08-19 11:22 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-19 01:49 - 2015-08-19 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-08-19 01:49 - 2015-08-19 01:49 - 00000000 ____D C:\Program Files (x86)\Activision
2015-08-19 01:44 - 2015-08-19 01:44 - 00000000 ____D C:\ProgramData\Steam
2015-08-19 01:39 - 2015-08-19 17:50 - 00000000 ____D C:\Program Files (x86)\Age of Empires II HD The Forgotten
2015-08-18 19:46 - 2015-08-18 19:47 - 65444688 _____ (Microsoft Corporation) C:\Users\xxx\Downloads\NDP46-KB3045557-x86-x64-AllOS-ENU.exe
2015-08-18 19:43 - 2015-08-18 20:01 - 00037993 _____ C:\Users\xxx\Documents\Unbenannt1.cpp
2015-08-18 16:31 - 2015-08-18 16:31 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Dev-Cpp
2015-08-18 13:17 - 2015-08-18 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2015-08-18 13:16 - 2015-08-18 13:16 - 00000000 ____D C:\Users\xxx\Desktop\Dev-Cpp
2015-08-18 01:00 - 2015-08-18 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-13 10:08 - 2015-08-13 22:35 - 00003234 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-08-13 06:11 - 2015-08-13 06:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0CCB001E.sys
2015-08-13 05:59 - 2015-08-13 05:59 - 00000000 ____D C:\Users\xxx\Downloads\7tsp_Vs_se7en_Pack
2015-08-13 05:46 - 2015-08-13 06:06 - 00000000 ____D C:\Windows\system32\Taskman
2015-08-13 04:36 - 2015-08-13 04:36 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Windows SideBar
2015-08-13 04:31 - 2015-08-13 05:07 - 00000000 ____D C:\Gadgets
2015-08-13 03:55 - 2015-08-19 10:50 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8E1BA6FC-3CD5-40FE-A806-F7D9A8078D70}
2015-08-13 00:04 - 2015-08-13 03:34 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\22116713.sys
2015-08-12 17:02 - 2015-08-12 17:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7ED024B6.sys
2015-08-12 17:00 - 2015-08-12 17:00 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1B282295.sys
2015-08-12 16:13 - 2015-08-12 16:13 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2015-08-12 16:10 - 2015-08-12 16:10 - 00262144 _____ C:\Windows\system32\config\elam
2015-08-11 10:28 - 2015-09-01 20:01 - 00003194 _____ C:\Windows\setupact.log
2015-08-11 10:28 - 2015-08-11 10:28 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 10:27 - 2015-09-02 21:58 - 00068158 _____ C:\Windows\PFRO.log
2015-08-11 03:22 - 2015-08-11 03:22 - 00032178 _____ C:\Users\xxx\Documents\cc_20150811_032249.reg
2015-08-11 02:34 - 2015-08-11 02:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I2P
2015-08-11 01:30 - 2015-09-01 20:02 - 00000000 ____D C:\ProgramData\i2p
2015-08-11 01:20 - 2015-08-19 17:11 - 00000000 ____D C:\Users\xxx\AppData\Roaming\I2P
2015-08-11 01:18 - 2015-08-30 19:26 - 00000000 ____D C:\Program Files (x86)\i2p
2015-08-11 01:18 - 2015-08-11 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I2P
2015-08-10 23:03 - 2015-08-11 03:18 - 00000000 ____D C:\Program Files (x86)\Tor Browser
2015-08-10 22:40 - 2015-08-10 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-08-10 22:40 - 2015-08-10 22:41 - 00000000 ____D C:\Program Files\OpenVPN
2015-08-10 15:21 - 2015-08-10 15:21 - 04072200 _____ C:\Users\xxx\Downloads\TeknoMW3_ServerTool_1.5.8_ServerMonitor_1.1.exe
2015-08-10 12:21 - 2015-08-10 12:21 - 00000000 ____D C:\Users\xxx\AppData\Local\IsolatedStorage
2015-08-09 02:01 - 2015-08-11 04:54 - 00000000 ____D C:\Users\xxx\.zenmap
2015-08-09 02:00 - 2015-08-09 02:00 - 00000000 ____D C:\Program Files\WinPcap
2015-08-09 01:59 - 2015-08-09 02:01 - 00000000 ____D C:\Program Files (x86)\Nmap
2015-08-09 01:58 - 2015-08-19 01:37 - 00000000 ____D C:\Users\xxx\AppData\Roaming\inkscape
2015-08-08 23:13 - 2015-08-08 23:13 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2015-08-08 23:09 - 2015-08-08 23:13 - 00000000 ____D C:\Program Files (x86)\Inkscape
2015-08-08 17:57 - 2015-08-08 17:57 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6A4515E8.sys
2015-08-08 16:42 - 2015-08-08 16:42 - 00000000 ____D C:\Program Files (x86)\Stardock
2015-08-08 16:15 - 2015-08-08 16:15 - 00000000 ____D C:\ProgramData\Stardock
2015-08-08 16:02 - 2015-08-08 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2015-08-08 16:02 - 2015-08-08 16:02 - 00000000 ____D C:\Users\xxx\AppData\Local\Stardock
2015-08-08 16:02 - 2015-08-08 16:02 - 00000000 ____D C:\Users\Public\Documents\Stardock
2015-08-08 15:43 - 2015-08-08 15:43 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2015-08-08 15:33 - 2015-08-08 15:33 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Purposeful Advice
2015-08-08 15:21 - 2015-08-08 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-08-08 15:20 - 2015-09-01 19:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-08 15:20 - 2015-08-08 15:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-08-08 15:20 - 2015-08-08 15:20 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-08-08 15:20 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-08-08 15:19 - 2015-08-08 15:55 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-08-08 15:19 - 2015-08-08 15:55 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-08-08 15:19 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-08-07 12:49 - 2015-08-07 13:35 - 00000000 ____D C:\Users\xxx\Documents\VirtualDJ
2015-08-07 12:49 - 2015-08-07 12:49 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-08-07 12:49 - 2015-08-07 12:49 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2015-08-04 17:16 - 2015-08-04 17:16 - 00000000 ____D C:\Users\xxx\AppData\Roaming\IrfanView
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-02 21:57 - 2015-06-21 18:51 - 00000000 ____D C:\AdwCleaner
2015-09-02 21:08 - 2013-02-27 00:40 - 01485463 _____ C:\Windows\WindowsUpdate.log
2015-09-01 20:30 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-01 20:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-01 20:00 - 2009-07-14 04:34 - 94371840 _____ C:\Windows\system32\config\software.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 36962304 _____ C:\Windows\system32\config\system.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 04718592 _____ C:\Windows\system32\config\default.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2015-09-01 02:07 - 2009-07-14 06:45 - 00012288 _____ C:\Windows\system32\umstartup.etl
2015-09-01 01:11 - 2015-06-20 11:53 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2015-09-01 01:06 - 2015-07-13 02:40 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Skype
2015-09-01 01:06 - 2015-06-20 01:20 - 00000000 ____D C:\Users\xxx\AppData\Roaming\uTorrent
2015-08-31 03:49 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-31 03:49 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-31 03:48 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-31 03:10 - 2015-04-19 14:20 - 00000554 _____ C:\Users\xxx\AppData\Roaming\a55CxS51lp6oDbN
2015-08-31 03:07 - 2015-06-19 01:57 - 00000000 ____D C:\Users\xxx
2015-08-31 01:14 - 2015-06-19 21:46 - 00000000 ___RD C:\Users\xxx\Desktop\Stuff
2015-08-31 01:07 - 2015-06-20 16:40 - 00000000 ____D C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^
2015-08-30 19:22 - 2015-07-18 20:02 - 00000000 ____D C:\Windows\Minidump
2015-08-30 13:54 - 2015-07-14 20:56 - 00000000 ____D C:\Users\xxx\.VirtualBox
2015-08-29 06:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-29 03:56 - 2015-07-15 03:42 - 00000000 ____D C:\Program Files (x86)\7tsp
2015-08-29 03:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-08-29 03:12 - 2013-04-25 20:08 - 00000000 ____D C:\ProgramData\Skype
2015-08-26 20:40 - 2015-06-20 00:55 - 00000000 ____D C:\Users\xxx\AppData\Local\TeknoGods
2015-08-26 02:56 - 2011-04-12 09:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-08-26 02:56 - 2011-04-12 09:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-08-26 02:56 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 12:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-08-19 17:21 - 2015-06-19 01:58 - 00001421 _____ C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-18 19:57 - 2014-01-04 12:35 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-18 19:47 - 2015-07-13 18:34 - 00000000 ____D C:\Users\xxx\Documents\Visual Studio 2013
2015-08-18 09:13 - 2013-03-15 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-13 22:33 - 2009-07-14 06:45 - 04875472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 05:37 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-08-13 05:37 - 2009-07-14 01:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-08-13 05:37 - 2009-07-14 01:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2015-08-13 04:47 - 2015-06-21 05:23 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2015-08-10 23:21 - 2015-06-19 01:57 - 00000000 ____D C:\Users\xxx\AppData\Local\VirtualStore
2015-08-10 01:41 - 2015-06-20 07:22 - 00000000 ____D C:\Users\xxx\AppData\Local\Adobe
2015-08-10 01:41 - 2013-04-25 19:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-10 01:41 - 2013-04-25 19:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:06 - 2015-07-14 00:48 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-08-07 12:57 - 2015-06-20 23:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPUCooL
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-19 14:20 - 2015-08-31 03:10 - 0000554 _____ () C:\Users\xxx\AppData\Roaming\a55CxS51lp6oDbN
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Sci-Fi
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Screen Saver
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Screen Savers
2015-08-19 22:03 - 2015-08-19 22:03 - 0000218 _____ () C:\Users\xxx\AppData\Local\recently-used.xbel
2015-06-21 13:09 - 2015-06-21 13:09 - 0007605 _____ () C:\Users\xxx\AppData\Local\Resmon.ResmonCfg
2015-06-21 05:23 - 2015-06-21 05:23 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-06-21 05:23 - 2015-08-13 04:47 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-06-21 05:23 - 2015-06-21 05:23 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\ProgramData\SingleFiles
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\ProgramData\Smooth Strings
Einige Dateien in TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-04 02:09
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von xxx (2015-09-02 22:12:57)
Gestartet von C:\Users\xxx\Desktop
Start-Modus: Safe Mode (with Networking)
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3674743092-987190976-2435912599-500 - Administrator - Disabled)
Gast (S-1-5-21-3674743092-987190976-2435912599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3674743092-987190976-2435912599-1004 - Limited - Enabled)
xxx (S-1-5-21-3674743092-987190976-2435912599-1003 - Administrator - Enabled) => C:\Users\xxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Age of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )
AMD Catalyst Install Manager (HKLM\...\{F856881A-D370-B1A7-2AFF-128F4AA93558}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version: - )
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 3.6 (HKLM-x32\...\IsoBuster_is1) (Version: 3.6 - Smart Projects)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Kaspersky Internet Security Technical Preview (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security Technical Preview (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Mac OS X Cursors (HKLM-x32\...\48AEB547-6B1C-4CFC-957B-E11C22C8A25F) (Version: 1.1 - www.46palermo.com)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nmap 6.49BETA4 (HKLM-x32\...\Nmap) (Version: - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.8-I601 (HKLM\...\OpenVPN) (Version: 2.3.8-I601 - )
Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Premium Sound HD (HKLM\...\{439A73C2-8CFA-4630-8484-36BCA2AEBB0A}) (Version: 1.12.0300 - SRS Labs, Inc.)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RawTherapee Version 4.1 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.1 - rawtherapee.com)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Stardock CursorFX (HKLM-x32\...\CursorFX) (Version: 2.16 - Stardock Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Tony Hawk's Pro Skater 2 (HKLM-x32\...\Activision_THPS2UninstallKey) (Version: - )
Tony Hawks Pro Skater 4 (HKLM-x32\...\{E0F07676-2C60-4465-A727-20DE3BFCABAC}) (Version: 1.00.0000 - Aspyr Media)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.8 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VirtualDJ 8 (HKLM-x32\...\{F7A68F9D-BBF0-48FF-B138-2EFB5165638C}) (Version: 8.0.2048.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-09-01 20:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BE85537-5689-4DEC-A3DC-38D5103862F5} - System32\Tasks\LoudProof => c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}\gamesetup.exe <==== ACHTUNG
Task: {1866A771-138D-42A2-A49E-75E52E7A73E2} - \Winsta Update -> Keine Datei <==== ACHTUNG
Task: {1EFEA92F-7139-4B35-90E8-A70F424EE846} - \avabvbavad -> Keine Datei <==== ACHTUNG
Task: {22479C06-B56A-465A-85A8-2023774CA229} - \AdobeAAMUpdater-1.0-Toshiba-xxx -> Keine Datei <==== ACHTUNG
Task: {3A062199-CB44-413C-8C4D-3B2D460E9169} - \DFOZSNJILP -> Keine Datei <==== ACHTUNG
Task: {43CDEEEB-2B15-4B93-A047-D0E04BEFB0D2} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {54A49564-469B-42CD-A0B6-D40B54CA3262} - \{F05C6774-D1E3-400A-BF54-41B6C72D18A2} -> Keine Datei <==== ACHTUNG
Task: {6B4F8AD2-B802-4DD1-B75C-64B14A7F8AA3} - \{FE848F92-98FB-4AE7-8ACF-723F8C49ACFA} -> Keine Datei <==== ACHTUNG
Task: {80B64C67-A468-4821-9528-DBCA0ED3D8E9} - \AlcoProof -> Keine Datei <==== ACHTUNG
Task: {92C91CDB-6A66-4AB3-A6C0-7469F499F2A5} - \{4F923200-1F8D-4530-B555-4126DD1B7551} -> Keine Datei <==== ACHTUNG
Task: {A252F268-C7A4-4D31-A02A-01313845B979} - \{6654E48F-0F72-403A-A2D3-22F84DE6DC43} -> Keine Datei <==== ACHTUNG
Task: {AAE6A730-1FD5-49F5-B490-24D0FB6DF6B9} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {BD523089-A475-47B5-868E-191D7A91078C} - \Convertor -> Keine Datei <==== ACHTUNG
Task: {BF4E57C6-DED3-4243-BE72-8BC467A5D265} - \ProPCCleaner_Start -> Keine Datei <==== ACHTUNG
Task: {CAD68D5D-6CFD-45D5-94DC-BB00116DF5AB} - \{25059126-90E9-4B17-9F87-45C87C21A8BF} -> Keine Datei <==== ACHTUNG
Task: {CE157836-4F37-44AF-A43C-C1BA6D1B3BE9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {F65255A3-6739-4815-B76A-B14C22706714} - \ProPCCleaner_Popup -> Keine Datei <==== ACHTUNG
Task: {F9E8E8DD-1416-49B9-A373-234659E52054} - \WinKit -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-03-15 16:54 - 2010-03-15 12:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2015-08-08 15:49 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: uTorrent => "C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{36ABEC21-9DD7-46E8-9301-5D9832FA730E}] => (Allow) D:\fsetup.exe
FirewallRules: [{B3F3A5BB-EBC8-4F98-ACD7-775901BAC504}] => (Allow) D:\fsetup.exe
FirewallRules: [{45A0FD38-AA1C-468C-97A9-BB8D075D1CF0}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B91C244-BFCF-4105-AB92-3105FCC54DEF}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{51262CFC-2B09-43D4-AA0D-7048D55E967D}C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe] => (Allow) C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{785320A8-E069-45C2-BEA7-374E181BB938}C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe] => (Allow) C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe
FirewallRules: [{2E197BAE-B43D-438F-A225-E82C06D05C62}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80CF83D1-137A-4B73-B0E2-B8144DEAE115}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A6619785-6B07-45B6-BBC2-9B727B9A9AB7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6ED4CCE1-D894-44D2-9D21-4E3B18927675}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{E5138510-1DB9-40B3-9EE0-30743DB5D929}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [UDP Query User{2323146B-4C05-4E27-A323-B27BE79F44E4}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{B1A65DDC-92C9-423D-8FFC-E9670DC05F00}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [UDP Query User{22967A10-0D0C-4741-A342-0D83868A3E6E}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [TCP Query User{C880722B-09C0-4217-B3EB-79F56C04E71C}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [UDP Query User{D70ED170-912B-4D1C-99AD-9B12D521857C}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{497EE9BC-A60B-4B3E-A440-60EF3303F308}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{825093BD-0672-4DFF-938D-4C9CA76C24AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F00DF40-888A-4725-93B2-DEB85E8172C9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C6FAD05F-C0A4-4681-942E-39A1F8B9083D}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{731B2CE8-7D4F-47A7-BA4F-9C7A36CDB395}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [{E554F616-7B31-48DD-AAEB-0C8D785A68D0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{3BDA8E10-1023-4CB3-8DB1-D50F57A02816}] => (Allow) LPort=12292
FirewallRules: [{236EB115-21D8-4971-A061-7DEFC05B7B53}] => (Block) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{2931ED1D-5C8F-4A63-AEF6-952E77B61DF7}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{88B894C4-2526-4E62-9024-DFF041C8398C}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{CE079548-37AE-483A-96C3-02CC81C5C7B9}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{2D76FD69-F462-4E1A-8303-BFB313BDE304}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{8DCFE3FA-D354-461D-A2AF-2C2168AFB2D8}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{E46597FF-5C8C-4605-8225-2770D387D793}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{D4AE8432-96A3-4123-B9FA-049AE2C62F2D}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{0FFB9F8A-BE3B-4092-BA84-54AFFD838EB0}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/02/2015 10:06:04 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\xxx\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).
Error: (09/02/2015 10:00:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/02/2015 09:52:38 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\msi.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows-Explorer wurde wegen dieses Fehlers geschlossen.
Programm: Windows-Explorer
Datei: C:\Windows\System32\msi.dll
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3
Error: (09/02/2015 09:52:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7a144
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000035e1
ID des fehlerhaften Prozesses: 0x158
Startzeit der fehlerhaften Anwendung: 0xExplorer.exe0
Pfad der fehlerhaften Anwendung: Explorer.exe1
Pfad des fehlerhaften Moduls: Explorer.exe2
Berichtskennung: Explorer.exe3
Error: (09/02/2015 09:09:24 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\msi.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows-Explorer wurde wegen dieses Fehlers geschlossen.
Programm: Windows-Explorer
Datei: C:\Windows\System32\msi.dll
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3
Error: (09/02/2015 09:09:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7a144
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000035e1
ID des fehlerhaften Prozesses: 0x6e4
Startzeit der fehlerhaften Anwendung: 0xExplorer.exe0
Pfad der fehlerhaften Anwendung: Explorer.exe1
Pfad des fehlerhaften Moduls: Explorer.exe2
Berichtskennung: Explorer.exe3
Error: (09/02/2015 09:07:15 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\msi.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows-Explorer wurde wegen dieses Fehlers geschlossen.
Programm: Windows-Explorer
Datei: C:\Windows\System32\msi.dll
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3
Error: (09/02/2015 09:07:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7a144
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000035e1
ID des fehlerhaften Prozesses: 0x5d4
Startzeit der fehlerhaften Anwendung: 0xExplorer.exe0
Pfad der fehlerhaften Anwendung: Explorer.exe1
Pfad des fehlerhaften Moduls: Explorer.exe2
Berichtskennung: Explorer.exe3
Error: (09/02/2015 09:06:06 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\msi.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Windows-Explorer wurde wegen dieses Fehlers geschlossen.
Programm: Windows-Explorer
Datei: C:\Windows\System32\msi.dll
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3
Error: (09/02/2015 09:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7a144
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000006
Fehleroffset: 0x00000000000035e1
ID des fehlerhaften Prozesses: 0x564
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Systemfehler:
=============
Error: (09/02/2015 10:11:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:11:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:11:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:11:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:11:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:11:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:09:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:09:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:09:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/02/2015 10:06:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office:
=========================
Error: (09/02/2015 10:06:04 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\xxx\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"JRT Pre-Junkware Removal0x8007043c
Error: (09/02/2015 10:00:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/02/2015 09:52:38 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\msi.dllWindows-ExplorerC00001853
Error: (09/02/2015 09:52:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.exe6.1.7601.175144ce7a144msvcrt.dll7.0.7601.177444eeb033fc000000600000000000035e115801d0e5b2fbbbae0bC:\Windows\Explorer.exeC:\Windows\system32\msvcrt.dll2955f00f-51ac-11e5-a04a-120014b75867
Error: (09/02/2015 09:09:24 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\msi.dllWindows-ExplorerC00001853
Error: (09/02/2015 09:09:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.exe6.1.7601.175144ce7a144msvcrt.dll7.0.7601.177444eeb033fc000000600000000000035e16e401d0e5b2b25c2379C:\Windows\Explorer.exeC:\Windows\system32\msvcrt.dll1ef40e00-51a6-11e5-a04a-120014b75867
Error: (09/02/2015 09:07:15 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\msi.dllWindows-ExplorerC00001853
Error: (09/02/2015 09:07:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.exe6.1.7601.175144ce7a144msvcrt.dll7.0.7601.177444eeb033fc000000600000000000035e15d401d0e5b272a36d43C:\Windows\Explorer.exeC:\Windows\system32\msvcrt.dlld2346fea-51a5-11e5-a04a-120014b75867
Error: (09/02/2015 09:06:06 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\msi.dllWindows-ExplorerC00001853
Error: (09/02/2015 09:06:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175144ce7a144msvcrt.dll7.0.7601.177444eeb033fc000000600000000000035e156401d0e5b0817f7af2C:\Windows\Explorer.EXEC:\Windows\system32\msvcrt.dlla964f858-51a5-11e5-a04a-120014b75867
CodeIntegrity:
===================================
Date: 2015-09-01 19:59:56.560
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-09-01 19:59:56.544
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-08-29 02:11:15.495
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-29 02:10:54.033
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-29 02:09:09.592
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sfc_os.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-29 02:08:56.022
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 8154.8 MB
Verfügbarer physikalischer RAM: 6788.78 MB
Summe virtueller Speicher: 16307.79 MB
Verfügbarer virtueller Speicher: 14994.38 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:590.21 GB) NTFS
Drive z: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0167643A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
03.09.2015, 18:14
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild AdwCleaner nochmal, diesmal auch löschen lassen ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.09.2015, 20:21
| #11 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild guten abend pc laeuft wesentlich stabiler bereits...VIELEN DANK SCHONMAL!!!!! habe zu erst den eset scanner laufen lassen dann den adwcleaner...hier die log files:ADWCLEANER LOG: Code:
ATTFilter # AdwCleaner v5.005 - Bericht erstellt am 03/09/2015 um 19:33:22
# Aktualisiert am 31/08/2015 von Xplode
# Datenbank : 2015-08-31.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : xxx - XXX
# Gestartet von : C:\Users\xxx\Desktop\AdwCleaner_5.005.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S23].txt - [602 Bytes] ##########
Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll.vir Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\RN32.dll.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPtool64.exe.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32.dll.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64.dll.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll.vir Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir Variante von Win32/Conduit.SearchProtect.Y evtl. unerwünschte Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\Call of Duty Modern Warfare 3\multi-player.exe Variante von Win32/Packed.VMProtect.ABO Trojaner gelöscht - in Quarantäne kopiert
C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\COD-MW3_update_2.7.3.7_V2.exe Variante von Win32/Packed.VMProtect.ABO Trojaner gelöscht - in Quarantäne kopiert
C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\cclient_2.7.3.7\TeknoMW3.dll Variante von Win32/Packed.VMProtect.ABO Trojaner Gesäubert durch Löschen - in Quarantäne kopiert
C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^\TEKNOMW3FILES\client_2.7.3.7\TeknoMW3.dll Variante von Win32/Packed.VMProtect.ABO Trojaner Gesäubert durch Löschen - in Quarantäne kopiert
Code:
ATTFilter Results of screen317's Security Check version 1.008
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Kaspersky Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 51
JavaScript Tooling
Visual Studio Extensions for Windows Library for JavaScript
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.209
Adobe Reader XI
Mozilla Firefox (40.0.3)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
durchgeführt von xxx (Administrator) auf XXX (03-09-2015 19:41:02)
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867984 2011-12-22] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [bdruninstaller] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"setupdownloader.exe" /args:"/token:64b /after_restart"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\Run: [uTorrent] => "C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6EF27CF9-2594-4B68-8B80-9276E723E19E}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8541C6AF-41FF-4C87-A65C-38721CCEE50C}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FD42EE94-C8AB-4635-97A2-B585F803CAB0}: [DhcpNameServer] 193.189.244.206 193.189.244.225
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-08] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-08] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-08-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-08-10] ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [Keine Datei]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-29] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com [2015-08-08] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com [2015-08-30] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-08-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-12-18] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-12-18] (Apple Inc.)
FF Extension: YouTube Unblocker - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\youtubeunblocker@unblocker.yt [2015-08-06]
FF Extension: Flashblock - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2015-08-05]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\adblockpopups@jessehakanen.net.xpi [2015-08-19]
FF Extension: Ghostery - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\firefox@ghostery.com.xpi [2015-08-08]
FF Extension: Stop YouTube Autoplay - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\jid0-Pm0nbsggUvL00CBoW6YwCaqv8bk@jetpack.xpi [2015-08-17]
FF Extension: NoScript - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-08]
FF Extension: Adblock Plus - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\ks5t7hh7.default-1435098893833\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-24]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\url_advisor@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\anti_banner@kaspersky.com [2015-08-08]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com [2015-08-08]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-08-30] (SurfRight B.V.)
S2 i2p; C:\Program Files (x86)\i2p\I2Psvc.exe [389632 2015-08-11] (Tanuki Software, Ltd.) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2015-08-04] (The OpenVPN Project)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-06-20] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-08-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-08-08] (Kaspersky Lab ZAO)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-08-08] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
S1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2011-12-22] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-07-09] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-07-09] (Oracle Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S2 uxstyle; \??\C:\Windows\system32\Drivers\uxstyle.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-03 19:41 - 2015-09-03 19:41 - 00019136 _____ C:\Users\xxx\Desktop\FRST.txt
2015-09-03 19:19 - 2015-09-03 19:19 - 00852704 _____ C:\Users\xxx\Desktop\SecurityCheck.exe
2015-09-03 19:01 - 2015-09-03 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-03 14:11 - 2015-09-03 14:11 - 00006742 _____ C:\Users\xxx\Desktop\eset.txt
2015-09-03 11:52 - 2015-09-03 11:52 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-02 23:46 - 2015-09-02 23:46 - 00002486 _____ C:\Users\xxx\Desktop\mbam-log-2015-09-02 (23-38-40).xml
2015-09-02 23:37 - 2015-09-02 23:37 - 00000669 _____ C:\Users\xxx\Desktop\JRT.txt
2015-09-02 23:24 - 2015-09-02 23:25 - 00000000 ____D C:\Users\xxx\Desktop\2
2015-09-02 22:11 - 2015-09-02 22:11 - 00000000 ____D C:\Users\xxx\Desktop\FRST-OlderVersion
2015-09-02 22:05 - 2015-09-02 22:05 - 01799392 _____ (Malwarebytes Corporation) C:\Users\xxx\Downloads\JRT(1).exe
2015-09-02 22:05 - 2015-09-02 22:05 - 01799392 _____ (Malwarebytes Corporation) C:\Users\xxx\Desktop\JRT(1).exe
2015-09-02 21:17 - 2015-09-02 21:18 - 01654272 _____ C:\Users\xxx\Desktop\AdwCleaner_5.005.exe
2015-09-02 21:11 - 2015-09-03 17:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-02 21:11 - 2015-09-02 21:11 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-02 21:11 - 2015-09-02 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-02 21:11 - 2015-09-02 21:11 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-02 21:11 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-02 21:11 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-02 21:11 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-02 21:00 - 2015-09-02 21:02 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\xxx\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-01 20:32 - 2015-09-01 20:32 - 00030733 _____ C:\ComboFix.txt
2015-09-01 19:51 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-01 19:51 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-01 19:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-01 19:51 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-01 19:42 - 2015-09-01 20:32 - 00000000 ____D C:\Qoobox
2015-09-01 19:42 - 2015-09-01 20:31 - 00000000 ____D C:\Windows\erdnt
2015-09-01 19:23 - 2015-09-01 19:23 - 05635829 _____ (Swearware) C:\Users\xxx\Downloads\ComboFix(1).exe
2015-09-01 19:22 - 2015-09-01 19:22 - 05635829 ____R (Swearware) C:\Users\xxx\Desktop\ComboFix.exe
2015-09-01 10:11 - 2015-09-01 10:11 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\xxx\Desktop\tdsskiller.exe
2015-09-01 09:58 - 2015-09-01 10:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-01 09:56 - 2015-09-01 10:52 - 00000000 ____D C:\Users\xxx\Desktop\mbar
2015-09-01 09:55 - 2015-09-01 09:55 - 16563304 _____ (Malwarebytes Corp.) C:\Users\xxx\Desktop\mbar-1.09.2.1008.exe
2015-09-01 03:29 - 2015-09-03 18:45 - 00000000 ____D C:\Users\xxx\Desktop\1
2015-09-01 02:38 - 2015-09-01 02:38 - 00000000 ____D C:\ProgramData\Hotspot Shield
2015-09-01 00:56 - 2015-09-01 00:43 - 01799392 _____ (Malwarebytes Corporation) C:\Users\xxx\Desktop\JRT.exe
2015-09-01 00:51 - 2015-09-01 00:55 - 01798640 _____ (Malwarebytes Corporation) C:\Users\xxx\Downloads\JRT.exe
2015-08-31 23:27 - 2015-09-01 00:17 - 00113536 _____ C:\tb.txt
2015-08-31 03:21 - 2015-09-03 19:41 - 00000000 ____D C:\FRST
2015-08-31 03:07 - 2015-08-31 03:07 - 00000000 _____ C:\Users\xxx\defogger_reenable
2015-08-31 02:25 - 2015-08-31 02:25 - 00380416 _____ C:\Users\xxx\Desktop\9ie9fcez.exe
2015-08-31 02:22 - 2015-09-02 22:11 - 02188800 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2015-08-31 02:15 - 2015-08-31 02:15 - 00050477 _____ C:\Users\xxx\Desktop\Defogger.exe
2015-08-31 01:47 - 2015-08-31 01:47 - 02870984 _____ (ESET) C:\Users\xxx\Desktop\esetsmartinstaller_deu.exe
2015-08-31 00:17 - 2015-08-31 00:17 - 00003360 ____N C:\bootsqm.dat
2015-08-30 23:20 - 2015-08-30 23:20 - 00008754 _____ C:\HitmanPro_20150830_2320.log
2015-08-30 21:55 - 2015-08-30 23:19 - 00000640 _____ C:\Windows\system32\.crusader
2015-08-30 21:44 - 2015-08-30 21:44 - 00001905 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-08-30 21:44 - 2015-08-30 21:44 - 00000000 ____D C:\Program Files\HitmanPro
2015-08-30 21:41 - 2015-08-30 21:43 - 11352032 _____ (SurfRight B.V.) C:\Users\xxx\Downloads\HitmanPro_x64.exe
2015-08-30 21:40 - 2015-08-30 21:56 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-30 19:22 - 2015-08-30 19:22 - 00299544 _____ C:\Windows\Minidump\083015-20280-01.dmp
2015-08-29 01:34 - 2015-08-29 01:34 - 00332344 _____ C:\Windows\Minidump\082915-32900-01.dmp
2015-08-29 01:33 - 2015-08-30 19:22 - 487727759 _____ C:\Windows\MEMORY.DMP
2015-08-28 23:21 - 2015-08-29 00:38 - 00000000 ____D C:\Users\xxx\Downloads\MW3 ChromatiX
2015-08-27 23:12 - 2015-08-27 23:12 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2B0C5369.sys
2015-08-25 23:16 - 2015-08-25 23:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\61973A00.sys
2015-08-20 01:32 - 2015-08-20 01:33 - 00000000 ____D C:\Users\xxx\Desktop\Games
2015-08-19 22:03 - 2015-08-19 22:03 - 00000218 _____ C:\Users\xxx\AppData\Local\recently-used.xbel
2015-08-19 18:04 - 2015-08-19 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2015-08-19 18:02 - 2015-08-19 18:02 - 00000000 ____D C:\Program Files (x86)\Aspyr
2015-08-19 11:52 - 2015-08-19 11:52 - 00003236 _____ C:\Windows\System32\Tasks\LoudProof
2015-08-19 11:22 - 2015-08-26 23:07 - 00000000 ____D C:\Users\xxx\AppData\Local\NFS Underground 2
2015-08-19 11:17 - 2015-08-19 11:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-08-19 11:15 - 2015-08-19 11:15 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2015-08-19 11:07 - 2015-08-31 01:05 - 00000000 ____D C:\Users\xxx\Downloads\nfsu2
2015-08-19 02:14 - 2015-08-19 02:14 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2015-08-19 01:53 - 2015-08-19 11:22 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-19 01:49 - 2015-08-19 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-08-19 01:49 - 2015-08-19 01:49 - 00000000 ____D C:\Program Files (x86)\Activision
2015-08-19 01:44 - 2015-08-19 01:44 - 00000000 ____D C:\ProgramData\Steam
2015-08-19 01:39 - 2015-08-19 17:50 - 00000000 ____D C:\Program Files (x86)\Age of Empires II HD The Forgotten
2015-08-18 19:46 - 2015-08-18 19:47 - 65444688 _____ (Microsoft Corporation) C:\Users\xxx\Downloads\NDP46-KB3045557-x86-x64-AllOS-ENU.exe
2015-08-18 19:43 - 2015-08-18 20:01 - 00037993 _____ C:\Users\xxx\Documents\Unbenannt1.cpp
2015-08-18 16:31 - 2015-08-18 16:31 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Dev-Cpp
2015-08-18 13:17 - 2015-08-18 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
2015-08-18 13:16 - 2015-08-18 13:16 - 00000000 ____D C:\Users\xxx\Desktop\Dev-Cpp
2015-08-13 10:08 - 2015-08-13 22:35 - 00003234 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-08-13 06:11 - 2015-08-13 06:11 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\0CCB001E.sys
2015-08-13 05:59 - 2015-08-13 05:59 - 00000000 ____D C:\Users\xxx\Downloads\7tsp_Vs_se7en_Pack
2015-08-13 05:46 - 2015-08-13 06:06 - 00000000 ____D C:\Windows\system32\Taskman
2015-08-13 04:36 - 2015-08-13 04:36 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Windows SideBar
2015-08-13 04:31 - 2015-08-13 05:07 - 00000000 ____D C:\Gadgets
2015-08-13 03:55 - 2015-08-19 10:50 - 00003902 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8E1BA6FC-3CD5-40FE-A806-F7D9A8078D70}
2015-08-13 00:04 - 2015-08-13 03:34 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\22116713.sys
2015-08-12 17:02 - 2015-08-12 17:02 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7ED024B6.sys
2015-08-12 17:00 - 2015-08-12 17:00 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\1B282295.sys
2015-08-12 16:13 - 2015-08-12 16:13 - 00000000 ____D C:\Windows\SysWOW64\Hotspot Shield
2015-08-12 16:10 - 2015-08-12 16:10 - 00262144 _____ C:\Windows\system32\config\elam
2015-08-11 10:28 - 2015-09-03 16:42 - 00003642 _____ C:\Windows\setupact.log
2015-08-11 10:28 - 2015-08-11 10:28 - 00000000 _____ C:\Windows\setuperr.log
2015-08-11 10:27 - 2015-09-02 21:58 - 00068158 _____ C:\Windows\PFRO.log
2015-08-11 03:22 - 2015-08-11 03:22 - 00032178 _____ C:\Users\xxx\Documents\cc_20150811_032249.reg
2015-08-11 02:34 - 2015-08-11 02:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I2P
2015-08-11 01:30 - 2015-09-03 16:30 - 00000000 ____D C:\ProgramData\i2p
2015-08-11 01:18 - 2015-08-30 19:26 - 00000000 ____D C:\Program Files (x86)\i2p
2015-08-11 01:18 - 2015-08-11 01:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I2P
2015-08-10 23:03 - 2015-08-11 03:18 - 00000000 ____D C:\Program Files (x86)\Tor Browser
2015-08-10 22:40 - 2015-08-10 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-08-10 22:40 - 2015-08-10 22:41 - 00000000 ____D C:\Program Files\OpenVPN
2015-08-10 15:21 - 2015-08-10 15:21 - 04072200 _____ C:\Users\xxx\Downloads\TeknoMW3_ServerTool_1.5.8_ServerMonitor_1.1.exe
2015-08-10 12:21 - 2015-08-10 12:21 - 00000000 ____D C:\Users\xxx\AppData\Local\IsolatedStorage
2015-08-09 02:01 - 2015-08-11 04:54 - 00000000 ____D C:\Users\xxx\.zenmap
2015-08-09 02:00 - 2015-08-09 02:00 - 00000000 ____D C:\Program Files\WinPcap
2015-08-09 01:59 - 2015-08-09 02:01 - 00000000 ____D C:\Program Files (x86)\Nmap
2015-08-09 01:58 - 2015-08-19 01:37 - 00000000 ____D C:\Users\xxx\AppData\Roaming\inkscape
2015-08-08 23:13 - 2015-08-08 23:13 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2015-08-08 23:09 - 2015-08-08 23:13 - 00000000 ____D C:\Program Files (x86)\Inkscape
2015-08-08 17:57 - 2015-08-08 17:57 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6A4515E8.sys
2015-08-08 16:42 - 2015-08-08 16:42 - 00000000 ____D C:\Program Files (x86)\Stardock
2015-08-08 16:15 - 2015-08-08 16:15 - 00000000 ____D C:\ProgramData\Stardock
2015-08-08 16:02 - 2015-08-08 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2015-08-08 16:02 - 2015-08-08 16:02 - 00000000 ____D C:\Users\xxx\AppData\Local\Stardock
2015-08-08 16:02 - 2015-08-08 16:02 - 00000000 ____D C:\Users\Public\Documents\Stardock
2015-08-08 15:43 - 2015-08-08 15:43 - 00000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2015-08-08 15:33 - 2015-08-08 15:33 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Purposeful Advice
2015-08-08 15:21 - 2015-08-08 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-08-08 15:20 - 2015-09-03 00:38 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-08 15:20 - 2015-08-08 15:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-08-08 15:20 - 2015-08-08 15:20 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-08-08 15:20 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-08-08 15:19 - 2015-08-08 15:55 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-08-08 15:19 - 2015-08-08 15:55 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-08-08 15:19 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-08-07 12:49 - 2015-08-07 13:35 - 00000000 ____D C:\Users\xxx\Documents\VirtualDJ
2015-08-07 12:49 - 2015-08-07 12:49 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-08-07 12:49 - 2015-08-07 12:49 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2015-08-04 17:16 - 2015-08-04 17:16 - 00000000 ____D C:\Users\xxx\AppData\Roaming\IrfanView
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-03 19:33 - 2015-06-21 18:51 - 00000000 ____D C:\AdwCleaner
2015-09-03 19:01 - 2013-03-15 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-03 17:52 - 2013-02-27 00:40 - 01500966 _____ C:\Windows\WindowsUpdate.log
2015-09-03 17:51 - 2015-06-20 11:53 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2015-09-03 16:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-03 00:12 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-03 00:12 - 2009-07-14 06:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-01 20:30 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-01 20:00 - 2009-07-14 04:34 - 94371840 _____ C:\Windows\system32\config\software.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 36962304 _____ C:\Windows\system32\config\system.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 04718592 _____ C:\Windows\system32\config\default.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-09-01 20:00 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2015-09-01 02:07 - 2009-07-14 06:45 - 00012288 _____ C:\Windows\system32\umstartup.etl
2015-08-31 03:48 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-31 03:10 - 2015-04-19 14:20 - 00000554 _____ C:\Users\xxx\AppData\Roaming\a55CxS51lp6oDbN
2015-08-31 03:07 - 2015-06-19 01:57 - 00000000 ____D C:\Users\xxx
2015-08-31 01:14 - 2015-06-19 21:46 - 00000000 ___RD C:\Users\xxx\Desktop\Stuff
2015-08-31 01:07 - 2015-06-20 16:40 - 00000000 ____D C:\Users\xxx\Downloads\Call of Duty Modern Warfare 3 full multiplayer + SP ^^nosTEAM^^
2015-08-30 19:22 - 2015-07-18 20:02 - 00000000 ____D C:\Windows\Minidump
2015-08-30 13:54 - 2015-07-14 20:56 - 00000000 ____D C:\Users\xxx\.VirtualBox
2015-08-29 06:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-29 03:56 - 2015-07-15 03:42 - 00000000 ____D C:\Program Files (x86)\7tsp
2015-08-29 03:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Cursors
2015-08-29 03:12 - 2013-04-25 20:08 - 00000000 ____D C:\ProgramData\Skype
2015-08-26 20:40 - 2015-06-20 00:55 - 00000000 ____D C:\Users\xxx\AppData\Local\TeknoGods
2015-08-26 02:56 - 2011-04-12 09:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-08-26 02:56 - 2011-04-12 09:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-08-26 02:56 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 12:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-08-19 17:21 - 2015-06-19 01:58 - 00001421 _____ C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-18 19:57 - 2014-01-04 12:35 - 01594892 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-18 19:47 - 2015-07-13 18:34 - 00000000 ____D C:\Users\xxx\Documents\Visual Studio 2013
2015-08-13 22:33 - 2009-07-14 06:45 - 04875472 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 05:37 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-08-13 05:37 - 2009-07-14 01:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-08-13 05:37 - 2009-07-14 01:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2015-08-13 04:47 - 2015-06-21 05:23 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2015-08-10 23:21 - 2015-06-19 01:57 - 00000000 ____D C:\Users\xxx\AppData\Local\VirtualStore
2015-08-10 01:41 - 2015-06-20 07:22 - 00000000 ____D C:\Users\xxx\AppData\Local\Adobe
2015-08-10 01:41 - 2013-04-25 19:58 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-10 01:41 - 2013-04-25 19:58 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:06 - 2015-07-14 00:48 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-08-07 12:57 - 2015-06-20 23:34 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPUCooL
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-19 14:20 - 2015-08-31 03:10 - 0000554 _____ () C:\Users\xxx\AppData\Roaming\a55CxS51lp6oDbN
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Sci-Fi
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Screen Saver
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\Users\xxx\AppData\Roaming\Screen Savers
2015-08-19 22:03 - 2015-08-19 22:03 - 0000218 _____ () C:\Users\xxx\AppData\Local\recently-used.xbel
2015-06-21 13:09 - 2015-06-21 13:09 - 0007605 _____ () C:\Users\xxx\AppData\Local\Resmon.ResmonCfg
2015-06-21 05:23 - 2015-06-21 05:23 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2015-06-21 05:23 - 2015-08-13 04:47 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-06-21 05:23 - 2015-06-21 05:23 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\ProgramData\SingleFiles
2015-06-21 05:23 - 2015-06-21 05:23 - 0000268 ___RH () C:\ProgramData\Smooth Strings
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-04 02:09
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von xxx (2015-09-03 19:42:08)
Gestartet von C:\Users\xxx\Desktop
Start-Modus: Safe Mode (with Networking)
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3674743092-987190976-2435912599-500 - Administrator - Disabled)
Gast (S-1-5-21-3674743092-987190976-2435912599-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3674743092-987190976-2435912599-1004 - Limited - Enabled)
xxx (S-1-5-21-3674743092-987190976-2435912599-1003 - Administrator - Enabled) => C:\Users\xxx
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3674743092-987190976-2435912599-1003\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Age of Empires II HD The Forgotten (HKLM-x32\...\QWdlb2ZFbXBpcmVzSUlIRFRoZUZvcmdvdHRlbg==_is1) (Version: 1 - )
AMD Catalyst Install Manager (HKLM\...\{F856881A-D370-B1A7-2AFF-128F4AA93558}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.12.13 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version: - )
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
IsoBuster 3.6 (HKLM-x32\...\IsoBuster_is1) (Version: 3.6 - Smart Projects)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Kaspersky Internet Security Technical Preview (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security Technical Preview (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Mac OS X Cursors (HKLM-x32\...\48AEB547-6B1C-4CFC-957B-E11C22C8A25F) (Version: 1.1 - www.46palermo.com)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.1.3 (HKLM-x32\...\{DE46417A-9E9E-4BCD-BBDD-DA21943193BB}_is1) (Version: 1.1.3 - )
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nmap 6.49BETA4 (HKLM-x32\...\Nmap) (Version: - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.8-I601 (HKLM\...\OpenVPN) (Version: 2.3.8-I601 - )
Oracle VM VirtualBox 5.0.0 (HKLM\...\{FCD0B365-2189-45F3-9AF2-2BCED86C121A}) (Version: 5.0.0 - Oracle Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Premium Sound HD (HKLM\...\{439A73C2-8CFA-4630-8484-36BCA2AEBB0A}) (Version: 1.12.0300 - SRS Labs, Inc.)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RawTherapee Version 4.1 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.1 - rawtherapee.com)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7601.39013 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Stardock CursorFX (HKLM-x32\...\CursorFX) (Version: 2.16 - Stardock Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.39.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
Tony Hawk's Pro Skater 2 (HKLM-x32\...\Activision_THPS2UninstallKey) (Version: - )
Tony Hawks Pro Skater 4 (HKLM-x32\...\{E0F07676-2C60-4465-A727-20DE3BFCABAC}) (Version: 1.00.0000 - Aspyr Media)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.8 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VirtualDJ 8 (HKLM-x32\...\{F7A68F9D-BBF0-48FF-B138-2EFB5165638C}) (Version: 8.0.2048.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-09-01 20:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0BE85537-5689-4DEC-A3DC-38D5103862F5} - System32\Tasks\LoudProof => c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}\gamesetup.exe <==== ACHTUNG
Task: {1866A771-138D-42A2-A49E-75E52E7A73E2} - \Winsta Update -> Keine Datei <==== ACHTUNG
Task: {1EFEA92F-7139-4B35-90E8-A70F424EE846} - \avabvbavad -> Keine Datei <==== ACHTUNG
Task: {22479C06-B56A-465A-85A8-2023774CA229} - \AdobeAAMUpdater-1.0-Toshiba-xxx -> Keine Datei <==== ACHTUNG
Task: {3A062199-CB44-413C-8C4D-3B2D460E9169} - \DFOZSNJILP -> Keine Datei <==== ACHTUNG
Task: {43CDEEEB-2B15-4B93-A047-D0E04BEFB0D2} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {54A49564-469B-42CD-A0B6-D40B54CA3262} - \{F05C6774-D1E3-400A-BF54-41B6C72D18A2} -> Keine Datei <==== ACHTUNG
Task: {6B4F8AD2-B802-4DD1-B75C-64B14A7F8AA3} - \{FE848F92-98FB-4AE7-8ACF-723F8C49ACFA} -> Keine Datei <==== ACHTUNG
Task: {80B64C67-A468-4821-9528-DBCA0ED3D8E9} - \AlcoProof -> Keine Datei <==== ACHTUNG
Task: {92C91CDB-6A66-4AB3-A6C0-7469F499F2A5} - \{4F923200-1F8D-4530-B555-4126DD1B7551} -> Keine Datei <==== ACHTUNG
Task: {A252F268-C7A4-4D31-A02A-01313845B979} - \{6654E48F-0F72-403A-A2D3-22F84DE6DC43} -> Keine Datei <==== ACHTUNG
Task: {AAE6A730-1FD5-49F5-B490-24D0FB6DF6B9} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {BD523089-A475-47B5-868E-191D7A91078C} - \Convertor -> Keine Datei <==== ACHTUNG
Task: {BF4E57C6-DED3-4243-BE72-8BC467A5D265} - \ProPCCleaner_Start -> Keine Datei <==== ACHTUNG
Task: {CAD68D5D-6CFD-45D5-94DC-BB00116DF5AB} - \{25059126-90E9-4B17-9F87-45C87C21A8BF} -> Keine Datei <==== ACHTUNG
Task: {CE157836-4F37-44AF-A43C-C1BA6D1B3BE9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {F65255A3-6739-4815-B76A-B14C22706714} - \ProPCCleaner_Popup -> Keine Datei <==== ACHTUNG
Task: {F9E8E8DD-1416-49B9-A373-234659E52054} - \WinKit -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-03-15 16:54 - 2010-03-15 12:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2015-08-08 15:49 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security Technical Preview 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3674743092-987190976-2435912599-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: uTorrent => "C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{36ABEC21-9DD7-46E8-9301-5D9832FA730E}] => (Allow) D:\fsetup.exe
FirewallRules: [{B3F3A5BB-EBC8-4F98-ACD7-775901BAC504}] => (Allow) D:\fsetup.exe
FirewallRules: [{45A0FD38-AA1C-468C-97A9-BB8D075D1CF0}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4B91C244-BFCF-4105-AB92-3105FCC54DEF}] => (Allow) C:\Users\xxx\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{51262CFC-2B09-43D4-AA0D-7048D55E967D}C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe] => (Allow) C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{785320A8-E069-45C2-BEA7-374E181BB938}C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe] => (Allow) C:\users\xxx\downloads\call of duty 4 modern warfare pc game mp+sp ^^nosteam^^\cod 4 mw nosteam\call of duty modern warfare\iw3mp.exe
FirewallRules: [{2E197BAE-B43D-438F-A225-E82C06D05C62}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{80CF83D1-137A-4B73-B0E2-B8144DEAE115}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A6619785-6B07-45B6-BBC2-9B727B9A9AB7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6ED4CCE1-D894-44D2-9D21-4E3B18927675}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{E5138510-1DB9-40B3-9EE0-30743DB5D929}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [UDP Query User{2323146B-4C05-4E27-A323-B27BE79F44E4}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [TCP Query User{B1A65DDC-92C9-423D-8FFC-E9670DC05F00}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [UDP Query User{22967A10-0D0C-4741-A342-0D83868A3E6E}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [TCP Query User{C880722B-09C0-4217-B3EB-79F56C04E71C}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [UDP Query User{D70ED170-912B-4D1C-99AD-9B12D521857C}C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe] => (Allow) C:\users\xxx\downloads\call of duty modern warfare 3 full multiplayer + sp ^^nosteam^^\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{497EE9BC-A60B-4B3E-A440-60EF3303F308}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{825093BD-0672-4DFF-938D-4C9CA76C24AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F00DF40-888A-4725-93B2-DEB85E8172C9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C6FAD05F-C0A4-4681-942E-39A1F8B9083D}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
FirewallRules: [{731B2CE8-7D4F-47A7-BA4F-9C7A36CDB395}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Illustrator CS6\Support Files\Contents\Windows\Illustrator.exe
FirewallRules: [{E554F616-7B31-48DD-AAEB-0C8D785A68D0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{3BDA8E10-1023-4CB3-8DB1-D50F57A02816}] => (Allow) LPort=12292
FirewallRules: [{236EB115-21D8-4971-A061-7DEFC05B7B53}] => (Block) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{2931ED1D-5C8F-4A63-AEF6-952E77B61DF7}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{88B894C4-2526-4E62-9024-DFF041C8398C}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{CE079548-37AE-483A-96C3-02CC81C5C7B9}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{2D76FD69-F462-4E1A-8303-BFB313BDE304}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{8DCFE3FA-D354-461D-A2AF-2C2168AFB2D8}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [UDP Query User{E46597FF-5C8C-4605-8225-2770D387D793}C:\program files (x86)\java\jre1.8.0_51\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{D4AE8432-96A3-4123-B9FA-049AE2C62F2D}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
FirewallRules: [{0FFB9F8A-BE3B-4092-BA84-54AFFD838EB0}] => (Block) C:\program files (x86)\java\jre1.8.0_51\bin\java.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/03/2015 06:43:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2015 06:42:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/03/2015 05:55:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2015 05:53:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/03/2015 04:41:12 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F1728487-CD0A-4A98-9EDF-C24D06C53CC7}\mpengine.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F1728487-CD0A-4A98-9EDF-C24D06C53CC7}\mpengine.dll
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3
Error: (09/03/2015 04:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_WinDefend, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb164a
Ausnahmecode: 0xc0000006
Fehleroffset: 0x0000000000018f75
ID des fehlerhaften Prozesses: 0x8b8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_WinDefend0
Pfad der fehlerhaften Anwendung: svchost.exe_WinDefend1
Pfad des fehlerhaften Moduls: svchost.exe_WinDefend2
Berichtskennung: svchost.exe_WinDefend3
Error: (09/03/2015 04:41:07 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\Prefetch\AgRobust.db" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\Prefetch\AgRobust.db
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3
Error: (09/03/2015 04:41:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_SysMain, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: sysmain.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9db
Ausnahmecode: 0xc0000006
Fehleroffset: 0x000000000001f17b
ID des fehlerhaften Prozesses: 0x2a8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_SysMain0
Pfad der fehlerhaften Anwendung: svchost.exe_SysMain1
Pfad des fehlerhaften Moduls: svchost.exe_SysMain2
Berichtskennung: svchost.exe_SysMain3
Error: (09/03/2015 04:38:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2015 01:49:29 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "C:\Windows\System32\diagperf.dll" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Hostprozess für Windows-Dienste wurde wegen dieses Fehlers geschlossen.
Programm: Hostprozess für Windows-Dienste
Datei: C:\Windows\System32\diagperf.dll
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: C0000185
Datenträgertyp: 3
Systemfehler:
=============
Error: (09/03/2015 07:41:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:41:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:41:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:40:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/03/2015 07:39:27 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office:
=========================
Error: (09/03/2015 06:43:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2015 06:42:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\xxx\Desktop\esetsmartinstaller_deu.exe
Error: (09/03/2015 05:55:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2015 05:53:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\xxx\Desktop\esetsmartinstaller_deu.exe
Error: (09/03/2015 04:41:12 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F1728487-CD0A-4A98-9EDF-C24D06C53CC7}\mpengine.dllHostprozess für Windows-DiensteC00001853
Error: (09/03/2015 04:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_WinDefend6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.1822951fb164ac00000060000000000018f758b801d0e6551077eefdC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlld21c61b4-5249-11e5-81bf-120014b75867
Error: (09/03/2015 04:41:07 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\Prefetch\AgRobust.dbHostprozess für Windows-DiensteC00001853
Error: (09/03/2015 04:41:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc0000006000000000001f17b2a801d0e6550b3966e2C:\Windows\System32\svchost.exec:\windows\system32\sysmain.dllcf39f774-5249-11e5-81bf-120014b75867
Error: (09/03/2015 04:38:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2015 01:49:29 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: C:\Windows\System32\diagperf.dllHostprozess für Windows-DiensteC00001853
CodeIntegrity:
===================================
Date: 2015-09-01 19:59:56.560
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-09-01 19:59:56.544
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-08-29 02:11:15.495
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-29 02:10:54.033
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-29 02:09:09.592
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sfc_os.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-08-29 02:08:56.022
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\shell32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 8154.8 MB
Verfügbarer physikalischer RAM: 6747.89 MB
Summe virtueller Speicher: 16307.79 MB
Verfügbarer virtueller Speicher: 14961.6 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:590.49 GB) NTFS
Drive z: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0167643A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
moin moin nochmal der rechner laeuft soweit ich das berurteilen kann wieder ...habe alle virenscanner nochmals laufen lassen alle ohne funde !! ICH DANKE DIR !!!! WIE GEHT ES WEITER?^^ |
|
04.09.2015, 17:40
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {0BE85537-5689-4DEC-A3DC-38D5103862F5} - System32\Tasks\LoudProof => c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}\gamesetup.exe <==== ACHTUNG
c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}
Task: {1866A771-138D-42A2-A49E-75E52E7A73E2} - \Winsta Update -> Keine Datei <==== ACHTUNG
Task: {1EFEA92F-7139-4B35-90E8-A70F424EE846} - \avabvbavad -> Keine Datei <==== ACHTUNG
Task: {22479C06-B56A-465A-85A8-2023774CA229} - \AdobeAAMUpdater-1.0-Toshiba-xxx -> Keine Datei <==== ACHTUNG
Task: {3A062199-CB44-413C-8C4D-3B2D460E9169} - \DFOZSNJILP -> Keine Datei <==== ACHTUNG
Task: {43CDEEEB-2B15-4B93-A047-D0E04BEFB0D2} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {54A49564-469B-42CD-A0B6-D40B54CA3262} - \{F05C6774-D1E3-400A-BF54-41B6C72D18A2} -> Keine Datei <==== ACHTUNG
Task: {6B4F8AD2-B802-4DD1-B75C-64B14A7F8AA3} - \{FE848F92-98FB-4AE7-8ACF-723F8C49ACFA} -> Keine Datei <==== ACHTUNG
Task: {80B64C67-A468-4821-9528-DBCA0ED3D8E9} - \AlcoProof -> Keine Datei <==== ACHTUNG
Task: {92C91CDB-6A66-4AB3-A6C0-7469F499F2A5} - \{4F923200-1F8D-4530-B555-4126DD1B7551} -> Keine Datei <==== ACHTUNG
Task: {A252F268-C7A4-4D31-A02A-01313845B979} - \{6654E48F-0F72-403A-A2D3-22F84DE6DC43} -> Keine Datei <==== ACHTUNG
Task: {BD523089-A475-47B5-868E-191D7A91078C} - \Convertor -> Keine Datei <==== ACHTUNG
Task: {BF4E57C6-DED3-4243-BE72-8BC467A5D265} - \ProPCCleaner_Start -> Keine Datei <==== ACHTUNG
Task: {CAD68D5D-6CFD-45D5-94DC-BB00116DF5AB} - \{25059126-90E9-4B17-9F87-45C87C21A8BF} -> Keine Datei <==== ACHTUNG
Task: {CE157836-4F37-44AF-A43C-C1BA6D1B3BE9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {F65255A3-6739-4815-B76A-B14C22706714} - \ProPCCleaner_Popup -> Keine Datei <==== ACHTUNG
Task: {F9E8E8DD-1416-49B9-A373-234659E52054} - \WinKit -> Keine Datei <==== ACHTUNG
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2015, 01:25
| #13 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Moin danke fuer die antwort ! habe verzweifelt gewartet^^ nach dem super anfang gestern wars genau so schnell wieder fast wie vorher ...str alt entf ging / geht nicht im normalen modus sowie herunterfahren & natuerlich wieder fehlermeldung von wegen explorer reagiert nicht...trotzdem vielen dank fuer deine muehen bis jetzt ! ! hier die logs :FIXLOG.TXT: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von xxx (2015-09-05 02:10:52) Run:1
Gestartet von C:\Users\xxx\Desktop
Geladene Profile: xxx (Verfügbare Profile: xxx)
Start-Modus: Safe Mode (with Networking)
==============================================
fixlist Inhalt:
*****************
Task: {0BE85537-5689-4DEC-A3DC-38D5103862F5} - System32\Tasks\LoudProof => c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}\gamesetup.exe <==== ACHTUNG
c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}
Task: {1866A771-138D-42A2-A49E-75E52E7A73E2} - \Winsta Update -> Keine Datei <==== ACHTUNG
Task: {1EFEA92F-7139-4B35-90E8-A70F424EE846} - \avabvbavad -> Keine Datei <==== ACHTUNG
Task: {22479C06-B56A-465A-85A8-2023774CA229} - \AdobeAAMUpdater-1.0-Toshiba-xxx -> Keine Datei <==== ACHTUNG
Task: {3A062199-CB44-413C-8C4D-3B2D460E9169} - \DFOZSNJILP -> Keine Datei <==== ACHTUNG
Task: {43CDEEEB-2B15-4B93-A047-D0E04BEFB0D2} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
Task: {54A49564-469B-42CD-A0B6-D40B54CA3262} - \{F05C6774-D1E3-400A-BF54-41B6C72D18A2} -> Keine Datei <==== ACHTUNG
Task: {6B4F8AD2-B802-4DD1-B75C-64B14A7F8AA3} - \{FE848F92-98FB-4AE7-8ACF-723F8C49ACFA} -> Keine Datei <==== ACHTUNG
Task: {80B64C67-A468-4821-9528-DBCA0ED3D8E9} - \AlcoProof -> Keine Datei <==== ACHTUNG
Task: {92C91CDB-6A66-4AB3-A6C0-7469F499F2A5} - \{4F923200-1F8D-4530-B555-4126DD1B7551} -> Keine Datei <==== ACHTUNG
Task: {A252F268-C7A4-4D31-A02A-01313845B979} - \{6654E48F-0F72-403A-A2D3-22F84DE6DC43} -> Keine Datei <==== ACHTUNG
Task: {BD523089-A475-47B5-868E-191D7A91078C} - \Convertor -> Keine Datei <==== ACHTUNG
Task: {BF4E57C6-DED3-4243-BE72-8BC467A5D265} - \ProPCCleaner_Start -> Keine Datei <==== ACHTUNG
Task: {CAD68D5D-6CFD-45D5-94DC-BB00116DF5AB} - \{25059126-90E9-4B17-9F87-45C87C21A8BF} -> Keine Datei <==== ACHTUNG
Task: {CE157836-4F37-44AF-A43C-C1BA6D1B3BE9} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG
Task: {F65255A3-6739-4815-B76A-B14C22706714} - \ProPCCleaner_Popup -> Keine Datei <==== ACHTUNG
Task: {F9E8E8DD-1416-49B9-A373-234659E52054} - \WinKit -> Keine Datei <==== ACHTUNG
Emptytemp:
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BE85537-5689-4DEC-A3DC-38D5103862F5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BE85537-5689-4DEC-A3DC-38D5103862F5}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\LoudProof => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LoudProof" => Schlüssel erfolgreich entfernt
"c:\programdata\{976ab3cf-d8d2-3e4a-976a-ab3cfd8dcf3f}" => Datei/Ordner nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1866A771-138D-42A2-A49E-75E52E7A73E2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1866A771-138D-42A2-A49E-75E52E7A73E2}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Winsta Update => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EFEA92F-7139-4B35-90E8-A70F424EE846}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EFEA92F-7139-4B35-90E8-A70F424EE846}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avabvbavad => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22479C06-B56A-465A-85A8-2023774CA229}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22479C06-B56A-465A-85A8-2023774CA229}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Toshiba-xxx" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A062199-CB44-413C-8C4D-3B2D460E9169}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A062199-CB44-413C-8C4D-3B2D460E9169}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DFOZSNJILP" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43CDEEEB-2B15-4B93-A047-D0E04BEFB0D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43CDEEEB-2B15-4B93-A047-D0E04BEFB0D2}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54A49564-469B-42CD-A0B6-D40B54CA3262}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54A49564-469B-42CD-A0B6-D40B54CA3262}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F05C6774-D1E3-400A-BF54-41B6C72D18A2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B4F8AD2-B802-4DD1-B75C-64B14A7F8AA3}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B4F8AD2-B802-4DD1-B75C-64B14A7F8AA3}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE848F92-98FB-4AE7-8ACF-723F8C49ACFA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80B64C67-A468-4821-9528-DBCA0ED3D8E9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80B64C67-A468-4821-9528-DBCA0ED3D8E9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AlcoProof" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92C91CDB-6A66-4AB3-A6C0-7469F499F2A5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92C91CDB-6A66-4AB3-A6C0-7469F499F2A5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F923200-1F8D-4530-B555-4126DD1B7551}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A252F268-C7A4-4D31-A02A-01313845B979}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A252F268-C7A4-4D31-A02A-01313845B979}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6654E48F-0F72-403A-A2D3-22F84DE6DC43}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD523089-A475-47B5-868E-191D7A91078C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD523089-A475-47B5-868E-191D7A91078C}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Convertor => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BF4E57C6-DED3-4243-BE72-8BC467A5D265}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF4E57C6-DED3-4243-BE72-8BC467A5D265}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAD68D5D-6CFD-45D5-94DC-BB00116DF5AB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAD68D5D-6CFD-45D5-94DC-BB00116DF5AB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{25059126-90E9-4B17-9F87-45C87C21A8BF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE157836-4F37-44AF-A43C-C1BA6D1B3BE9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE157836-4F37-44AF-A43C-C1BA6D1B3BE9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F65255A3-6739-4815-B76A-B14C22706714}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F65255A3-6739-4815-B76A-B14C22706714}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9E8E8DD-1416-49B9-A373-234659E52054}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9E8E8DD-1416-49B9-A373-234659E52054}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinKit => Schlüssel nicht gefunden.
EmptyTemp: => 494.1 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 02:12:12 ====
Code:
ATTFilter Farbar Service Scanner Version: 26-07-2015
Ran by xxx (administrator) on 05-09-2015 at 02:16:05
Running from "C:\Users\xxx\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Network
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
|
|
05.09.2015, 15:11
| #14 |
| /// the machine /// TB-Ausbilder | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2015, 21:38
| #15 |
| | Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild moin! SFC scannow laeuft nicht ...sonst habe ich das programm 2 mal durchlaufen lassen wie in der anleitung...ich berichte starte jetzt in den normalen modus! Schoenen samstag abend!  |
|
| Themen zu Windows 7: Programme lassen sich nicht oeffnen und oder brauchen ewig, Fehlermeldungen wie microsoft explorer reagiert nicht, schwarzes Bild |
| antivirus, askbar, avp, bildschirm, computer, device driver, dnsapi.dll, downloader, dringend, ebanking, explorer reagiert nicht, flash player, gebraucht, google, helper, homepage, hotspot, iexplore.exe, installation, internet, kaspersky, langsam, lightning, mozilla, programm, registry, schwarzer bildschim, schwarzer bildschirm, security, software, svchost.exe, system, virus, windows, windows7 |
WARNUNG an die MITLESER: 
Linear-Darstellung
