| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.12.2015, 13:42
| #1 |
| |  Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? Liebes Team, seit etwa 3 Tagen habe ich komische Symptome: Bildflimmern sporadisch, Links aus dem Steamchat werden nicht mehr geöffnet beim klicken, das Herunterfahren dauert plötzlich über 2 Minuten, noch ein paar Kleinigkeiten, die ich inzwischen gar nicht mehr weiß. Weder Kaspersky noch Malwarebytes haben beim Suchlauf Funde gemeldet. Ich habe aber einen großen Fehler gemacht, ich habe den ADWCleaner benutzt und einen Fund gelöscht. Es tut mir wirklich leid, ich hab erst geklickt, dann gedacht.  Ein ADWCleaner.log habe ich nicht gefunden. Wirklich, sorry! Deswegen bin ich mir unsicher, ob ich Euch um Hilfe bitten darf, wenn ich keine sicheren Anzeichen habe. Ich mache jedoch auch Online-Banking auf dem Rechner. Also traue ich mich einfach und entschuldige mich jetzt schon ausdrücklich für die Mühe, falls es keine Infektion war! System ist Win 7 64 bit Kaspersky Malwarebytes Funde waren keine, aber Ihr bittet in Eurer Anleitung um schon vorhandene Logs. Ich habe nach der Anleitung auch gleich die anderen Schritte unternommen und poste daher diese Logs mit. Ich hoffe, ich habe alles richtig gemacht: Kaspersky Suchprotokoll Code:
ATTFilter 04.12.2015 08.18.49 Schwachstellensuche Gefundene Bedrohungen: 4, neutralisiert: 0, nicht neutralisiert: 0 Gefunden: 4 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 04.12.2015 06:13 Gesamtdauer: 20 Minuten, 30 Sekunden Ende: 04.12.2015 08:39
03.12.2015 13.00.35 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 03.12.2015 10:37 Gesamtdauer: 14 Minuten, 47 Sekunden Ende: 03.12.2015 13:15
02.12.2015 13.45.31 Vollständige Untersuchung des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 02.12.2015 11:58 Gesamtdauer: 55 Minuten, 49 Sekunden Ende: 02.12.2015 14:41
02.12.2015 13.00.34 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 02.12.2015 09:27 Gesamtdauer: 15 Minuten, 9 Sekunden Ende: 02.12.2015 13:15
02.12.2015 07.58.02 Benutzerdefinierte Untersuchung Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 02.12.2015 04:37 Gesamtdauer: 2 Minuten, 56 Sekunden Ende: 02.12.2015 08:00
01.12.2015 10.35.46 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 01.12.2015 08:08 Gesamtdauer: 14 Minuten, 21 Sekunden Ende: 01.12.2015 10:50
30.11.2015 10.34.55 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 30.11.2015 05:56 Gesamtdauer: 15 Minuten, 30 Sekunden Ende: 30.11.2015 10:50
29.11.2015 15.39.35 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 13:42 Gesamtdauer: 14 Minuten, 53 Sekunden Ende: 29.11.2015 15:54
29.11.2015 14.44.43 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 11:48 Gesamtdauer: 1 Stunde, 9 Minuten Ende: 29.11.2015 15:54
29.11.2015 14.37.43 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 11:48 Gesamtdauer: 1 Stunde, 16 Minuten Ende: 29.11.2015 15:54
29.11.2015 14.25.07 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 11:48 Gesamtdauer: 1 Stunde, 29 Minuten Ende: 29.11.2015 15:54
29.11.2015 13.52.43 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 11:48 Gesamtdauer: 2 Stunden, 1 Minute Ende: 29.11.2015 15:54
29.11.2015 13.38.43 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 11:48 Gesamtdauer: 2 Stunden, 15 Minuten Ende: 29.11.2015 15:54
29.11.2015 13.30.43 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 11:48 Gesamtdauer: 2 Stunden, 23 Minuten Ende: 29.11.2015 15:54
29.11.2015 13.19.35 Untersuchung bei Leerlauf des Computers Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 11:48 Gesamtdauer: 2 Stunden, 34 Minuten Ende: 29.11.2015 15:54
29.11.2015 10.34.43 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 29.11.2015 06:03 Gesamtdauer: 13 Minuten, 41 Sekunden Ende: 29.11.2015 10:48
28.11.2015 10.34.05 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 28.11.2015 07:41 Gesamtdauer: 15 Minuten Ende: 28.11.2015 10:49
27.11.2015 10.33.40 Rootkit-Suche Keine Bedrohungen gefunden Gefunden: 0 Neutralisiert: 0 Nicht untersucht: 0 Datum des letzten Datenbanken-Updates bei Untersuchungsbeginn: 27.11.2015 06:29 Gesamtdauer: 16 Minuten, 10 Sekunden Ende: 27.11.2015 10:49
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.12.2015 Suchlaufzeit: 01:51 Protokolldatei: MalwarebytesSuchprotokoll.txt Administrator: Nein Version: 2.2.0.1024 Malware-Datenbank: v2015.11.30.06 Rootkit-Datenbank: v2015.11.26.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Aktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Thor Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 293268 Abgelaufene Zeit: 4 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Odin (2015-12-04 12:04:30)
Gestartet von C:\Users\Thor\Desktop\Neuer Ordner\dock1\Sammler
Windows 7 Home Premium Service Pack 1 (X64) (2014-12-30 17:54:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3649451115-1868719750-1943371437-500 - Administrator - Disabled)
Gast (S-1-5-21-3649451115-1868719750-1943371437-501 - Limited - Disabled)
Odin (S-1-5-21-3649451115-1868719750-1943371437-1000 - Administrator - Enabled) => C:\Users\Odin
Thor (S-1-5-21-3649451115-1868719750-1943371437-1001 - Limited - Enabled) => C:\Users\Thor
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
AGEIA PhysX v7.11.13 (HKLM-x32\...\{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}) (Version: 7.11.13 - AGEIA Technologies, Inc.)
AlienFX for IskuFX (HKLM-x32\...\InstallShield_{2C3FC2CC-0A8B-409E-B487-8CD54F4DC1D4}) (Version: 1.02 - Roccat GmbH)
AlienFX for IskuFX (Version: 1.02 - Roccat GmbH) Hidden
Amazon Music (HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\...\Amazon Amazon Music) (Version: 3.11.5.1140 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{AAFD93A0-6522-9FF4-69CF-15B98681681A}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1997352931.48.56.4066674 - Audible, Inc.)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version: - Infinity Ward)
Card Hunter (HKLM-x32\...\Steam App 293260) (Version: - Blue Manchu)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech G930 (HKLM\...\{91C4D79C-3579-48E8-ADFA-8818042AEB73}) (Version: 1.0.364 - Logitech)
Logitech Gaming Software 8.72 (HKLM\...\Logitech Gaming Software) (Version: 8.72.107 - Logitech Inc.)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (HKLM-x32\...\MX.{3DF585C2-BDD1-42F7-84E1-AB6191830E0E}) (Version: 21.0.0.30 - MAGIX Software GmbH)
MAGIX Music Maker 2015 Premium (Version: 21.0.0.30 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Update (Version: 21.0.3.38 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Premium Update (Version: 21.0.4.50 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{AD4A2318-33E8-4E3C-90F5-5E91D0EE8572}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version: - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0013 - Roccat GmbH)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Smart Technology Volume Tracker 7.0.23.0 (HKLM\...\{7C2F1B90-E6E6-4ECF-B626-4545CF6EEB2D}) (Version: 7.0.23.0 - Mad Catz)
Sonic Radar II (HKLM\...\{203BCA8D-BC00-4DD5-85DF-2F84DB803B57}) (Version: 2.1.101 - ASUSTeKcomputer.Inc)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Secret World (HKLM-x32\...\Steam App 215280) (Version: - Funcom)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Vita 2 (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita 2 Zusatzcontent (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Analog Synths (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Celtic Harp (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Drum Engine (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Jazz Drums (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita Urban Drums (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Vita World Flutes (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
19-11-2015 13:31:49 Geplanter Prüfpunkt
28-11-2015 10:30:16 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2015-08-29 12:50 - 00000857 ____A C:\Windows\system32\Drivers\etc\hosts
209.84.0.254 cdn-patch.swtor.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {001E91C7-EA23-4170-886A-87C392039DB7} - System32\Tasks\{158220EC-DD9F-4A33-8484-4637FFAC1D8C} => pcalua.exe -a C:\Users\SWTOR\Downloads\V7_Keyboard_SD7_0_23_0_x64_Drivers.exe -d C:\Users\SWTOR\Downloads
Task: {07E8EEC3-A5D0-432A-8D50-EE1F78475C15} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {1AB16B0B-1824-42EC-9160-C835F27EBB0C} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {2E69E529-B4F0-4ABD-B043-A594881F4764} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {31791710-5DFB-46BA-B7FD-054D26621427} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {49EE13C2-FE82-4A0D-8E89-41BD9B3359FC} - System32\Tasks\hpUtility.exe_{48B666A6-83A0-4346-8F5C-4EEB3C596FA4} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\utils\hpUtility.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {6AC8CC27-2CC4-405B-B9B9-C1B9939B3EE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {97857BE2-7BB8-401C-8839-1A3D84FB703D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {D42113EB-990D-4AB7-BECE-B7F6EE75F2FF} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {EA6929A2-1AE7-4C34-BCC9-2DD9D7EF2FFC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-30 19:20 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2014-12-30 19:23 - 2014-06-18 06:54 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2015-03-12 12:26 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-04 21:22 - 2015-11-18 22:36 - 05890368 _____ () C:\Users\Thor\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-12-04 11:42 - 2015-12-04 11:42 - 00050477 _____ () C:\Users\Thor\Desktop\Neuer Ordner\dock1\Sammler\Defogger.exe
2014-12-30 19:20 - 2015-12-04 11:14 - 00038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2014-12-30 19:20 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3649451115-1868719750-1943371437-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Odin\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Thor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: CsrAudioguiCtrl => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
MSCONFIG\startupreg: CSRHarmonySkypePlugin => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
MSCONFIG\startupreg: CsrHCRPServer => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
MSCONFIG\startupreg: CsrSyncMLServer => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
MSCONFIG\startupreg: HarmonyUserStartup => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
MSCONFIG\startupreg: RoccatIskuFX => "C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe"
MSCONFIG\startupreg: TrayApplication => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
MSCONFIG\startupreg: vksts => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{F39D52D7-B301-42A6-9452-786BCB39759E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8897B95E-18D5-43A7-B023-B8214619037E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9036AAF4-A66E-49EE-96A5-E2BADB69E66F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2516AEC2-FE7F-4E9B-B7B9-1FC1589765D8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{68122FAB-4998-407A-9C22-F9ACDCA1B17B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{617B04A4-13B2-451D-9E63-6AA9DE3B8D65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{32C81DBA-AA43-4497-B3FB-C492D6CE8F5B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{A9E51DD8-10BA-4E29-BCBF-ADD35FE79433}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{A5091BC0-55F5-41B2-84D6-B45A341ACC4D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{91758020-F376-4871-805D-93BDD142B0E8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{1F6FC11C-C143-4BA0-9476-2F4DE34C339E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{4D9359D3-CF72-4555-8F8E-368D06B56213}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{39D33216-C9A9-4B8F-91AA-1014CC3E73CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E684F3BA-7A30-48F5-B005-957884A36E06}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F98BCF8-5062-4574-A067-6DD0ECD3C079}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{48690066-6F62-4083-B229-29FA05580626}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{92E75D60-BAE7-485A-B5B4-F7B25B1BF810}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A7DC473A-BE90-49A2-9E05-58E14E9FC991}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{ACC4CC0E-37F0-4AFF-8217-802E5FA1F238}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6F46BBEC-81C3-4C7C-9AD0-59EF1A46F62D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{263A3A41-35E0-4656-B149-51B97ECB404D}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{E9826564-9BBE-4420-AF96-0DB9F7C8990C}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{8E0658E5-6A03-4893-A741-8A5BBEC432FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{978CE300-59FA-4A4E-A4F4-826C988E6705}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{827B79A9-328F-43DA-9035-64E04CF529D0}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E60D1744-91DD-4246-A316-5BF106195BBD}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{826F3943-6295-4345-AC34-1858CD302CCB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{476D1B3B-44CE-4178-8E04-3825DC3757CD}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{365702BE-A3EB-415F-916B-A09737808261}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{B3047F21-ABB5-44CF-B8A3-1424240B469D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{76FDC5E2-B8B5-4D9F-BBFC-83A13762F671}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47B9E8B9-8369-49AF-8D3B-85746491AE06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2510A4EC-3D1A-4D6B-B78E-6D27B29C70AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B891FC6C-3A14-43E6-B59F-E94CD1806F50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{517F7052-2C25-41EC-90AD-C470E51D95EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{C068C6B3-ED37-44C7-B6A8-A4676FFF27F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{10BD6918-0A4A-4DAD-9A41-0E881F8984E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2A31C440-2EF4-41B7-AF46-7630D76D4D2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{7E8F20D2-19BA-4661-BF43-A3023C54A01B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{3D6D94DA-C210-4F62-883C-3FD5309145A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{82C21478-10FD-4164-B86D-FE308FE81E0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1DD990C4-2E37-4541-A7D1-59546683A446}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FD186EF0-D7E4-4730-A946-D14628E5B887}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{BCFE9A8A-C179-4CC7-81F4-52977B6D6A4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{5D7A0263-A364-4EC3-9851-2026181717D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0229624E-9047-49CE-A33D-0AF395E58BD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC9F2255-3A81-472A-9DB0-C3C73A729400}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{CAF610DC-43B8-4150-8824-47127CF48DFC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{8B8E378A-DB07-4201-B72A-9A3A520BC7BE}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{5278CBD7-CEC4-476A-A162-66AAF0FB5B48}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Mad Catz V.7 Keyboard Gaming Keys (HID)
Description: Mad Catz V.7 Keyboard Gaming Keys (HID)
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Mad Catz
Service: SaiK1107
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: HID-konformes Benutzersteuergerät
Description: HID-konformes Benutzersteuergerät
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: HID-konformes Benutzersteuergerät
Description: HID-konformes Benutzersteuergerät
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/04/2015 11:15:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2015 10:58:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2015 10:50:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Name des fehlerhaften Moduls: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006f58
ID des fehlerhaften Prozesses: 0x4f4
Startzeit der fehlerhaften Anwendung: 0xCsrBtOBEXService.exe0
Pfad der fehlerhaften Anwendung: CsrBtOBEXService.exe1
Pfad des fehlerhaften Moduls: CsrBtOBEXService.exe2
Berichtskennung: CsrBtOBEXService.exe3
Error: (12/04/2015 10:48:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2015 09:03:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Name des fehlerhaften Moduls: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006f58
ID des fehlerhaften Prozesses: 0x588
Startzeit der fehlerhaften Anwendung: 0xCsrBtOBEXService.exe0
Pfad der fehlerhaften Anwendung: CsrBtOBEXService.exe1
Pfad des fehlerhaften Moduls: CsrBtOBEXService.exe2
Berichtskennung: CsrBtOBEXService.exe3
Error: (12/04/2015 08:17:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2015 08:10:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Name des fehlerhaften Moduls: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006f58
ID des fehlerhaften Prozesses: 0x564
Startzeit der fehlerhaften Anwendung: 0xCsrBtOBEXService.exe0
Pfad der fehlerhaften Anwendung: CsrBtOBEXService.exe1
Pfad des fehlerhaften Moduls: CsrBtOBEXService.exe2
Berichtskennung: CsrBtOBEXService.exe3
Error: (12/04/2015 08:07:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2015 08:03:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Name des fehlerhaften Moduls: CsrBtOBEXService.exe, Version: 2.1.63.0, Zeitstempel: 0x4f68683b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006f58
ID des fehlerhaften Prozesses: 0x6fc
Startzeit der fehlerhaften Anwendung: 0xCsrBtOBEXService.exe0
Pfad der fehlerhaften Anwendung: CsrBtOBEXService.exe1
Pfad des fehlerhaften Moduls: CsrBtOBEXService.exe2
Berichtskennung: CsrBtOBEXService.exe3
Error: (12/04/2015 07:19:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (12/04/2015 11:21:36 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ASUSN750",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{45A9A413-793B-4AD4-A236-18F9BB812BAA}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/04/2015 11:14:15 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (12/04/2015 11:13:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/04/2015 11:13:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/04/2015 11:09:39 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "ASUSN750",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{45A9A413-793B-4AD4-A236-18F9BB812BAA}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/04/2015 11:09:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (12/04/2015 11:09:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/04/2015 11:09:05 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/04/2015 11:08:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/04/2015 11:08:36 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
CodeIntegrity:
===================================
Date: 2015-02-13 16:15:51.957
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 16:15:51.941
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 16:15:51.941
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 16:15:51.941
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-02-13 16:15:51.879
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015 durchgeführt von Odin (Administrator) auf ASGARD (04-12-2015 12:04:02) Gestartet von C:\Users\Thor\Desktop\Neuer Ordner\dock1\Sammler Geladene Profile: Odin & Thor (Verfügbare Profile: Odin & Thor) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe (devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Saitek) C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Users\Thor\AppData\Local\Amazon Music\Amazon Music Helper.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Logitech(c)) C:\Program Files (x86)\Logitech\G930\G930.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\splwow64.exe () C:\Users\Thor\Desktop\Neuer Ordner\dock1\Sammler\Defogger.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-13] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation) HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek) HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14862456 2015-09-01] (Logitech Inc.) HKLM\...\Run: [SaiVolume] => C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe [152064 2012-10-15] (Saitek) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation) HKLM-x32\...\Run: [Logitech G930] => C:\Program Files (x86)\Logitech\G930\G930.exe [1516888 2011-03-23] (Logitech(c)) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-10-12] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-3649451115-1868719750-1943371437-1000\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" HKU\S-1-5-21-3649451115-1868719750-1943371437-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt HKU\S-1-5-21-3649451115-1868719750-1943371437-1000\...\MountPoints2: {e3b20848-904b-11e4-bcd0-806e6f6e6963} - D:\Bin\ASSETUP.exe HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd) HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\...\Run: [Amazon Music] => C:\Users\Thor\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] () HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\...\MountPoints2: {3f1357f0-e9a7-11e4-af5b-aeeb0d467834} - E:\pushinst.exe HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\...\MountPoints2: {adc45247-9052-11e4-8e97-806e6f6e6963} - D:\start.exe ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei Startup: C:\Users\Odin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech blank Produktregistrierung.lnk [2015-12-02] ShortcutTarget: Logitech blank Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\G930\eReg.exe (Leader Technologies/Logitech) Startup: C:\Users\Thor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-09-16] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: 209.84.0.254 cdn-patch.swtor.com Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{45A9A413-793B-4AD4-A236-18F9BB812BAA}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3649451115-1868719750-1943371437-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-10-13] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-10-13] (Microsoft Corporation) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-03-12] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Odin\AppData\Roaming\Mozilla\Firefox\Profiles\xmsbm1cx.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-12] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Odin\AppData\Roaming\Mozilla\Firefox\Profiles\xmsbm1cx.default\Extensions\abs@avira.com [2015-10-12] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-12-01] Chrome: ======= CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-06-18] () [Datei ist nicht signiert] R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-17] (Kaspersky Lab ZAO) S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-08-29] (BitRaider, LLC) R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation) R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited) R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited) R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited) R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG) R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-01] (Logitech Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X] S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO) S3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited) S3 CsrBthAudioHF; C:\Windows\System32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited) S3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrhfgcc; C:\Windows\System32\DRIVERS\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited) S3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited) S3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2014-09-29] (Intel Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S4 fwlanusb6; C:\Windows\System32\DRIVERS\fwlanusb6.sys [1327744 2014-03-27] (AVM GmbH) [Datei ist nicht signiert] R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-19] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-19] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940928 2015-12-01] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-25] (AO Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-03] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies) S3 SaiK1107; C:\Windows\System32\DRIVERS\SaiK1107.sys [180584 2012-12-05] (Saitek) R3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) R3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [47168 2012-09-20] (Saitek) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-04 12:03 - 2015-12-04 12:04 - 00000000 ____D C:\FRST 2015-12-04 11:43 - 2015-12-04 11:43 - 00000000 _____ C:\Users\Odin\defogger_reenable 2015-12-04 11:39 - 2015-12-04 11:39 - 00004785 _____ C:\Users\Thor\Desktop\KasperskyProtokollvollständigeUntersuchung.txt 2015-12-04 11:37 - 2015-12-04 11:37 - 00001222 _____ C:\Users\Thor\Desktop\MalwarebytesSuchprotokoll01122015.txt 2015-12-04 10:50 - 2015-12-04 10:50 - 00000000 ____D C:\Windows\pss 2015-12-04 08:16 - 2015-12-04 08:16 - 00001134 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-02 07:41 - 2015-12-02 07:41 - 00002450 _____ C:\Users\Odin\Desktop\Sicherer Zahlungsverkehr.lnk 2015-12-02 07:41 - 2015-12-02 07:41 - 00000000 ____D C:\Users\Odin\AppData\Local\Logitech 2015-12-02 07:30 - 2015-12-02 07:31 - 00184784 _____ C:\Windows\ntbtlog.txt 2015-12-01 14:21 - 2015-12-01 14:21 - 00000000 ____D C:\Users\Thor\AppData\Local\Microsoft Help 2015-11-23 13:43 - 2015-11-23 14:56 - 00002604 _____ C:\Users\Thor\Desktop\01 Mandalo.mp3 - Verknüpfung.lnk 2015-11-21 20:40 - 2015-11-21 20:40 - 00000000 ____D C:\Windows\SysWOW64\%Data% 2015-11-12 08:34 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 09:32 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-11-11 09:32 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-11-11 09:32 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 09:32 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-11 09:32 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-11-11 09:32 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 09:32 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-11 09:32 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-11-11 09:32 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-11-11 09:32 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 09:32 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-11-11 09:32 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-11 09:32 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-11-11 09:32 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-11 09:32 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-11 09:32 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-11-11 09:32 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 09:32 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 09:32 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-11-11 09:32 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-11 09:32 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-11 09:32 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-11-11 09:32 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-11 09:32 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-11 09:32 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-11-11 09:32 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-11 09:32 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-11 09:32 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-11 09:32 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-11-11 09:32 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-11-11 09:32 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-11-11 09:32 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-11-11 09:32 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-11-11 09:32 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-11 09:32 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-11-11 09:32 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-11-11 09:32 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-11-11 09:32 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-11 09:32 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-11-11 09:32 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-11-11 09:32 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-11-11 09:32 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 09:32 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 09:32 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-11 09:32 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-11-11 09:32 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-11-11 09:32 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-11 09:32 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 09:32 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-11-11 09:32 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-11-11 09:32 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-11-11 09:32 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 09:32 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-11-11 09:32 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-11 09:32 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-11-11 09:32 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-11 09:32 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-11 09:32 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-11-11 09:32 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-11-11 09:32 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 09:32 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 09:32 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-11 09:32 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-11 09:32 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-11 09:32 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 09:32 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 09:32 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 09:32 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 09:32 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 09:32 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-11 09:32 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-11 09:32 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 09:32 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-11-11 09:32 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 09:32 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-11-11 09:32 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-11 09:32 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-11 09:32 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-11 09:32 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-11-11 09:32 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-11 09:31 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-11-11 09:31 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-11-11 09:31 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-11-11 09:31 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-11-11 09:31 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-11-11 09:31 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-11-11 09:31 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-11-11 09:31 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 09:31 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 09:31 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-11 09:31 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-11 09:31 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-11-11 09:31 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-11-11 09:31 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-11-11 09:31 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-11-11 09:31 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-11 09:31 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-11-11 09:31 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-11-11 09:31 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-11-11 09:31 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-11-11 09:31 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-11-11 09:31 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-11-11 09:31 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-11-11 09:31 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-11-11 09:31 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-11-11 09:31 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-11-11 09:31 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-11-11 09:31 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-11-11 09:31 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-11-11 09:31 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-11-11 09:31 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-11-11 09:31 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-11-11 09:31 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-11-11 09:31 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-11-11 09:31 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 09:31 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-11 09:31 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 09:31 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-11-11 09:31 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-11-11 09:31 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-11 09:31 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-11 09:31 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 09:31 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 09:31 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-11 09:31 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-11-11 09:31 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-11-11 09:31 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-11-11 09:31 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 09:31 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 09:31 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-07 14:06 - 2015-11-07 23:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-11-06 13:22 - 2015-11-06 13:22 - 00000000 ____D C:\ProgramData\ROCCAT 2015-11-06 13:21 - 2015-11-06 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT 2015-11-06 13:21 - 2015-11-06 13:22 - 00000000 ____D C:\Program Files (x86)\ROCCAT 2015-11-06 13:20 - 2015-11-06 13:20 - 00000000 ____D C:\Program Files\Alienware ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-04 12:03 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-04 11:43 - 2015-01-02 20:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-12-04 11:43 - 2014-12-30 18:54 - 00000000 ____D C:\Users\Odin 2015-12-04 11:22 - 2009-07-14 05:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-04 11:22 - 2009-07-14 05:45 - 00021840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-04 11:14 - 2015-01-15 18:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2015-12-04 11:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-04 11:08 - 2015-09-23 10:55 - 00000000 ____D C:\AdwCleaner 2015-12-04 07:19 - 2015-10-22 15:00 - 00000000 ____D C:\Users\Thor\AppData\Roaming\Raptr 2015-12-03 20:31 - 2014-12-31 09:40 - 00000000 ____D C:\Program Files (x86)\Steam 2015-12-03 08:37 - 2015-10-22 13:11 - 00000000 ____D C:\Users\Odin\AppData\Roaming\Raptr 2015-12-03 08:37 - 2015-09-17 13:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-02 08:30 - 2015-03-19 14:53 - 00000000 ____D C:\Users\Thor\AppData\Local\Audible 2015-12-02 07:41 - 2014-12-30 18:54 - 00000000 ____D C:\Users\Odin\AppData\Local\VirtualStore 2015-12-01 11:05 - 2015-09-17 16:57 - 00940928 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2015-11-27 13:49 - 2015-10-07 00:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-26 15:44 - 2015-02-08 19:29 - 00023552 ____H C:\Users\Thor\Desktop\photothumb.db 2015-11-24 08:57 - 2015-10-22 13:11 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-11-23 20:35 - 2015-03-12 12:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-11-23 20:34 - 2015-03-12 12:26 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-11-22 22:06 - 2015-01-04 21:22 - 00000000 ____D C:\Users\Thor\AppData\Local\Amazon Music 2015-11-17 11:32 - 2015-02-28 15:16 - 00000000 ____D C:\Fotos 2015-11-12 16:12 - 2009-07-14 05:45 - 00400984 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-12 10:43 - 2011-04-12 08:43 - 00700130 _____ C:\Windows\system32\perfh007.dat 2015-11-12 10:43 - 2011-04-12 08:43 - 00149768 _____ C:\Windows\system32\perfc007.dat 2015-11-12 10:43 - 2009-07-14 06:13 - 01622706 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-12 10:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-11-12 09:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-11-11 20:06 - 2015-08-28 21:36 - 00000000 ____D C:\Users\Thor\AppData\Roaming\Skype 2015-11-11 19:54 - 2015-08-28 21:35 - 00000000 ____D C:\ProgramData\Skype 2015-11-11 16:46 - 2015-01-01 11:51 - 00000000 ____D C:\Windows\system32\MRT 2015-11-11 16:44 - 2015-01-01 11:51 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-11-11 16:40 - 2014-12-30 19:02 - 01596050 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-11 16:39 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-11 11:43 - 2015-01-02 20:59 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-11 11:43 - 2015-01-02 20:59 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-11 11:43 - 2015-01-02 20:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-10 14:17 - 2015-03-20 15:54 - 00000000 ____D C:\BewerbungenNextGen 2015-11-09 22:39 - 2015-09-26 18:58 - 00000000 ____D C:\Users\Thor\AppData\Roaming\TS3Client 2015-11-07 23:27 - 2014-12-30 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-11-07 13:12 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-11-06 13:22 - 2014-12-30 20:34 - 00000000 ____D C:\Users\Thor\AppData\Local\VirtualStore 2015-11-06 13:21 - 2014-12-30 19:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-06 13:19 - 2014-12-30 19:00 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-04 17:24 - 2014-12-30 20:35 - 00000000 ___RD C:\Users\Thor\Desktop\Neuer Ordner ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-01-09 13:06 - 2015-01-09 13:06 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-12-30 19:24 - 2014-12-30 19:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Odin\AppData\Local\Temp\avgnt.exe C:\Users\Odin\AppData\Local\Temp\mgxoschk.dll C:\Users\Odin\AppData\Local\Temp\MgxVistaTools.dll C:\Users\Odin\AppData\Local\Temp\Quarantine.exe C:\Users\Odin\AppData\Local\Temp\raptrpatch.exe C:\Users\Odin\AppData\Local\Temp\raptr_stub.exe C:\Users\Odin\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:43 on 04/12/2015 (Odin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Ich hoffe wirklich, ich behellige Euch nicht grundlos. Wobei ich mich natürlich auch freuen würde, wenn alles ok wäre. Vielen lieben Dank!!! Euer Currufin |
|
04.12.2015, 13:45
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
04.12.2015, 14:18
| #3 |
| | Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? Hallo lieber Schrauber,
__________________wow, danke für die schnelle Antwort!!! Ich bin baff. Es hat leider alles etwas gedauert, aber hier nun die Logs: mbar Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.04.02
rootkit: v2015.11.26.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18097
Odin :: ASGARD [administrator]
04.12.2015 13:52:53
mbar-log-2015-12-04 (13-52-53).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 391280
Time elapsed: 13 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
und TDSSKiller Code:
ATTFilter 14:10:40.0670 0x157c TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
14:10:46.0349 0x157c ============================================================
14:10:46.0349 0x157c Current date / time: 2015/12/04 14:10:46.0349
14:10:46.0349 0x157c SystemInfo:
14:10:46.0349 0x157c
14:10:46.0349 0x157c OS Version: 6.1.7601 ServicePack: 1.0
14:10:46.0349 0x157c Product type: Workstation
14:10:46.0349 0x157c ComputerName: ASGARD
14:10:46.0349 0x157c UserName: Odin
14:10:46.0349 0x157c Windows directory: C:\Windows
14:10:46.0349 0x157c System windows directory: C:\Windows
14:10:46.0349 0x157c Running under WOW64
14:10:46.0349 0x157c Processor architecture: Intel x64
14:10:46.0349 0x157c Number of processors: 4
14:10:46.0349 0x157c Page size: 0x1000
14:10:46.0349 0x157c Boot type: Normal boot
14:10:46.0349 0x157c ============================================================
14:10:47.0706 0x157c KLMD registered as C:\Windows\system32\drivers\10862045.sys
14:10:48.0267 0x157c System UUID: {7412E2F9-A02F-ED3D-CD2C-170A1C0F44B7}
14:10:49.0157 0x157c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:10:49.0157 0x157c Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:10:49.0172 0x157c ============================================================
14:10:49.0172 0x157c \Device\Harddisk0\DR0:
14:10:49.0172 0x157c MBR partitions:
14:10:49.0172 0x157c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:10:49.0172 0x157c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
14:10:49.0172 0x157c \Device\Harddisk1\DR1:
14:10:49.0172 0x157c MBR partitions:
14:10:49.0172 0x157c ============================================================
14:10:49.0188 0x157c C: <-> \Device\Harddisk0\DR0\Partition2
14:10:49.0188 0x157c ============================================================
14:10:49.0188 0x157c Initialize success
14:10:49.0188 0x157c ============================================================
14:11:59.0327 0x1698 ============================================================
14:11:59.0327 0x1698 Scan started
14:11:59.0327 0x1698 Mode: Manual; SigCheck; TDLFS;
14:11:59.0327 0x1698 ============================================================
14:11:59.0327 0x1698 KSN ping started
14:12:02.0088 0x1698 KSN ping finished: true
14:12:02.0915 0x1698 ================ Scan system memory ========================
14:12:02.0915 0x1698 System memory - ok
14:12:02.0915 0x1698 ================ Scan services =============================
14:12:03.0024 0x1698 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:12:03.0133 0x1698 1394ohci - ok
14:12:03.0149 0x1698 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:12:03.0149 0x1698 ACPI - ok
14:12:03.0164 0x1698 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:12:03.0195 0x1698 AcpiPmi - ok
14:12:03.0305 0x1698 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:12:03.0320 0x1698 AdobeARMservice - ok
14:12:03.0414 0x1698 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:12:03.0414 0x1698 AdobeFlashPlayerUpdateSvc - ok
14:12:03.0445 0x1698 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:12:03.0445 0x1698 adp94xx - ok
14:12:03.0476 0x1698 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:12:03.0476 0x1698 adpahci - ok
14:12:03.0492 0x1698 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:12:03.0492 0x1698 adpu320 - ok
14:12:03.0523 0x1698 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:12:03.0695 0x1698 AeLookupSvc - ok
14:12:03.0726 0x1698 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
14:12:03.0773 0x1698 AFD - ok
14:12:03.0773 0x1698 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:12:03.0773 0x1698 agp440 - ok
14:12:03.0804 0x1698 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:12:03.0835 0x1698 ALG - ok
14:12:03.0866 0x1698 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:12:03.0866 0x1698 aliide - ok
14:12:03.0929 0x1698 [ 4FDD37B75605904113C43814C035FDA0, 3CC0F5FCAE77F6DF39320E5B2B0BDF29E42A4CA3FBC8EAEA6450A1F90A2D1FCE ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:12:03.0975 0x1698 AMD External Events Utility - ok
14:12:03.0991 0x1698 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:12:04.0007 0x1698 amdide - ok
14:12:04.0007 0x1698 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:12:04.0038 0x1698 AmdK8 - ok
14:12:04.0069 0x1698 amdkmdag - ok
14:12:04.0100 0x1698 [ 8B0BF9FCDA0C2AE907CECA61600606A1, 968FB180030D3099EB8E37992D2C0B2D539700CE63304E47A16090E70F47C670 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:12:04.0147 0x1698 amdkmdap - ok
14:12:04.0147 0x1698 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:12:04.0163 0x1698 AmdPPM - ok
14:12:04.0194 0x1698 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:12:04.0209 0x1698 amdsata - ok
14:12:04.0209 0x1698 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:12:04.0225 0x1698 amdsbs - ok
14:12:04.0241 0x1698 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:12:04.0241 0x1698 amdxata - ok
14:12:04.0256 0x1698 AntiVirSchedulerService - ok
14:12:04.0256 0x1698 AntiVirService - ok
14:12:04.0287 0x1698 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
14:12:04.0303 0x1698 AppID - ok
14:12:04.0319 0x1698 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:12:04.0334 0x1698 AppIDSvc - ok
14:12:04.0365 0x1698 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
14:12:04.0381 0x1698 Appinfo - ok
14:12:04.0490 0x1698 [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:12:04.0490 0x1698 Apple Mobile Device Service - ok
14:12:04.0490 0x1698 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:12:04.0506 0x1698 arc - ok
14:12:04.0506 0x1698 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:12:04.0506 0x1698 arcsas - ok
14:12:04.0553 0x1698 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
14:12:04.0584 0x1698 asComSvc - ok
14:12:04.0615 0x1698 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
14:12:04.0615 0x1698 AsIO - ok
14:12:04.0693 0x1698 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:12:04.0693 0x1698 aspnet_state - ok
14:12:04.0755 0x1698 [ 37F7DD839A711B5706B1264F4D8D4BDC, C949A7BB236C6C03E197EF7F9A6DF53E34EC35D925034351B5FD5D7DB62A770E ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
14:12:04.0787 0x1698 AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
14:12:07.0485 0x1698 Detect skipped due to KSN trusted
14:12:07.0485 0x1698 AsSysCtrlService - ok
14:12:07.0485 0x1698 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:12:07.0595 0x1698 AsyncMac - ok
14:12:07.0610 0x1698 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:12:07.0610 0x1698 atapi - ok
14:12:07.0657 0x1698 [ 36779BF5739484CBE11F474A740E9B78, AF61F1828A10C3A44620B55E17CE6647C0807F9BAD5A5990F10EAC639DE2D3AE ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:12:07.0657 0x1698 AtiHDAudioService - ok
14:12:07.0704 0x1698 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:12:07.0751 0x1698 AudioEndpointBuilder - ok
14:12:07.0782 0x1698 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:12:07.0797 0x1698 AudioSrv - ok
14:12:07.0829 0x1698 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:12:07.0829 0x1698 avgntflt - ok
14:12:07.0844 0x1698 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:12:07.0860 0x1698 avipbb - ok
14:12:07.0875 0x1698 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:12:07.0891 0x1698 avkmgr - ok
14:12:07.0985 0x1698 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
14:12:07.0985 0x1698 AVP16.0.0 - ok
14:12:08.0016 0x1698 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:12:08.0094 0x1698 AxInstSV - ok
14:12:08.0109 0x1698 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:12:08.0172 0x1698 b06bdrv - ok
14:12:08.0172 0x1698 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:12:08.0219 0x1698 b57nd60a - ok
14:12:08.0234 0x1698 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:12:08.0281 0x1698 BDESVC - ok
14:12:08.0297 0x1698 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:12:08.0328 0x1698 Beep - ok
14:12:08.0359 0x1698 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:12:08.0406 0x1698 BFE - ok
14:12:08.0453 0x1698 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:12:08.0546 0x1698 BITS - ok
14:12:08.0562 0x1698 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:12:08.0577 0x1698 blbdrive - ok
14:12:08.0624 0x1698 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:12:08.0640 0x1698 Bonjour Service - ok
14:12:08.0655 0x1698 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:12:08.0671 0x1698 bowser - ok
14:12:08.0733 0x1698 BRDriver64_1_3_3_E02B25FC - ok
14:12:08.0733 0x1698 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:12:08.0733 0x1698 BrFiltLo - ok
14:12:08.0749 0x1698 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:12:08.0749 0x1698 BrFiltUp - ok
14:12:08.0765 0x1698 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:12:08.0796 0x1698 Browser - ok
14:12:08.0811 0x1698 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:12:08.0827 0x1698 Brserid - ok
14:12:08.0827 0x1698 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:12:08.0843 0x1698 BrSerWdm - ok
14:12:08.0889 0x1698 [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub C:\ProgramData\BitRaider\BRSptStub.exe
14:12:08.0889 0x1698 BRSptStub - ok
14:12:08.0889 0x1698 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:12:08.0905 0x1698 BrUsbMdm - ok
14:12:08.0905 0x1698 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:12:08.0936 0x1698 BrUsbSer - ok
14:12:08.0983 0x1698 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
14:12:09.0030 0x1698 BthEnum - ok
14:12:09.0030 0x1698 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:12:09.0045 0x1698 BTHMODEM - ok
14:12:09.0077 0x1698 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:12:09.0077 0x1698 BthPan - ok
14:12:09.0139 0x1698 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:12:09.0170 0x1698 BTHPORT - ok
14:12:09.0186 0x1698 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:12:09.0217 0x1698 bthserv - ok
14:12:09.0248 0x1698 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:12:09.0264 0x1698 BTHUSB - ok
14:12:09.0326 0x1698 [ 6FF259D19E446CE736D2D9C1DA74C14E, 0E161A40B4D1CDBA9BD2B43FAB7E62822AE8F585FB1475478D18F83FC6CCC62C ] BtSwitcherService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
14:12:09.0342 0x1698 BtSwitcherService - ok
14:12:09.0357 0x1698 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:12:09.0389 0x1698 cdfs - ok
14:12:09.0420 0x1698 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:12:09.0435 0x1698 cdrom - ok
14:12:09.0451 0x1698 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:12:09.0482 0x1698 CertPropSvc - ok
14:12:09.0482 0x1698 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:12:09.0498 0x1698 circlass - ok
14:12:09.0529 0x1698 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:12:09.0545 0x1698 CLFS - ok
14:12:09.0669 0x1698 [ 92547C9A6C5E9A3BEC689486C4885C4B, AB56F0BB2CBAB9AA6EA2E12F04F192271762DEBD7F6FBFB8CFAB6BA23121C295 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
14:12:09.0716 0x1698 ClickToRunSvc - ok
14:12:09.0763 0x1698 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:12:09.0763 0x1698 clr_optimization_v2.0.50727_32 - ok
14:12:09.0794 0x1698 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:12:09.0810 0x1698 clr_optimization_v2.0.50727_64 - ok
14:12:09.0872 0x1698 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:12:09.0872 0x1698 clr_optimization_v4.0.30319_32 - ok
14:12:09.0903 0x1698 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:12:09.0919 0x1698 clr_optimization_v4.0.30319_64 - ok
14:12:09.0935 0x1698 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:12:09.0950 0x1698 CmBatt - ok
14:12:09.0981 0x1698 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:12:09.0981 0x1698 cmdide - ok
14:12:10.0028 0x1698 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\Windows\system32\DRIVERS\cm_km.sys
14:12:10.0044 0x1698 cm_km - ok
14:12:10.0075 0x1698 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
14:12:10.0091 0x1698 CNG - ok
14:12:10.0091 0x1698 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:12:10.0106 0x1698 Compbatt - ok
14:12:10.0106 0x1698 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:12:10.0122 0x1698 CompositeBus - ok
14:12:10.0122 0x1698 COMSysApp - ok
14:12:10.0122 0x1698 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:12:10.0137 0x1698 crcdisk - ok
14:12:10.0153 0x1698 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:12:10.0200 0x1698 CryptSvc - ok
14:12:10.0231 0x1698 [ DA2926CFC160698D3C4335A58385EE03, 03A9ADDC43D8B6ACB31B44D9FF9C2F7883C577D0E0D683D08C4FCB1C57F75E3C ] csravrcp C:\Windows\system32\DRIVERS\csravrcp.sys
14:12:10.0231 0x1698 csravrcp - ok
14:12:10.0278 0x1698 [ F36B14E5DD31BC45028556768615BDCA, 73894103BD1D4C50581F15BBF3CF8B4699185FFF88325B3A0B74EE3D37E427C1 ] CSRBtAudioService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
14:12:10.0293 0x1698 CSRBtAudioService - ok
14:12:10.0340 0x1698 [ 0D22E6DDFDFCE01CAB40A708989F4513, 92709F2A258D3FF2699C493BB330828A435198DF1A41E04E05D6847DC9D3DE4D ] CsrBthAudioHF C:\Windows\system32\DRIVERS\CsrBthAudioHF.sys
14:12:10.0356 0x1698 CsrBthAudioHF - ok
14:12:10.0387 0x1698 [ 21249D1C893CDA49C296727242109AD2, 31CBF9FCD3ED3A3FA1A17F5C2C9E39DE76A3856755B0C217BEF8629E43B04D6A ] CsrBtOBEX-Dienst C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
14:12:10.0403 0x1698 CsrBtOBEX-Dienst - ok
14:12:10.0496 0x1698 [ 6AA077D6CC426476E349DF8BFAB2DD0A, 5D24CE14881DD6D1C5003FDE45036DB8894546D26BAEA29D50A6F73B3BE78050 ] CsrBtPort C:\Windows\system32\DRIVERS\CsrBtPort.sys
14:12:10.0543 0x1698 CsrBtPort - ok
14:12:10.0559 0x1698 [ 56CD42AC0A286A29804D5E938B76BC75, 4B144E9C649786594169FB6B800B05E96810A9F31156A7046F53F4FEEF8E1125 ] CsrBtService C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
14:12:10.0574 0x1698 CsrBtService - ok
14:12:10.0590 0x1698 [ 965FB144CA3970F7C2F0DF346155C25D, AC30DEF9673E9DFD07B0665C5302961F6F591F5A038249E84CF08F39642FE6F1 ] csrhfgcc C:\Windows\system32\DRIVERS\csrhfgcc.sys
14:12:10.0590 0x1698 csrhfgcc - ok
14:12:10.0605 0x1698 [ B869927FB411004CCD98B7DF30A8AEDC, 4E72AE1EDFA55A8577B56ADAEF196910A915F619E121BCC98155439984FA2AE3 ] csrpan C:\Windows\system32\DRIVERS\csrpan.sys
14:12:10.0621 0x1698 csrpan - ok
14:12:10.0621 0x1698 [ 7DB081CD5AFF021666444D7CEFFBDB1B, F32E7D217B0BB6091D808BE413D548A2C66584BA3625F189C81090DC0CC1F0F9 ] csrserial C:\Windows\system32\DRIVERS\csrserial.sys
14:12:10.0637 0x1698 csrserial - ok
14:12:10.0668 0x1698 [ 19A0B8F1CE67E5E0E0CDF315F9DA29D6, 3A2E289F8E227D60F6211C5B62170F2F446DBD86ED7BE014B543F24D394600AF ] csrusb C:\Windows\system32\Drivers\csrusb.sys
14:12:10.0668 0x1698 csrusb - ok
14:12:10.0715 0x1698 [ D2EF74C29A95E8814BC0BCFF3F21D4D1, 1D70B391B0C3FE50C96932580302353BB290D589F7834407C4DA7FCFAF3B4B06 ] csrusbfilter C:\Windows\system32\Drivers\csrusbfilter.sys
14:12:10.0715 0x1698 csrusbfilter - ok
14:12:10.0730 0x1698 [ 244B34E4A0646BEBE254F67BD830B184, C71D2DA4FF16127E47749834D4F7DE91E12637BAB9458E1AEBC7CC0AD76628F1 ] csr_bthav C:\Windows\system32\drivers\csrbthav.sys
14:12:10.0746 0x1698 csr_bthav - ok
14:12:10.0761 0x1698 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:12:10.0824 0x1698 DcomLaunch - ok
14:12:10.0839 0x1698 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:12:10.0886 0x1698 defragsvc - ok
14:12:11.0011 0x1698 [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
14:12:11.0058 0x1698 DevoloNetworkService - ok
14:12:11.0073 0x1698 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:12:11.0105 0x1698 DfsC - ok
14:12:11.0136 0x1698 [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
14:12:11.0136 0x1698 dg_ssudbus - ok
14:12:11.0151 0x1698 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:12:11.0183 0x1698 Dhcp - ok
14:12:11.0229 0x1698 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
14:12:11.0292 0x1698 DiagTrack - ok
14:12:11.0307 0x1698 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:12:11.0339 0x1698 discache - ok
14:12:11.0385 0x1698 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
14:12:11.0385 0x1698 Disk - ok
14:12:11.0432 0x1698 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:12:11.0479 0x1698 Dnscache - ok
14:12:11.0495 0x1698 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:12:11.0541 0x1698 dot3svc - ok
14:12:11.0541 0x1698 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:12:11.0573 0x1698 DPS - ok
14:12:11.0604 0x1698 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:12:11.0619 0x1698 drmkaud - ok
14:12:11.0666 0x1698 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:12:11.0682 0x1698 DXGKrnl - ok
14:12:11.0713 0x1698 [ A82585AA7B7DD775CB0FFCC2401C35E9, 0EB6D898EA260D3E60AD77AA4875C378719173D159B5945FDBBFB20E2B3C2927 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
14:12:11.0729 0x1698 e1dexpress - ok
14:12:11.0760 0x1698 [ A5047621B4BCD02A76F2BCFFF34BF8C0, 17780C8B86D3EA5FA34B45CC024AD38A19643C136D39717A2E114F90D39DB9DF ] e1qexpress C:\Windows\system32\DRIVERS\e1q62x64.sys
14:12:11.0775 0x1698 e1qexpress - ok
14:12:11.0791 0x1698 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:12:11.0822 0x1698 EapHost - ok
14:12:11.0900 0x1698 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:12:11.0963 0x1698 ebdrv - ok
14:12:12.0009 0x1698 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
14:12:12.0025 0x1698 EFS - ok
14:12:12.0072 0x1698 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:12:12.0119 0x1698 ehRecvr - ok
14:12:12.0119 0x1698 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:12:12.0150 0x1698 ehSched - ok
14:12:12.0181 0x1698 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:12:12.0197 0x1698 elxstor - ok
14:12:12.0197 0x1698 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:12:12.0212 0x1698 ErrDev - ok
14:12:12.0243 0x1698 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:12:12.0259 0x1698 EventSystem - ok
14:12:12.0275 0x1698 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:12:12.0306 0x1698 exfat - ok
14:12:12.0384 0x1698 Fabs - ok
14:12:12.0399 0x1698 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:12:12.0415 0x1698 fastfat - ok
14:12:12.0446 0x1698 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:12:12.0509 0x1698 Fax - ok
14:12:12.0509 0x1698 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
14:12:12.0524 0x1698 fdc - ok
14:12:12.0540 0x1698 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:12:12.0571 0x1698 fdPHost - ok
14:12:12.0587 0x1698 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:12:12.0602 0x1698 FDResPub - ok
14:12:12.0602 0x1698 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:12:12.0618 0x1698 FileInfo - ok
14:12:12.0618 0x1698 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:12:12.0633 0x1698 Filetrace - ok
14:12:12.0711 0x1698 [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:12:12.0743 0x1698 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
14:12:15.0473 0x1698 Detect skipped due to KSN trusted
14:12:15.0473 0x1698 FirebirdServerMAGIXInstance - ok
14:12:15.0488 0x1698 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:12:15.0504 0x1698 flpydisk - ok
14:12:15.0504 0x1698 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:12:15.0519 0x1698 FltMgr - ok
14:12:15.0566 0x1698 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
14:12:15.0629 0x1698 FontCache - ok
14:12:15.0644 0x1698 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:12:15.0660 0x1698 FontCache3.0.0.0 - ok
14:12:15.0660 0x1698 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:12:15.0675 0x1698 FsDepends - ok
14:12:15.0675 0x1698 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:12:15.0691 0x1698 Fs_Rec - ok
14:12:15.0707 0x1698 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:12:15.0722 0x1698 fvevol - ok
14:12:15.0769 0x1698 [ AA76A57C7A6DE6FA6D0C55EDFC726FCF, 59FF6D7D47177F2F641B35E786A5F392F2D31EBA35C9939684B02E8EB98AF146 ] fwlanusb6 C:\Windows\system32\DRIVERS\fwlanusb6.sys
14:12:15.0800 0x1698 fwlanusb6 - detected UnsignedFile.Multi.Generic ( 1 )
14:12:17.0906 0x0c34 Object required for P2P: [ 92547C9A6C5E9A3BEC689486C4885C4B ] ClickToRunSvc
14:12:18.0546 0x1698 Detect skipped due to KSN trusted
14:12:18.0546 0x1698 fwlanusb6 - ok
14:12:18.0561 0x1698 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:12:18.0561 0x1698 gagp30kx - ok
14:12:18.0593 0x1698 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:12:18.0593 0x1698 GEARAspiWDM - ok
14:12:18.0624 0x1698 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:12:18.0655 0x1698 gpsvc - ok
14:12:18.0702 0x1698 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:12:18.0749 0x1698 hcw85cir - ok
14:12:18.0764 0x1698 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:12:18.0780 0x1698 HdAudAddService - ok
14:12:18.0795 0x1698 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:12:18.0795 0x1698 HDAudBus - ok
14:12:18.0795 0x1698 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:12:18.0811 0x1698 HidBatt - ok
14:12:18.0811 0x1698 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:12:18.0842 0x1698 HidBth - ok
14:12:18.0873 0x1698 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:12:18.0889 0x1698 HidIr - ok
14:12:18.0905 0x1698 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:12:18.0936 0x1698 hidserv - ok
14:12:18.0951 0x1698 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:12:18.0967 0x1698 HidUsb - ok
14:12:18.0983 0x1698 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:12:19.0029 0x1698 hkmsvc - ok
14:12:19.0045 0x1698 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:12:19.0076 0x1698 HomeGroupListener - ok
14:12:19.0076 0x1698 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:12:19.0123 0x1698 HomeGroupProvider - ok
14:12:19.0123 0x1698 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:12:19.0123 0x1698 HpSAMD - ok
14:12:19.0170 0x1698 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:12:19.0201 0x1698 HTTP - ok
14:12:19.0217 0x1698 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:12:19.0217 0x1698 hwpolicy - ok
14:12:19.0217 0x1698 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:12:19.0232 0x1698 i8042prt - ok
14:12:19.0263 0x1698 [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
14:12:19.0279 0x1698 iaStorA - ok
14:12:19.0326 0x1698 [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:12:19.0341 0x1698 IAStorDataMgrSvc - ok
14:12:19.0357 0x1698 [ C018747131B4E90E9267BA5B31EB43A7, 0FA045B63500D6AA98CADD72BA8052BD2631387FD1270A9FD5A77EB7A7A14536 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
14:12:19.0357 0x1698 iaStorF - ok
14:12:19.0388 0x1698 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:12:19.0404 0x1698 iaStorV - ok
14:12:19.0435 0x1698 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:12:19.0466 0x1698 idsvc - ok
14:12:19.0466 0x1698 IEEtwCollectorService - ok
14:12:19.0466 0x1698 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:12:19.0482 0x1698 iirsp - ok
14:12:19.0497 0x1698 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:12:19.0544 0x1698 IKEEXT - ok
14:12:19.0638 0x1698 [ F121B8C45FE6550D9E2DBC40C0A2E408, 08010538C876ABA196C546D603893339E7A117B5F98C0C2AF9451B627EEB4FE7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:12:19.0700 0x1698 IntcAzAudAddService - ok
14:12:19.0747 0x1698 [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:12:19.0763 0x1698 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:12:19.0794 0x1698 [ 87DD7CC57949A67176C666602563776B, BE4FEE53C5C048EBED825AC6ADD65912744DD6EA954561D9A38A151FE669C252 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
14:12:19.0809 0x1698 Intel(R) PROSet Monitoring Service - ok
14:12:19.0825 0x1698 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:12:19.0841 0x1698 intelide - ok
14:12:19.0841 0x1698 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:12:19.0841 0x1698 intelppm - ok
14:12:19.0856 0x1698 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:12:19.0903 0x1698 IPBusEnum - ok
14:12:19.0903 0x1698 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:12:19.0919 0x1698 IpFilterDriver - ok
14:12:19.0965 0x1698 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:12:20.0028 0x1698 iphlpsvc - ok
14:12:20.0028 0x1698 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:12:20.0028 0x1698 IPMIDRV - ok
14:12:20.0043 0x1698 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:12:20.0059 0x1698 IPNAT - ok
14:12:20.0106 0x1698 [ 57A85230DA22ABCFD9AF2E5A3D946F41, 9E9217FF5AB64D06D79632B9F9CEDABA10F744C40896D7622D0FD397FD0E99BF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:12:20.0121 0x1698 iPod Service - ok
14:12:20.0121 0x1698 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:12:20.0137 0x1698 IRENUM - ok
14:12:20.0137 0x1698 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:12:20.0153 0x1698 isapnp - ok
14:12:20.0168 0x1698 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:12:20.0184 0x1698 iScsiPrt - ok
14:12:20.0199 0x1698 [ 45392E76EE30DC9C8F0181C785F0BA48, 7FB522E1AA9B877B9FB1A29C2ADC42EA794E8864AD2411AD275F00F00547F8F3 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:12:20.0199 0x1698 iusb3hcs - ok
14:12:20.0215 0x1698 [ C6E8FB7FF41877378CCB30DE6E9941DF, CA808A00C0CC21C1C7BE54F0D1E5D3F24C0032BE821C064E0A63901F20F3C6BC ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:12:20.0231 0x1698 iusb3hub - ok
14:12:20.0262 0x1698 [ 6FBA980433B2B21604CE990FBF542D3F, ACB35A5558DD9EF9A339C9D061207AF5527D3AEFC9AC99AB6CFBA1CE92F8B62D ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:12:20.0277 0x1698 iusb3xhc - ok
14:12:20.0309 0x1698 [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:12:20.0324 0x1698 jhi_service - ok
14:12:20.0324 0x1698 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:12:20.0324 0x1698 kbdclass - ok
14:12:20.0324 0x1698 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:12:20.0340 0x1698 kbdhid - ok
14:12:20.0355 0x1698 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
14:12:20.0355 0x1698 KeyIso - ok
14:12:20.0402 0x1698 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
14:12:20.0418 0x1698 kl1 - ok
14:12:20.0433 0x1698 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\Windows\system32\DRIVERS\klbackupdisk.sys
14:12:20.0433 0x1698 klbackupdisk - ok
14:12:20.0465 0x1698 [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt C:\Windows\system32\DRIVERS\klbackupflt.sys
14:12:20.0480 0x1698 klbackupflt - ok
14:12:20.0496 0x1698 [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
14:12:20.0496 0x1698 kldisk - ok
14:12:20.0527 0x1698 [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
14:12:20.0543 0x1698 klflt - ok
14:12:20.0558 0x1698 [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk C:\Windows\system32\DRIVERS\klhk.sys
14:12:20.0574 0x1698 klhk - ok
14:12:20.0605 0x1698 [ DFF69C0DB50E1211E82541835448A1CE, 9EE94CCE492262F79B5AF8D9BF9B3F1AA62645465F537EE734F66832BDB67166 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
14:12:20.0636 0x1698 KLIF - ok
14:12:20.0652 0x1698 [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
14:12:20.0667 0x1698 KLIM6 - ok
14:12:20.0683 0x1698 [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
14:12:20.0699 0x1698 klkbdflt - ok
14:12:20.0699 0x1698 [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
14:12:20.0714 0x1698 klmouflt - ok
14:12:20.0730 0x1698 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
14:12:20.0745 0x1698 klpd - ok
14:12:20.0745 0x1698 [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
14:12:20.0761 0x1698 kltdi - ok
14:12:20.0777 0x0c34 Object send P2P result: true
14:12:20.0777 0x1698 [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
14:12:20.0792 0x1698 Klwtp - ok
14:12:20.0808 0x1698 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
14:12:20.0823 0x1698 kneps - ok
14:12:20.0839 0x1698 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:12:20.0855 0x1698 KSecDD - ok
14:12:20.0870 0x1698 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:12:20.0870 0x1698 KSecPkg - ok
14:12:20.0886 0x1698 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:12:20.0901 0x1698 ksthunk - ok
14:12:20.0933 0x1698 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:12:20.0948 0x1698 KtmRm - ok
14:12:20.0979 0x1698 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:12:21.0011 0x1698 LanmanServer - ok
14:12:21.0042 0x1698 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:12:21.0073 0x1698 LanmanWorkstation - ok
14:12:21.0120 0x1698 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
14:12:21.0135 0x1698 LGBusEnum - ok
14:12:21.0182 0x1698 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
14:12:21.0182 0x1698 LGCoreTemp - ok
14:12:21.0198 0x1698 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
14:12:21.0213 0x1698 LGJoyXlCore - ok
14:12:21.0229 0x1698 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
14:12:21.0245 0x1698 LGVirHid - ok
14:12:21.0260 0x1698 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:12:21.0291 0x1698 lltdio - ok
14:12:21.0338 0x1698 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:12:21.0385 0x1698 lltdsvc - ok
14:12:21.0385 0x1698 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:12:21.0432 0x1698 lmhosts - ok
14:12:21.0494 0x1698 [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:12:21.0494 0x1698 LMS - ok
14:12:21.0510 0x1698 [ 7E74CE69AEF2F66F037E9000AF1209FB, AF5407AB507EB5F01167D4EFA0B235510F26287159C4594FB3B9CB2D086BDD6E ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
14:12:21.0525 0x1698 LogiRegistryService - ok
14:12:21.0541 0x1698 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:12:21.0541 0x1698 LSI_FC - ok
14:12:21.0557 0x1698 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:12:21.0557 0x1698 LSI_SAS - ok
14:12:21.0557 0x1698 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:12:21.0572 0x1698 LSI_SAS2 - ok
14:12:21.0572 0x1698 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:12:21.0572 0x1698 LSI_SCSI - ok
14:12:21.0588 0x1698 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:12:21.0619 0x1698 luafv - ok
14:12:21.0681 0x1698 [ 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849, 80E571FEE4373E4AF487176C9265FB89912739E961C47880A60115BD50638AEA ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
14:12:21.0681 0x1698 mbamchameleon - ok
14:12:21.0728 0x1698 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:12:21.0728 0x1698 MBAMProtector - ok
14:12:21.0806 0x1698 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
14:12:21.0837 0x1698 MBAMScheduler - ok
14:12:21.0853 0x1698 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
14:12:21.0884 0x1698 MBAMService - ok
14:12:21.0900 0x1698 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
14:12:21.0915 0x1698 MBAMSwissArmy - ok
14:12:21.0931 0x1698 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
14:12:21.0931 0x1698 MBAMWebAccessControl - ok
14:12:21.0947 0x1698 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:12:21.0962 0x1698 Mcx2Svc - ok
14:12:21.0962 0x1698 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:12:21.0962 0x1698 megasas - ok
14:12:21.0978 0x1698 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:12:21.0993 0x1698 MegaSR - ok
14:12:22.0040 0x1698 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
14:12:22.0040 0x1698 MEIx64 - ok
14:12:22.0056 0x1698 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:12:22.0087 0x1698 MMCSS - ok
14:12:22.0087 0x1698 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:12:22.0118 0x1698 Modem - ok
14:12:22.0134 0x1698 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:12:22.0149 0x1698 monitor - ok
14:12:22.0149 0x1698 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:12:22.0165 0x1698 mouclass - ok
14:12:22.0181 0x1698 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:12:22.0212 0x1698 mouhid - ok
14:12:22.0243 0x1698 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:12:22.0243 0x1698 mountmgr - ok
14:12:22.0290 0x1698 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:12:22.0305 0x1698 MozillaMaintenance - ok
14:12:22.0305 0x1698 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:12:22.0321 0x1698 mpio - ok
14:12:22.0321 0x1698 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:12:22.0337 0x1698 mpsdrv - ok
14:12:22.0368 0x1698 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:12:22.0399 0x1698 MpsSvc - ok
14:12:22.0415 0x1698 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:12:22.0446 0x1698 MRxDAV - ok
14:12:22.0477 0x1698 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:12:22.0493 0x1698 mrxsmb - ok
14:12:22.0539 0x1698 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:12:22.0539 0x1698 mrxsmb10 - ok
14:12:22.0586 0x1698 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:12:22.0586 0x1698 mrxsmb20 - ok
14:12:22.0602 0x1698 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:12:22.0617 0x1698 msahci - ok
14:12:22.0617 0x1698 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:12:22.0633 0x1698 msdsm - ok
14:12:22.0633 0x1698 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:12:22.0649 0x1698 MSDTC - ok
14:12:22.0680 0x1698 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:12:22.0695 0x1698 Msfs - ok
14:12:22.0695 0x1698 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:12:22.0727 0x1698 mshidkmdf - ok
14:12:22.0727 0x1698 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:12:22.0727 0x1698 msisadrv - ok
14:12:22.0742 0x1698 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:12:22.0789 0x1698 MSiSCSI - ok
14:12:22.0789 0x1698 msiserver - ok
14:12:22.0805 0x1698 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:12:22.0851 0x1698 MSKSSRV - ok
14:12:22.0883 0x1698 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:12:22.0898 0x1698 MSPCLOCK - ok
14:12:22.0898 0x1698 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:12:22.0914 0x1698 MSPQM - ok
14:12:22.0929 0x1698 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:12:22.0929 0x1698 MsRPC - ok
14:12:22.0945 0x1698 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:12:22.0945 0x1698 mssmbios - ok
14:12:22.0945 0x1698 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:12:22.0992 0x1698 MSTEE - ok
14:12:22.0992 0x1698 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:12:22.0992 0x1698 MTConfig - ok
14:12:23.0007 0x1698 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:12:23.0007 0x1698 Mup - ok
14:12:23.0039 0x1698 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:12:23.0085 0x1698 napagent - ok
14:12:23.0117 0x1698 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:12:23.0148 0x1698 NativeWifiP - ok
14:12:23.0179 0x1698 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:12:23.0210 0x1698 NDIS - ok
14:12:23.0226 0x1698 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:12:23.0241 0x1698 NdisCap - ok
14:12:23.0257 0x1698 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:12:23.0273 0x1698 NdisTapi - ok
14:12:23.0273 0x1698 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:12:23.0304 0x1698 Ndisuio - ok
14:12:23.0304 0x1698 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:12:23.0319 0x1698 NdisWan - ok
14:12:23.0319 0x1698 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:12:23.0351 0x1698 NDProxy - ok
14:12:23.0351 0x1698 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:12:23.0366 0x1698 NetBIOS - ok
14:12:23.0366 0x1698 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:12:23.0397 0x1698 NetBT - ok
14:12:23.0397 0x1698 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
14:12:23.0413 0x1698 Netlogon - ok
14:12:23.0429 0x1698 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:12:23.0460 0x1698 Netman - ok
14:12:23.0491 0x1698 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:23.0507 0x1698 NetMsmqActivator - ok
14:12:23.0522 0x1698 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:23.0538 0x1698 NetPipeActivator - ok
14:12:23.0538 0x1698 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:12:23.0569 0x1698 netprofm - ok
14:12:23.0569 0x1698 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:23.0585 0x1698 NetTcpActivator - ok
14:12:23.0585 0x1698 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:12:23.0585 0x1698 NetTcpPortSharing - ok
14:12:23.0600 0x1698 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:12:23.0600 0x1698 nfrd960 - ok
14:12:23.0631 0x1698 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:12:23.0709 0x1698 NlaSvc - ok
14:12:23.0709 0x1698 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:12:23.0725 0x1698 Npfs - ok
14:12:23.0819 0x1698 [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys
14:12:23.0834 0x1698 NPF_devolo - ok
14:12:23.0834 0x1698 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:12:23.0865 0x1698 nsi - ok
14:12:23.0865 0x1698 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:12:23.0897 0x1698 nsiproxy - ok
14:12:23.0959 0x1698 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:12:23.0990 0x1698 Ntfs - ok
14:12:24.0006 0x1698 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:12:24.0021 0x1698 Null - ok
14:12:24.0053 0x1698 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:12:24.0053 0x1698 nvraid - ok
14:12:24.0084 0x1698 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:12:24.0084 0x1698 nvstor - ok
14:12:24.0084 0x1698 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:12:24.0099 0x1698 nv_agp - ok
14:12:24.0099 0x1698 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:12:24.0115 0x1698 ohci1394 - ok
14:12:24.0162 0x1698 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:12:24.0162 0x1698 ose - ok
14:12:24.0318 0x1698 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:12:24.0396 0x1698 osppsvc - ok
14:12:24.0427 0x1698 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:12:24.0443 0x1698 p2pimsvc - ok
14:12:24.0458 0x1698 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:12:24.0474 0x1698 p2psvc - ok
14:12:24.0474 0x1698 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
14:12:24.0505 0x1698 Parport - ok
14:12:24.0536 0x1698 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:12:24.0552 0x1698 partmgr - ok
14:12:24.0583 0x1698 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:12:24.0630 0x1698 PcaSvc - ok
14:12:24.0630 0x1698 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:12:24.0645 0x1698 pci - ok
14:12:24.0661 0x1698 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:12:24.0677 0x1698 pciide - ok
14:12:24.0677 0x1698 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:12:24.0692 0x1698 pcmcia - ok
14:12:24.0692 0x1698 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:12:24.0692 0x1698 pcw - ok
14:12:24.0723 0x1698 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:12:24.0755 0x1698 PEAUTH - ok
14:12:24.0786 0x1698 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:12:24.0786 0x1698 PerfHost - ok
14:12:24.0833 0x1698 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:12:24.0864 0x1698 pla - ok
14:12:24.0911 0x1698 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:12:24.0926 0x1698 PlugPlay - ok
14:12:24.0942 0x1698 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:12:24.0973 0x1698 PNRPAutoReg - ok
14:12:24.0973 0x1698 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:12:24.0989 0x1698 PNRPsvc - ok
14:12:25.0020 0x1698 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:12:25.0051 0x1698 PolicyAgent - ok
14:12:25.0067 0x1698 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:12:25.0082 0x1698 Power - ok
14:12:25.0098 0x1698 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:12:25.0145 0x1698 PptpMiniport - ok
14:12:25.0160 0x1698 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:12:25.0176 0x1698 Processor - ok
14:12:25.0207 0x1698 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:12:25.0238 0x1698 ProfSvc - ok
14:12:25.0238 0x1698 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:12:25.0254 0x1698 ProtectedStorage - ok
14:12:25.0269 0x1698 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:12:25.0301 0x1698 Psched - ok
14:12:25.0347 0x1698 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:12:25.0379 0x1698 ql2300 - ok
14:12:25.0379 0x1698 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:12:25.0394 0x1698 ql40xx - ok
14:12:25.0394 0x1698 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:12:25.0410 0x1698 QWAVE - ok
14:12:25.0425 0x1698 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:12:25.0425 0x1698 QWAVEdrv - ok
14:12:25.0425 0x1698 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:12:25.0472 0x1698 RasAcd - ok
14:12:25.0503 0x1698 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:12:25.0519 0x1698 RasAgileVpn - ok
14:12:25.0535 0x1698 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:12:25.0581 0x1698 RasAuto - ok
14:12:25.0581 0x1698 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:12:25.0597 0x1698 Rasl2tp - ok
14:12:25.0628 0x1698 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:12:25.0644 0x1698 RasMan - ok
14:12:25.0659 0x1698 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:12:25.0675 0x1698 RasPppoe - ok
14:12:25.0691 0x1698 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:12:25.0706 0x1698 RasSstp - ok
14:12:25.0706 0x1698 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:12:25.0737 0x1698 rdbss - ok
14:12:25.0737 0x1698 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:12:25.0753 0x1698 rdpbus - ok
14:12:25.0753 0x1698 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:12:25.0769 0x1698 RDPCDD - ok
14:12:25.0769 0x1698 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:12:25.0784 0x1698 RDPENCDD - ok
14:12:25.0800 0x1698 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:12:25.0831 0x1698 RDPREFMP - ok
14:12:25.0909 0x1698 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:12:25.0940 0x1698 RdpVideoMiniport - ok
14:12:25.0956 0x1698 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:12:25.0971 0x1698 RDPWD - ok
14:12:25.0987 0x1698 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:12:26.0003 0x1698 rdyboost - ok
14:12:26.0003 0x1698 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:12:26.0034 0x1698 RemoteAccess - ok
14:12:26.0034 0x1698 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:12:26.0065 0x1698 RemoteRegistry - ok
14:12:26.0112 0x1698 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:12:26.0127 0x1698 RFCOMM - ok
14:12:26.0143 0x1698 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:12:26.0159 0x1698 RpcEptMapper - ok
14:12:26.0174 0x1698 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:12:26.0190 0x1698 RpcLocator - ok
14:12:26.0205 0x1698 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:12:26.0221 0x1698 RpcSs - ok
14:12:26.0237 0x1698 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:12:26.0268 0x1698 rspndr - ok
14:12:26.0315 0x1698 [ 518D933228CB1BD04D69ED210420C88A, 829AF3D403EDAAE3CFFC9E16AF99087D0D8D379518715A8E0C750A0458C7B002 ] SaiK1107 C:\Windows\system32\DRIVERS\SaiK1107.sys
14:12:26.0330 0x1698 SaiK1107 - ok
14:12:26.0361 0x1698 [ 306D778E9B6B1612DE29419ABB43BEE5, D10C5AAEB504E9ADA84B69BBA62E956CB70DE758E901D9F697BEFC5B62672A6A ] SaiK1703 C:\Windows\system32\DRIVERS\SaiK1703.sys
14:12:26.0377 0x1698 SaiK1703 - ok
14:12:26.0393 0x1698 [ B08581EDF3290210D3366CD2D992F6C2, FF1BE97B8F37FF39B784CAB254F2460B7F7A84C45BAD5CDB06FE5C29CF293BE5 ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys
14:12:26.0408 0x1698 SaiMini - ok
14:12:26.0424 0x1698 [ D086C2F45D328C2F63FC6B4CD79FCB66, BF3D27D95C83D2454AE62BAFE9297E08BB58EA4C7FBFBDEE075A4FFC6085735C ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys
14:12:26.0424 0x1698 SaiNtBus - ok
14:12:26.0439 0x1698 [ C30B518844FED70334462BE6CE8BC30A, 08DC356E27B83E1A444A12F29BE44BD7A23499852F04C316DE118B9042E6F4F0 ] SaiU1703 C:\Windows\system32\DRIVERS\SaiU1703.sys
14:12:26.0439 0x1698 SaiU1703 - ok
14:12:26.0455 0x1698 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
14:12:26.0455 0x1698 SamSs - ok
14:12:26.0471 0x1698 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:12:26.0471 0x1698 sbp2port - ok
14:12:26.0486 0x1698 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:12:26.0517 0x1698 SCardSvr - ok
14:12:26.0517 0x1698 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:12:26.0549 0x1698 scfilter - ok
14:12:26.0595 0x1698 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
14:12:26.0658 0x1698 Schedule - ok
14:12:26.0673 0x1698 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:12:26.0689 0x1698 SCPolicySvc - ok
14:12:26.0705 0x1698 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:12:26.0720 0x1698 SDRSVC - ok
14:12:26.0720 0x1698 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:12:26.0736 0x1698 secdrv - ok
14:12:26.0751 0x1698 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:12:26.0783 0x1698 seclogon - ok
14:12:26.0814 0x1698 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:12:26.0829 0x1698 SENS - ok
14:12:26.0845 0x1698 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:12:26.0861 0x1698 SensrSvc - ok
14:12:26.0861 0x1698 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:12:26.0876 0x1698 Serenum - ok
14:12:26.0892 0x1698 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:12:26.0907 0x1698 Serial - ok
14:12:26.0939 0x1698 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:12:26.0954 0x1698 sermouse - ok
14:12:26.0970 0x1698 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:12:26.0985 0x1698 SessionEnv - ok
14:12:26.0985 0x1698 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:12:27.0001 0x1698 sffdisk - ok
14:12:27.0001 0x1698 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:12:27.0017 0x1698 sffp_mmc - ok
14:12:27.0017 0x1698 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:12:27.0017 0x1698 sffp_sd - ok
14:12:27.0017 0x1698 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:12:27.0032 0x1698 sfloppy - ok
14:12:27.0063 0x1698 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:12:27.0095 0x1698 SharedAccess - ok
14:12:27.0110 0x1698 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:12:27.0141 0x1698 ShellHWDetection - ok
14:12:27.0141 0x1698 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:12:27.0157 0x1698 SiSRaid2 - ok
14:12:27.0157 0x1698 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:12:27.0157 0x1698 SiSRaid4 - ok
14:12:27.0204 0x1698 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:12:27.0219 0x1698 SkypeUpdate - ok
14:12:27.0235 0x1698 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:12:27.0251 0x1698 Smb - ok
14:12:27.0266 0x1698 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:12:27.0282 0x1698 SNMPTRAP - ok
14:12:27.0282 0x1698 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:12:27.0297 0x1698 spldr - ok
14:12:27.0329 0x1698 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:12:27.0344 0x1698 Spooler - ok
14:12:27.0407 0x1698 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:12:27.0469 0x1698 sppsvc - ok
14:12:27.0485 0x1698 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:12:27.0500 0x1698 sppuinotify - ok
14:12:27.0531 0x1698 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:12:27.0563 0x1698 srv - ok
14:12:27.0563 0x1698 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:12:27.0578 0x1698 srv2 - ok
14:12:27.0594 0x1698 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:12:27.0609 0x1698 srvnet - ok
14:12:27.0656 0x1698 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:12:27.0672 0x1698 SSDPSRV - ok
14:12:27.0672 0x1698 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:12:27.0719 0x1698 SstpSvc - ok
14:12:27.0765 0x1698 [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
14:12:27.0765 0x1698 ssudmdm - ok
14:12:27.0843 0x1698 [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
14:12:27.0859 0x1698 ss_conn_service - ok
14:12:27.0906 0x1698 [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:12:27.0921 0x1698 Steam Client Service - ok
14:12:27.0937 0x1698 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:12:27.0937 0x1698 stexstor - ok
14:12:27.0953 0x1698 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:12:27.0968 0x1698 stisvc - ok
14:12:27.0984 0x1698 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:12:27.0984 0x1698 swenum - ok
14:12:27.0999 0x1698 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:12:28.0031 0x1698 swprv - ok
14:12:28.0077 0x1698 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
14:12:28.0171 0x1698 SysMain - ok
14:12:28.0187 0x1698 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:12:28.0202 0x1698 TabletInputService - ok
14:12:28.0202 0x1698 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:12:28.0233 0x1698 TapiSrv - ok
14:12:28.0233 0x1698 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:12:28.0265 0x1698 TBS - ok
14:12:28.0311 0x1698 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:12:28.0343 0x1698 Tcpip - ok
14:12:28.0405 0x1698 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:12:28.0436 0x1698 TCPIP6 - ok
14:12:28.0452 0x1698 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:12:28.0467 0x1698 tcpipreg - ok
14:12:28.0467 0x1698 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:12:28.0514 0x1698 TDPIPE - ok
14:12:28.0530 0x1698 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:12:28.0545 0x1698 TDTCP - ok
14:12:28.0577 0x1698 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:12:28.0577 0x1698 tdx - ok
14:12:28.0592 0x1698 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:12:28.0592 0x1698 TermDD - ok
14:12:28.0623 0x1698 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:12:28.0670 0x1698 TermService - ok
14:12:28.0701 0x1698 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:12:28.0701 0x1698 Themes - ok
14:12:28.0717 0x1698 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:12:28.0733 0x1698 THREADORDER - ok
14:12:28.0748 0x1698 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:12:28.0795 0x1698 TrkWks - ok
14:12:28.0826 0x1698 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:12:28.0842 0x1698 TrustedInstaller - ok
14:12:28.0873 0x1698 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:12:28.0873 0x1698 tssecsrv - ok
14:12:28.0920 0x1698 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:12:28.0967 0x1698 TsUsbFlt - ok
14:12:28.0998 0x1698 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:12:29.0013 0x1698 TsUsbGD - ok
14:12:29.0029 0x1698 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:12:29.0060 0x1698 tunnel - ok
14:12:29.0091 0x1698 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:12:29.0091 0x1698 uagp35 - ok
14:12:29.0107 0x1698 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:12:29.0138 0x1698 udfs - ok
14:12:29.0169 0x1698 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:12:29.0185 0x1698 UI0Detect - ok
14:12:29.0185 0x1698 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:12:29.0185 0x1698 uliagpkx - ok
14:12:29.0201 0x1698 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:12:29.0232 0x1698 umbus - ok
14:12:29.0232 0x1698 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:12:29.0232 0x1698 UmPass - ok
14:12:29.0263 0x1698 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:12:29.0294 0x1698 upnphost - ok
14:12:29.0310 0x1698 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:12:29.0341 0x1698 usbaudio - ok
14:12:29.0372 0x1698 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:12:29.0388 0x1698 usbccgp - ok
14:12:29.0419 0x1698 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:12:29.0435 0x1698 usbcir - ok
14:12:29.0466 0x1698 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:12:29.0466 0x1698 usbehci - ok
14:12:29.0481 0x1698 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:12:29.0497 0x1698 usbhub - ok
14:12:29.0513 0x1698 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:12:29.0544 0x1698 usbohci - ok
14:12:29.0559 0x1698 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:12:29.0591 0x1698 usbprint - ok
14:12:29.0622 0x1698 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:12:29.0637 0x1698 usbscan - ok
14:12:29.0669 0x1698 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:12:29.0684 0x1698 USBSTOR - ok
14:12:29.0700 0x1698 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:12:29.0715 0x1698 usbuhci - ok
14:12:29.0715 0x1698 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:12:29.0731 0x1698 UxSms - ok
14:12:29.0747 0x1698 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
14:12:29.0747 0x1698 VaultSvc - ok
14:12:29.0762 0x1698 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:12:29.0762 0x1698 vdrvroot - ok
14:12:29.0778 0x1698 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:12:29.0809 0x1698 vds - ok
14:12:29.0809 0x1698 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:12:29.0825 0x1698 vga - ok
14:12:29.0825 0x1698 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:12:29.0856 0x1698 VgaSave - ok
14:12:29.0856 0x1698 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:12:29.0871 0x1698 vhdmp - ok
14:12:29.0887 0x1698 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:12:29.0903 0x1698 viaide - ok
14:12:29.0903 0x1698 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:12:29.0903 0x1698 volmgr - ok
14:12:29.0918 0x1698 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:12:29.0934 0x1698 volmgrx - ok
14:12:29.0949 0x1698 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:12:29.0965 0x1698 volsnap - ok
14:12:29.0981 0x1698 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:12:29.0981 0x1698 vsmraid - ok
14:12:30.0027 0x1698 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:12:30.0074 0x1698 VSS - ok
14:12:30.0183 0x1698 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
14:12:30.0199 0x1698 vssbrigde64 - ok
14:12:30.0199 0x1698 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:12:30.0215 0x1698 vwifibus - ok
14:12:30.0215 0x1698 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:12:30.0230 0x1698 vwififlt - ok
14:12:30.0230 0x1698 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:12:30.0261 0x1698 W32Time - ok
14:12:30.0261 0x1698 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:12:30.0293 0x1698 WacomPen - ok
14:12:30.0308 0x1698 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:12:30.0324 0x1698 WANARP - ok
14:12:30.0339 0x1698 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:12:30.0355 0x1698 Wanarpv6 - ok
14:12:30.0386 0x1698 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:12:30.0417 0x1698 wbengine - ok
14:12:30.0433 0x1698 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:12:30.0464 0x1698 WbioSrvc - ok
14:12:30.0464 0x1698 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:12:30.0480 0x1698 wcncsvc - ok
14:12:30.0480 0x1698 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:12:30.0511 0x1698 WcsPlugInService - ok
14:12:30.0511 0x1698 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:12:30.0527 0x1698 Wd - ok
14:12:30.0558 0x1698 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:12:30.0573 0x1698 Wdf01000 - ok
14:12:30.0605 0x1698 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:12:30.0620 0x1698 WdiServiceHost - ok
14:12:30.0620 0x1698 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:12:30.0620 0x1698 WdiSystemHost - ok
14:12:30.0651 0x1698 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
14:12:30.0667 0x1698 WebClient - ok
14:12:30.0683 0x1698 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:12:30.0729 0x1698 Wecsvc - ok
14:12:30.0745 0x1698 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:12:30.0792 0x1698 wercplsupport - ok
14:12:30.0792 0x1698 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:12:30.0823 0x1698 WerSvc - ok
14:12:30.0839 0x1698 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:12:30.0854 0x1698 WfpLwf - ok
14:12:30.0854 0x1698 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:12:30.0870 0x1698 WIMMount - ok
14:12:30.0885 0x1698 WinDefend - ok
14:12:30.0901 0x1698 WinHttpAutoProxySvc - ok
14:12:30.0948 0x1698 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:12:30.0963 0x1698 Winmgmt - ok
14:12:31.0026 0x1698 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:12:31.0073 0x1698 WinRM - ok
14:12:31.0119 0x1698 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:12:31.0135 0x1698 WinUsb - ok
14:12:31.0151 0x1698 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:12:31.0197 0x1698 Wlansvc - ok
14:12:31.0229 0x1698 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:12:31.0229 0x1698 WmiAcpi - ok
14:12:31.0260 0x1698 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:12:31.0260 0x1698 wmiApSrv - ok
14:12:31.0275 0x1698 WMPNetworkSvc - ok
14:12:31.0291 0x1698 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:12:31.0307 0x1698 WPCSvc - ok
14:12:31.0307 0x1698 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:12:31.0353 0x1698 WPDBusEnum - ok
14:12:31.0353 0x1698 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:12:31.0369 0x1698 ws2ifsl - ok
14:12:31.0385 0x1698 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:12:31.0400 0x1698 wscsvc - ok
14:12:31.0400 0x1698 WSearch - ok
14:12:31.0478 0x1698 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
14:12:31.0556 0x1698 wuauserv - ok
14:12:31.0572 0x1698 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:12:31.0619 0x1698 WudfPf - ok
14:12:31.0634 0x1698 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:12:31.0665 0x1698 WUDFRd - ok
14:12:31.0697 0x1698 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:12:31.0712 0x1698 wudfsvc - ok
14:12:31.0728 0x1698 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:12:31.0775 0x1698 WwanSvc - ok
14:12:31.0775 0x1698 ================ Scan global ===============================
14:12:31.0806 0x1698 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:12:31.0821 0x1698 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
14:12:31.0821 0x1698 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
14:12:31.0853 0x1698 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:12:31.0884 0x1698 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:12:31.0899 0x1698 [ Global ] - ok
14:12:31.0899 0x1698 ================ Scan MBR ==================================
14:12:31.0946 0x1698 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:12:32.0133 0x1698 \Device\Harddisk0\DR0 - ok
14:12:32.0149 0x1698 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:12:32.0165 0x1698 \Device\Harddisk1\DR1 - ok
14:12:32.0165 0x1698 ================ Scan VBR ==================================
14:12:32.0165 0x1698 [ 098D6264315590CB6678D76C11285F29 ] \Device\Harddisk0\DR0\Partition1
14:12:32.0196 0x1698 \Device\Harddisk0\DR0\Partition1 - ok
14:12:32.0196 0x1698 [ D60B7E8182DF73FE41F97131F1C7BB90 ] \Device\Harddisk0\DR0\Partition2
14:12:32.0243 0x1698 \Device\Harddisk0\DR0\Partition2 - ok
14:12:32.0243 0x1698 ================ Scan generic autorun ======================
14:12:32.0414 0x1698 [ EA7D234FDFED4C9297CF18E893D2BB0A, BF1F42EE1A513F937E763DFBBB6968669BF917582FDF5F15BC129CEADBD60538 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
14:12:32.0523 0x1698 RTHDVCPL - ok
14:12:32.0586 0x1698 [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
14:12:32.0586 0x1698 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
14:12:35.0285 0x1698 Detect skipped due to KSN trusted
14:12:35.0285 0x1698 IAStorIcon - ok
14:12:35.0316 0x1698 [ B2B879C0BA746CBB6A97212D8B5908B9, 6B38EB19064746EF42B6DABE754361377D6A460FD8E4C6B619EF4DD659F7357B ] C:\Program Files\SmartTechnology\Software\ProfilerU.exe
14:12:35.0347 0x1698 ProfilerU - detected UnsignedFile.Multi.Generic ( 1 )
14:12:38.0046 0x1698 Detect skipped due to KSN trusted
14:12:38.0046 0x1698 ProfilerU - ok
14:12:38.0061 0x1698 [ 3371D09E5A75889B1CFAF8C05CAFC3B8, 1CAA518BDFB69062355CD10611076E3DF9196DEB7C49EA11F0F2ADDA3DA1F79F ] C:\Program Files\SmartTechnology\Software\SaiMfd.exe
14:12:38.0093 0x1698 SaiMfd - detected UnsignedFile.Multi.Generic ( 1 )
14:12:40.0791 0x1698 Detect skipped due to KSN trusted
14:12:40.0791 0x1698 SaiMfd - ok
14:12:41.0072 0x1698 [ D187A411C9C34F80B4D3AAB97CDB3C0A, 9406914A72D09B0090A263D03AD0E3006C3A30EDBEF0B87C062010AEF2D86B75 ] C:\Program Files\Logitech Gaming Software\LCore.exe
14:12:41.0259 0x1698 Launch LCore - ok
14:12:41.0291 0x1698 [ 1A1D341FB9AB19B8C70F0CD937341039, D28C09BC1093177B4171A40AE2654B68076A8E9402E233436D0100A632BBECB5 ] C:\Program Files\Saitek\VolumeTracker\SaiVolume.exe
14:12:41.0291 0x1698 SaiVolume - detected UnsignedFile.Multi.Generic ( 1 )
14:12:44.0036 0x1698 Detect skipped due to KSN trusted
14:12:44.0036 0x1698 SaiVolume - ok
14:12:44.0052 0x1698 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:12:44.0067 0x1698 Logitech Download Assistant - ok
14:12:44.0099 0x1698 [ 6D44DE61A0BC7EE359D65992665C6432, 5A3C2D57A293B9BDD7CB1A4AA0ACF19374866F8A88EF132E350E5973CB4F7662 ] C:\Program Files\iTunes\iTunesHelper.exe
14:12:44.0099 0x1698 iTunesHelper - ok
14:12:44.0130 0x1698 [ E4E7B29D050F5480071984FE6543C311, 9A4D8D1702AE74AB4FE4367EAF4AD6500F59D4F25B3CCACE3EF07613B7B5853C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
14:12:44.0130 0x1698 USB3MON - ok
14:12:44.0208 0x1698 [ 917FA16911C16E4D68DB45CD03AF1451, 96F66DD6E109D36AC35137CA719935A7F560DFC87D59153FD4BC934C541390BB ] C:\Program Files (x86)\Logitech\G930\G930.exe
14:12:44.0239 0x1698 Logitech G930 - ok
14:12:44.0301 0x1698 [ D7E6D36154C501ED85D6D0D6307F8789, 534097DEB7247DD1694C9CE45D30F859D390272414B586A625FCB93C925955F7 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
14:12:44.0317 0x1698 StartCCC - ok
14:12:44.0364 0x1698 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:12:44.0426 0x1698 Sidebar - ok
14:12:44.0442 0x1698 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:12:44.0457 0x1698 mctadmin - ok
14:12:44.0489 0x1698 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:12:44.0504 0x1698 Sidebar - ok
14:12:44.0504 0x1698 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:12:44.0520 0x1698 mctadmin - ok
14:12:44.0535 0x1698 HydraVisionDesktopManager - ok
14:12:44.0551 0x1698 [ DB4863AF58F4D707AF273300A4D0FCBE, B6A18CC80FA552812842045A346583176F1D1F48D7DC9E9BAB9E874605DCC1A9 ] C:\AdwCleaner\AdwCleaner[C1].txt
14:12:44.0660 0x1698 Report - detected UnsignedFile.Multi.Generic ( 1 )
14:12:47.0406 0x1698 Report ( UnsignedFile.Multi.Generic ) - warning
14:12:50.0323 0x1698 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
14:12:50.0432 0x1698 CCleaner Monitoring - ok
14:12:50.0604 0x1698 [ 2C3207CF21DF8DACB9F9DB14401844D3, 7B620331D64F95D1E6DAAC26D075A3230916D83B34D8A621DFB5EFA12E760AD8 ] C:\Users\Thor\AppData\Local\Amazon Music\Amazon Music Helper.exe
14:12:50.0807 0x1698 Amazon Music - ok
14:12:50.0807 0x1698 Waiting for KSN requests completion. In queue: 2
14:12:51.0821 0x1698 Waiting for KSN requests completion. In queue: 2
14:12:52.0835 0x1698 Waiting for KSN requests completion. In queue: 2
14:12:53.0505 0x0ce4 Object required for P2P: [ 2C3207CF21DF8DACB9F9DB14401844D3 ] C:\Users\Thor\AppData\Local\Amazon Music\Amazon Music Helper.exe
14:12:53.0849 0x1698 Waiting for KSN requests completion. In queue: 1
14:12:54.0863 0x1698 Waiting for KSN requests completion. In queue: 1
14:12:55.0877 0x1698 Waiting for KSN requests completion. In queue: 1
14:12:56.0282 0x0ce4 Object send P2P result: true
14:12:56.0937 0x1698 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
14:12:56.0953 0x1698 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
14:12:59.0667 0x1698 ============================================================
14:12:59.0667 0x1698 Scan finished
14:12:59.0667 0x1698 ============================================================
14:12:59.0667 0x17f8 Detected object count: 1
14:12:59.0667 0x17f8 Actual detected object count: 1
14:13:55.0672 0x17f8 Report ( UnsignedFile.Multi.Generic ) - skipped by user
14:13:55.0672 0x17f8 Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:14:48.0744 0x1258 Deinitialize success
 Liebe Grüße Currufin |
|
05.12.2015, 21:58
| #4 |
| /// the machine /// TB-Ausbilder | Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.12.2015, 09:06
| #5 |
| | Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? Hallo Schrauber, vielen Dank für die Nachricht, ich habe alles nach Anleitung durchgeführt. Es tauchten keine Probleme auf. Dann kam der Neustart, und das Herunterfahren dauerte immer noch extrem lang. Nach dem Neustart ging ich auf das Adminprofil und updatete die Kaspersky Datenbank. Alles soweit ok. Ich führte einen erneuten Neustart durch, wieder extrem langsames Herunterfahren (3-4 Minuten). Als ich dann den Standarduser anmeldete, bekam ich folgende Meldung von Malwarebytes: "Malwarebytes war nicht in der Lage, den Anti-Rootki-DDA-Treiber zu laden. Dieser Fehler kann durch eine Rootkit-Aktivität verursacht werde. Möchten Sie das System neu starten und versuchen, den Treiber zu installieren? (Wenn Sie keinen Neustart durchführen, wird der Ant-Rootkit-Suchlauf für diese Sitzung deaktiviert.)" Dann der "Ja" und "Nein" Button. Ich habe alles so gelassen und noch nichts geklickt. Ich will nichts falsch machen. Was soll ich nun tun? Und allerbesten Dank nochmals für Deine freundliche Hilfe! Viele Grüße Currufin |
|
07.12.2015, 16:00
| #6 |
| /// the machine /// TB-Ausbilder | Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? Bitte mal MBAM und KAV deinstallieren.
__________________ --> Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? |
|
08.12.2015, 18:20
| #7 |
| | Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? Lieber Schrauber, super vielen Dank für die Hilfe! Leider musste ich das System nun doch neu aufsetzen, da auch noch eine Hardware-Änderung dazu kam und ich einfach sicher daran arbeiten können muss, ich bin da momentan unter Zeitdruck. Aber ich konnte meine wichtigen Daten sichern, das verdanke ich Dir! Wie sagt man jetzt Jemandem so danke, der dies wahrscheinlich schon von Zehntausenden gehört hat, dass es ihm noch eine Freude macht? Da ich es nicht weiß, einfach DANKE! Ganz herzlich vielen lieben Dank.Und ein Lob für die vielen tollen Anleitungen hier auf dem Board! Es hat mir alles sehr vereinfacht. Schon mal vorab eine wundervolle Weihnacht!!! Ganz liebe Grüße Currufin |
|
10.12.2015, 12:15
| #8 |
| /// Selecta Jahrusso | Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? Froh, dass wir helfen konnten. ( notiz fürs team )
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
| Themen zu Win 7 64bit: seit 3 Tagen Symptome, keine Fundmeldung, Nutzung Kaspersky Malwarebytes -Infektion? |
| antivir, avira, bildflimmern, desktop, dnsapi.dll, fehler, firefox, flash player, herunterfahren dauert, home, homepage, installation, internet, internet explorer, kaspersky, links werden nicht geöffnet, monitor, officejet, onedrive, registry, rundll, scan, security, server, services.exe, software, svchost.exe, tcp, udp, usb, windows |
Linear-Darstellung
