| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: RundumcheckWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.12.2015, 18:46
| #1 |
| |  Rundumcheck Hallo! Ich hatte letzte Woche ein paar Probleme mit meinem Antivirenprogramm (Norton 360). Hauptgrund für meine Besorgnis ist, dass es bei einem Systemstart einfach nicht mitgestartet ist (es lief auch kein Prozess im Hintergrund, der zu Norton gehört). Nach einem Neustart lief dann alles wieder normal. Seitdem hatte ich immer wieder den Fall, dass Norton beim Systemstart erheblich länger brauchte als alle anderen Programme, um zu starten. Allerdings hat sich auch das inzwischen wieder normalisiert. Scans von mbam und Norton haben beide keine Funde geliefert. Ein ungutes Gefühl bleibt mir allerdings, vor allem da ich in solchen Bereichen meist sehr vorsichtig (ok, paranoid trifft es vielleicht eher) bin. Daher wäre ich sehr dankbar, wenn mir jemand bei einem "Rundumcheck" (evtl. mit Rootkit-Scan?) von meinem System helfen könnte. FRST-Scan habe ich bereits gemacht, leider ist die Addition.txt sowohl bezüglich der Zeichengrenze zu groß, als auch bezüglich der Anhangsgröße für txt, deswegen habe ich sie in zwei Dokumente gesplittet. Grüße, Felix Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von ******* (Administrator) auf VESSNAR (20-12-2015 18:10:24)
Gestartet von C:\Users\*******\Desktop
Geladene Profile: ******* (Verfügbare Profile: *******)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [735744 2013-02-27] (Creative Technology Ltd)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [13253952 2015-11-17] (Corsair Components, Inc.)
HKU\S-1-5-21-3912806440-3427432520-2885912131-1000\...\MountPoints2: {bf7cb2ed-3f1e-11e3-8b48-74d02b25f13c} - F:\pushinst.exe
HKU\S-1-5-18\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3526D6E8-20AC-4671-BE1C-964C54141690}: [DhcpNameServer] 10.77.0.254
Tcpip\..\Interfaces\{D2E1D197-871E-4505-99DF-337FE653F2F4}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3912806440-3427432520-2885912131-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\rzi1zg4r.default
FF Homepage: file:///E:/Backup/*******/Documents/firefox/starting%20page.html
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [2013-11-12] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-18] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-30] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\rzi1zg4r.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Adblock Plus - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\rzi1zg4r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-25]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe [381824 2012-08-28] (ASUSTeK Computer Inc.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112640 2013-05-22] (Creative Technology Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2015-01-11] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-12-13] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-08-30] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-09-06] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20151218.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R3 CorsairVBusDriver; C:\Windows\System32\DRIVERS\CorsairVBusDriver.sys [47840 2015-09-28] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\DRIVERS\CorsairVHidDriver.sys [21728 2015-09-28] (Corsair)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1060632 2013-05-22] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [33560 2013-05-22] (Creative Technology Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20151218.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-09-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151220.001\ENG64.SYS [138488 2015-12-01] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151220.001\EX64.SYS [2148080 2015-12-01] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-22] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
S3 CT20XUT; system32\drivers\CT20XUT.SYS [X]
S3 CT20XUT.SYS; \SystemRoot\System32\drivers\CT20XUT.SYS [X]
S3 ctac32k; system32\drivers\ctac32k.sys [X]
S3 ctaud2k; system32\drivers\ctaud2k.sys [X]
S3 CTEXFIFX; system32\drivers\CTEXFIFX.SYS [X]
S3 CTEXFIFX.SYS; \SystemRoot\System32\drivers\CTEXFIFX.SYS [X]
S3 CTHWIUT; system32\drivers\CTHWIUT.SYS [X]
S3 CTHWIUT.SYS; \SystemRoot\System32\drivers\CTHWIUT.SYS [X]
S3 ctprxy2k; system32\drivers\ctprxy2k.sys [X]
S3 emupia; system32\drivers\emupia2k.sys [X]
S3 ha20x22k; system32\drivers\ha20x22k.sys [X]
S3 ha20x2k; system32\drivers\ha20x2k.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-20 18:10 - 2015-12-20 18:10 - 00021489 _____ C:\Users\*******\Desktop\FRST.txt
2015-12-20 17:04 - 2015-12-20 17:07 - 00000000 ____D C:\Users\*******\Desktop\FRST-OlderVersion
2015-12-20 16:04 - 2015-12-20 18:10 - 00000000 ____D C:\FRST
2015-12-20 16:02 - 2015-12-20 17:07 - 02370560 _____ (Farbar) C:\Users\*******\Desktop\FRST64.exe
2015-12-19 20:34 - 2015-12-19 20:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-12-19 20:34 - 2015-12-19 20:34 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-19 20:31 - 2015-12-19 20:31 - 82474680 _____ (Adobe Systems Incorporated) C:\Users\*******\Downloads\AcroRdrDC1500920069_de_DE.exe
2015-12-19 00:50 - 2015-12-19 00:50 - 00000000 ____D C:\Users\*******\AppData\LocalLow\Simogo
2015-12-18 22:00 - 2015-12-19 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-15 15:45 - 2015-12-16 00:13 - 00021558 _____ C:\Windows\ntbtlog.txt
2015-12-14 15:36 - 2015-12-14 15:36 - 00023592 _____ C:\Users\*******\Downloads\Der Heiland ist geboren.pdf
2015-12-12 23:55 - 2015-12-12 23:55 - 00000000 ____D C:\Users\*******\Documents\Outlook-Dateien
2015-12-08 19:42 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-08 19:42 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-08 19:42 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-08 19:42 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-08 19:42 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-08 19:42 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-08 19:42 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-08 19:42 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-08 19:42 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-08 19:42 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-08 19:42 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-08 19:42 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-08 19:42 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-08 19:42 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-08 19:42 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-08 19:42 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-08 19:42 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-08 19:42 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-08 19:42 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-08 19:42 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-08 19:42 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-08 19:42 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-08 19:42 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-08 19:42 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-08 19:42 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-08 19:42 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-08 19:42 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-08 19:42 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-08 19:42 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-08 19:42 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-08 19:42 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-08 19:42 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-08 19:42 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-08 19:42 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-08 19:42 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-08 19:42 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-08 19:42 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-08 19:42 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-08 19:42 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-08 19:42 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-08 19:42 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-08 19:42 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-08 19:42 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-08 19:42 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-08 19:42 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-08 19:42 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-08 19:42 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-08 19:42 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-08 19:42 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-08 19:42 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-08 19:42 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-08 19:42 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-08 19:42 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-08 19:42 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-08 19:42 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-08 19:42 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-08 19:42 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-08 19:42 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-08 19:42 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-08 19:42 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-08 19:42 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-08 19:42 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-08 19:42 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-08 19:42 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-08 19:42 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-08 19:42 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-08 19:42 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-08 19:42 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-08 19:42 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-08 19:42 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-08 19:42 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-08 19:42 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-08 19:42 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-08 19:42 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-08 19:42 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-08 19:42 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-08 19:42 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-08 19:42 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-08 19:42 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-08 19:42 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-08 19:42 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-08 19:42 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-08 19:42 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-08 19:42 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-08 19:42 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-08 19:42 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-08 19:42 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-08 19:42 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-08 19:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-08 19:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-08 19:42 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-08 19:42 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-08 19:42 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-08 19:41 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-08 19:41 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-08 19:41 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-08 19:41 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-08 19:41 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 14:58 - 2015-12-08 14:58 - 00021081 _____ C:\Users\*******\Downloads\Weihnachtslieder.pdf
2015-12-01 22:33 - 2015-12-01 22:34 - 00675632 _____ C:\Windows\Minidump\120115-29328-01.dmp
2015-12-01 21:38 - 2015-12-01 21:38 - 18220192 _____ (Adobe Systems Inc.) C:\Users\*******\Downloads\AdobeAIRInstaller.exe
2015-11-30 21:37 - 2015-11-30 21:37 - 00000000 ____D C:\Users\*******\AppData\Roaming\Ice-Pick Lodge
2015-11-29 23:54 - 2015-11-29 23:54 - 00000000 ____D C:\Users\*******\Documents\fallout 3 ini backup
2015-11-29 22:04 - 2015-11-29 22:04 - 00000000 ____D C:\Windows\SysWOW64\xlive
2015-11-29 22:04 - 2015-11-29 22:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-11-29 17:10 - 2015-11-29 21:25 - 00000000 ____D C:\Users\*******\AppData\Local\Fallout3
2015-11-29 02:41 - 2015-11-29 03:03 - 00000820 _____ C:\Windows\system32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2015-11-28 21:15 - 2015-11-28 21:15 - 00000000 ____D C:\Users\*******\AppData\Roaming\Smart Recorder
2015-11-28 21:14 - 2015-11-28 21:14 - 00000000 ____D C:\Users\*******\AppData\Roaming\Creative
2015-11-28 20:35 - 2015-11-29 02:41 - 00062240 _____ C:\Windows\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2015-11-28 20:34 - 2015-11-29 02:40 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2015-11-28 20:33 - 2015-11-29 03:03 - 00000000 ____D C:\Windows\SysWOW64\Data
2015-11-28 20:33 - 2015-11-29 03:03 - 00000000 ____D C:\Windows\system32\Data
2015-11-28 20:33 - 2007-09-13 18:05 - 00002560 _____ () C:\Windows\system32\CTXFIGER.DLL
2015-11-28 20:33 - 2007-09-13 03:05 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIGER.DLL
2015-11-28 20:33 - 2004-07-30 14:46 - 00020480 _____ (Creative Technology Limited) C:\Windows\SysWOW64\INRESGER.DLL
2015-11-27 16:27 - 2015-11-27 16:27 - 00000000 ____D C:\Users\*******\AppData\Roaming\Corsair
2015-11-27 16:27 - 2015-11-27 16:27 - 00000000 ____D C:\Users\*******\AppData\Local\Corsair
2015-11-27 16:26 - 2015-11-27 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2015-11-27 16:26 - 2015-11-27 16:26 - 00000000 ____D C:\Program Files (x86)\Corsair
2015-11-27 16:22 - 2015-11-27 16:22 - 00000000 ____D C:\Users\*******\Downloads\Corsair-Utility-Engine-v1.12.75
2015-11-27 16:21 - 2015-11-27 16:22 - 59659068 _____ C:\Users\*******\Downloads\Corsair-Utility-Engine-v1.12.75.zip
2015-11-26 17:19 - 2015-11-26 17:19 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2015-11-26 17:13 - 2015-11-26 17:13 - 00003206 _____ C:\Windows\System32\Tasks\Norton WSC Integration
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-20 17:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-20 17:08 - 2014-05-16 19:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-20 15:29 - 2013-10-27 20:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-20 14:05 - 2009-07-14 05:45 - 00030880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-20 14:05 - 2009-07-14 05:45 - 00030880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-20 13:55 - 2011-04-12 08:43 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-12-20 13:55 - 2011-04-12 08:43 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-12-20 13:55 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-20 13:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-20 13:54 - 2015-07-31 13:27 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2015-12-20 13:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-20 01:23 - 2013-11-17 16:49 - 00000000 ____D C:\Users\*******\AppData\Roaming\TS3Client
2015-12-19 20:35 - 2014-08-25 15:47 - 00000000 ____D C:\Users\*******\AppData\Local\Adobe
2015-12-19 20:34 - 2014-12-25 15:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-19 20:23 - 2013-10-27 20:54 - 00000000 ____D C:\ProgramData\Adobe
2015-12-19 19:08 - 2013-11-04 23:59 - 00000000 ____D C:\Users\*******\Documents\Gamesaves
2015-12-19 19:08 - 2013-11-04 23:56 - 00000000 ____D C:\Users\*******\Documents\games
2015-12-19 16:06 - 2013-11-06 18:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-19 01:40 - 2013-10-28 20:06 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 21:47 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media
2015-12-18 02:29 - 2015-04-05 01:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 02:29 - 2015-04-05 01:31 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-16 22:07 - 2013-11-06 17:50 - 00000000 ____D C:\Users\*******\AppData\Local\NPE
2015-12-16 17:34 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-16 16:41 - 2013-12-14 14:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-12-16 16:30 - 2013-12-14 14:29 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-15 15:46 - 2014-05-13 13:44 - 00000000 ____D C:\NPE
2015-12-15 15:40 - 2014-04-27 14:48 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-15 15:39 - 2014-04-27 14:47 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-12-13 00:05 - 2013-11-05 00:00 - 00000000 ____D C:\Users\*******\Documents\University
2015-12-12 23:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 00:16 - 2013-11-13 20:11 - 00000456 _____ C:\Users\*******\Desktop\bestellliste.txt
2015-12-09 14:13 - 2009-07-14 05:45 - 00435408 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 00:53 - 2013-10-27 18:19 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 00:50 - 2013-10-27 18:19 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-06 19:36 - 2013-10-27 20:59 - 00000000 ____D C:\ProgramData\Origin
2015-12-03 16:46 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-03 16:39 - 2013-10-27 20:59 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-01 22:33 - 2013-10-27 22:59 - 1227878191 _____ C:\Windows\MEMORY.DMP
2015-12-01 22:33 - 2013-10-27 22:59 - 00000000 ____D C:\Windows\Minidump
2015-11-30 21:06 - 2014-10-24 16:31 - 00003353 _____ C:\Users\*******\Desktop\cart.txt
2015-11-29 17:09 - 2013-10-31 16:57 - 00000000 ____D C:\Users\*******\Documents\my games
2015-11-29 03:04 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Creative
2015-11-29 03:03 - 2013-11-16 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-11-29 03:03 - 2013-11-16 16:13 - 00000078 ___RH C:\Windows\ctfile.rfc
2015-11-29 03:02 - 2013-11-16 16:17 - 00000000 ____D C:\ProgramData\Creative
2015-11-29 03:01 - 2013-10-27 16:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-26 17:14 - 2013-10-27 16:47 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2015-11-26 17:13 - 2015-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-11-26 17:13 - 2015-08-22 17:12 - 00002239 _____ C:\Users\Public\Desktop\Norton 360 Online.LNK
2015-11-24 21:03 - 2013-10-27 21:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-24 13:08 - 2014-05-16 19:48 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-05 21:00 - 2015-01-07 21:22 - 0001474 _____ () C:\Users\*******\AppData\Roaming\SpeedRunnersLog.txt
2014-05-06 16:11 - 2014-05-06 16:11 - 0007679 _____ () C:\Users\*******\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\*******\AppData\Local\setup.txt
2013-10-30 18:38 - 2013-10-30 18:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-02 13:48 - 2014-11-03 13:48 - 0000032 ____R () C:\ProgramData\hash.dat
2015-10-17 22:00 - 2015-10-17 22:00 - 0000128 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\hash.dat
Einige Dateien in TEMP:
====================
C:\Users\*******\AppData\Local\Temp\OfficeSetup.exe
C:\Users\*******\AppData\Local\Temp\_is9C0F.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-12 23:02
==================== Ende von FRST.txt ============================
|
|
20.12.2015, 23:20
| #2 |
| /// Malwareteam  | Rundumcheck Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Können wir natürlich gern machen, aber ich tipp eher auf Bugs im Norton. Schritt # 1: TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt # 2: Bitte Posten
__________________ |
|
21.12.2015, 16:04
| #3 |
| | Rundumcheck Hi!
__________________Schon mal vielen Dank für die Hilfe! Ich gehe inzwischen eigentlich auch von einem Problem von Norton aus, aber ich würde gerne einfach auf Nummer sicher gehen. Unten das TDSS-Killer-Log. Grüße, Felix Code:
ATTFilter 15:46:09.0209 0x1a70 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:46:09.0209 0x1a70 UEFI system
15:46:20.0804 0x1a70 ============================================================
15:46:20.0804 0x1a70 Current date / time: 2015/12/21 15:46:20.0804
15:46:20.0804 0x1a70 SystemInfo:
15:46:20.0804 0x1a70
15:46:20.0805 0x1a70 OS Version: 6.1.7601 ServicePack: 1.0
15:46:20.0805 0x1a70 Product type: Workstation
15:46:20.0805 0x1a70 ComputerName: VESSNAR
15:46:20.0805 0x1a70 UserName: *******
15:46:20.0805 0x1a70 Windows directory: C:\Windows
15:46:20.0805 0x1a70 System windows directory: C:\Windows
15:46:20.0805 0x1a70 Running under WOW64
15:46:20.0805 0x1a70 Processor architecture: Intel x64
15:46:20.0805 0x1a70 Number of processors: 8
15:46:20.0805 0x1a70 Page size: 0x1000
15:46:20.0805 0x1a70 Boot type: Normal boot
15:46:20.0805 0x1a70 ============================================================
15:46:22.0207 0x1a70 KLMD registered as C:\Windows\system32\drivers\90198966.sys
15:46:22.0450 0x1a70 System UUID: {76F1674E-7D55-3BBF-6370-B9D47FA7ADDB}
15:46:22.0862 0x1a70 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:22.0875 0x1a70 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:22.0879 0x1a70 ============================================================
15:46:22.0879 0x1a70 \Device\Harddisk1\DR1:
15:46:22.0880 0x1a70 MBR partitions:
15:46:22.0880 0x1a70 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:46:22.0880 0x1a70 \Device\Harddisk0\DR0:
15:46:22.0880 0x1a70 GPT partitions:
15:46:22.0880 0x1a70 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {865D392B-F8E8-4195-8381-5A8FFA763CF8}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
15:46:22.0880 0x1a70 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {8F08E43C-79C2-4537-8DD8-E2B4F9903B2E}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
15:46:22.0880 0x1a70 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1051247F-5162-44EA-A4E1-37E78128D072}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D153000
15:46:22.0880 0x1a70 MBR partitions:
15:46:22.0880 0x1a70 ============================================================
15:46:22.0894 0x1a70 C: <-> \Device\Harddisk0\DR0\Partition3
15:46:22.0955 0x1a70 E: <-> \Device\Harddisk1\DR1\Partition1
15:46:22.0956 0x1a70 ============================================================
15:46:22.0956 0x1a70 Initialize success
15:46:22.0956 0x1a70 ============================================================
15:47:32.0803 0x04e4 ============================================================
15:47:32.0803 0x04e4 Scan started
15:47:32.0803 0x04e4 Mode: Manual; SigCheck; TDLFS;
15:47:32.0803 0x04e4 ============================================================
15:47:32.0803 0x04e4 KSN ping started
15:47:35.0133 0x04e4 KSN ping finished: true
15:47:35.0737 0x04e4 ================ Scan system memory ========================
15:47:35.0737 0x04e4 System memory - ok
15:47:35.0737 0x04e4 ================ Scan services =============================
15:47:35.0813 0x04e4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:47:35.0874 0x04e4 1394ohci - ok
15:47:35.0892 0x04e4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:47:35.0904 0x04e4 ACPI - ok
15:47:35.0911 0x04e4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:47:35.0944 0x04e4 AcpiPmi - ok
15:47:36.0014 0x04e4 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:47:36.0021 0x04e4 AdobeARMservice - ok
15:47:36.0036 0x04e4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:47:36.0050 0x04e4 adp94xx - ok
15:47:36.0061 0x04e4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:47:36.0072 0x04e4 adpahci - ok
15:47:36.0080 0x04e4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:47:36.0089 0x04e4 adpu320 - ok
15:47:36.0110 0x04e4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:47:36.0134 0x04e4 AeLookupSvc - ok
15:47:36.0158 0x04e4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
15:47:36.0183 0x04e4 AFD - ok
15:47:36.0189 0x04e4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:47:36.0196 0x04e4 agp440 - ok
15:47:36.0211 0x04e4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:47:36.0235 0x04e4 ALG - ok
15:47:36.0247 0x04e4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:47:36.0253 0x04e4 aliide - ok
15:47:36.0255 0x04e4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:47:36.0261 0x04e4 amdide - ok
15:47:36.0268 0x04e4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:47:36.0277 0x04e4 AmdK8 - ok
15:47:36.0279 0x04e4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:47:36.0287 0x04e4 AmdPPM - ok
15:47:36.0297 0x04e4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:47:36.0305 0x04e4 amdsata - ok
15:47:36.0320 0x04e4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:47:36.0329 0x04e4 amdsbs - ok
15:47:36.0332 0x04e4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:47:36.0338 0x04e4 amdxata - ok
15:47:36.0356 0x04e4 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
15:47:36.0376 0x04e4 AppID - ok
15:47:36.0394 0x04e4 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:47:36.0401 0x04e4 AppIDSvc - ok
15:47:36.0422 0x04e4 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
15:47:36.0441 0x04e4 Appinfo - ok
15:47:36.0474 0x04e4 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:47:36.0481 0x04e4 Apple Mobile Device - ok
15:47:36.0495 0x04e4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:47:36.0514 0x04e4 AppMgmt - ok
15:47:36.0522 0x04e4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:47:36.0530 0x04e4 arc - ok
15:47:36.0540 0x04e4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:47:36.0547 0x04e4 arcsas - ok
15:47:36.0571 0x04e4 [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
15:47:36.0582 0x04e4 asahci64 - ok
15:47:36.0644 0x04e4 [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
15:47:36.0662 0x04e4 asComSvc - ok
15:47:36.0687 0x04e4 [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
15:47:36.0712 0x04e4 asHmComSvc - ok
15:47:36.0768 0x04e4 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
15:47:36.0774 0x04e4 AsIO - ok
15:47:36.0795 0x04e4 [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
15:47:36.0818 0x04e4 asmthub3 - ok
15:47:36.0831 0x04e4 [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
15:47:36.0852 0x04e4 asmtxhci - ok
15:47:36.0908 0x04e4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:47:36.0916 0x04e4 aspnet_state - ok
15:47:36.0945 0x04e4 [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
15:47:36.0952 0x04e4 AsSysCtrlService - ok
15:47:36.0983 0x04e4 [ 1950CDC51BB7635740E446027E6FCDD4, 1BB0655C059F88560E8B9F044521F12C9FE1B93289AF99E937F985F33AB2693C ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe
15:47:36.0994 0x04e4 AsusFanControlService - ok
15:47:37.0003 0x04e4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:47:37.0077 0x04e4 AsyncMac - ok
15:47:37.0092 0x04e4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:47:37.0099 0x04e4 atapi - ok
15:47:37.0116 0x04e4 [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
15:47:37.0126 0x04e4 atksgt - ok
15:47:37.0153 0x04e4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:47:37.0186 0x04e4 AudioEndpointBuilder - ok
15:47:37.0197 0x04e4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:47:37.0213 0x04e4 AudioSrv - ok
15:47:37.0236 0x04e4 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
15:47:37.0250 0x04e4 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
15:47:39.0570 0x04e4 Detect skipped due to KSN trusted
15:47:39.0570 0x04e4 AVM WLAN Connection Service - ok
15:47:39.0579 0x04e4 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
15:47:39.0585 0x04e4 avmeject - ok
15:47:39.0601 0x04e4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:47:39.0626 0x04e4 AxInstSV - ok
15:47:39.0655 0x04e4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:47:39.0673 0x04e4 b06bdrv - ok
15:47:39.0686 0x04e4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:47:39.0705 0x04e4 b57nd60a - ok
15:47:39.0714 0x04e4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:47:39.0730 0x04e4 BDESVC - ok
15:47:39.0737 0x04e4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:47:39.0763 0x04e4 Beep - ok
15:47:39.0791 0x04e4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:47:39.0819 0x04e4 BFE - ok
15:47:39.0897 0x04e4 [ 9CF4428D09C73B6F633AF9E58B835689, 173D1A8A3E1B1CA6D0E4773B048B8B6549A8124E87942992BDE30211BEFFBE20 ] BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20151218.001\BHDrvx64.sys
15:47:39.0925 0x04e4 BHDrvx64 - ok
15:47:39.0949 0x04e4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:47:40.0030 0x04e4 BITS - ok
15:47:40.0039 0x04e4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:47:40.0054 0x04e4 blbdrive - ok
15:47:40.0093 0x04e4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:47:40.0105 0x04e4 Bonjour Service - ok
15:47:40.0118 0x04e4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:47:40.0130 0x04e4 bowser - ok
15:47:40.0135 0x04e4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:47:40.0144 0x04e4 BrFiltLo - ok
15:47:40.0149 0x04e4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:47:40.0157 0x04e4 BrFiltUp - ok
15:47:40.0176 0x04e4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:47:40.0196 0x04e4 Browser - ok
15:47:40.0209 0x04e4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:47:40.0227 0x04e4 Brserid - ok
15:47:40.0233 0x04e4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:47:40.0243 0x04e4 BrSerWdm - ok
15:47:40.0245 0x04e4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:47:40.0254 0x04e4 BrUsbMdm - ok
15:47:40.0266 0x04e4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:47:40.0273 0x04e4 BrUsbSer - ok
15:47:40.0288 0x04e4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:47:40.0298 0x04e4 BTHMODEM - ok
15:47:40.0307 0x04e4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:47:40.0326 0x04e4 bthserv - ok
15:47:40.0375 0x04e4 [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys
15:47:40.0384 0x04e4 ccSet_N360 - ok
15:47:40.0392 0x04e4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:47:40.0420 0x04e4 cdfs - ok
15:47:40.0430 0x04e4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:47:40.0443 0x04e4 cdrom - ok
15:47:40.0458 0x04e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:47:40.0480 0x04e4 CertPropSvc - ok
15:47:40.0489 0x04e4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:47:40.0499 0x04e4 circlass - ok
15:47:40.0524 0x04e4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:47:40.0536 0x04e4 CLFS - ok
15:47:40.0629 0x04e4 [ 7A36AD856A17AFB1EBAAD3C5BF1362A1, 9779501A2B733B6F2855E421115C0123AC3A67715E7E7C85ACED58939DC0883D ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
15:47:40.0672 0x04e4 ClickToRunSvc - ok
15:47:40.0708 0x04e4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:47:40.0716 0x04e4 clr_optimization_v2.0.50727_32 - ok
15:47:40.0739 0x04e4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:47:40.0746 0x04e4 clr_optimization_v2.0.50727_64 - ok
15:47:40.0785 0x04e4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:47:40.0794 0x04e4 clr_optimization_v4.0.30319_32 - ok
15:47:40.0805 0x04e4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:47:40.0814 0x04e4 clr_optimization_v4.0.30319_64 - ok
15:47:40.0825 0x04e4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:47:40.0835 0x04e4 CmBatt - ok
15:47:40.0847 0x04e4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:47:40.0853 0x04e4 cmdide - ok
15:47:40.0880 0x04e4 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
15:47:40.0896 0x04e4 CNG - ok
15:47:40.0909 0x04e4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:47:40.0916 0x04e4 Compbatt - ok
15:47:40.0930 0x04e4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:47:40.0944 0x04e4 CompositeBus - ok
15:47:40.0950 0x04e4 COMSysApp - ok
15:47:40.0968 0x04e4 [ 829FD68876F4B6484AAF85F1E98BE050, BF94C916A393E0D99DB9E49FB5B37649799EA494112FD7271D0EAC704751F799 ] CorsairVBusDriver C:\Windows\system32\DRIVERS\CorsairVBusDriver.sys
15:47:40.0975 0x04e4 CorsairVBusDriver - ok
15:47:40.0995 0x04e4 [ 407237341D4E3D27E987E4B78CAF5359, EBFD281D853D45016C67003B284C88FB4BB59B6ACE181E207CCC4A14449092BC ] CorsairVHidDriver C:\Windows\system32\DRIVERS\CorsairVHidDriver.sys
15:47:41.0000 0x04e4 CorsairVHidDriver - ok
15:47:41.0002 0x04e4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:47:41.0009 0x04e4 crcdisk - ok
15:47:41.0039 0x04e4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:47:41.0059 0x04e4 CryptSvc - ok
15:47:41.0078 0x04e4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:47:41.0096 0x04e4 CSC - ok
15:47:41.0113 0x04e4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:47:41.0133 0x04e4 CscService - ok
15:47:41.0141 0x04e4 CT20XUT - ok
15:47:41.0149 0x04e4 CT20XUT.SYS - ok
15:47:41.0150 0x04e4 ctac32k - ok
15:47:41.0152 0x04e4 ctaud2k - ok
15:47:41.0179 0x04e4 [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:47:41.0195 0x04e4 CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
15:47:43.0514 0x04e4 Detect skipped due to KSN trusted
15:47:43.0514 0x04e4 CTAudSvcService - ok
15:47:43.0516 0x04e4 CTEXFIFX - ok
15:47:43.0517 0x04e4 CTEXFIFX.SYS - ok
15:47:43.0549 0x04e4 [ 8931FC44F1D9CFF0CC1557E4F762984B, 9A011556F7D6A5B29ECFD02474EF63A2F32D6815ACFE3EBAB58F21B6846E9864 ] cthda C:\Windows\system32\drivers\cthda.sys
15:47:43.0569 0x04e4 cthda - ok
15:47:43.0607 0x04e4 [ DAC49922B75957F76310B8E5A6C2995E, 0F46E12054148C0949D0AA6D5FFD74A2CD04493A9799F1632FC3672469DA41B2 ] CtHdaSvc C:\Windows\sysWow64\CtHdaSvc.exe
15:47:43.0621 0x04e4 CtHdaSvc - ok
15:47:43.0636 0x04e4 [ E74309AD2D54D98780B6B6018F41CAEB, 11F9B33679CEAB5D0BA38EB3B9DC26BA2EA18E4BD726DEF89FDB1DD3F369F467 ] cthdb C:\Windows\system32\DRIVERS\cthdb.sys
15:47:43.0642 0x04e4 cthdb - ok
15:47:43.0644 0x04e4 CTHWIUT - ok
15:47:43.0645 0x04e4 CTHWIUT.SYS - ok
15:47:43.0647 0x04e4 ctprxy2k - ok
15:47:43.0669 0x04e4 [ E6710DA0D8077F40888F57B49664546F, FED156A6279FF946014281DEF15AC1858D420F0D0FF5B45ED9FEBB2E018EE331 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
15:47:43.0678 0x04e4 ctsfm2k - ok
15:47:43.0695 0x04e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:47:43.0722 0x04e4 DcomLaunch - ok
15:47:43.0736 0x04e4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:47:43.0766 0x04e4 defragsvc - ok
15:47:43.0804 0x04e4 [ BEC95854461667C029939ADACAC84007, E70E78BC41AF499C3D9FF9B83F33C6919097AF4A8075F313D336AFB258133CBC ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
15:47:43.0830 0x04e4 Desura Install Service - ok
15:47:43.0844 0x04e4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:47:43.0868 0x04e4 DfsC - ok
15:47:43.0883 0x04e4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:47:43.0902 0x04e4 Dhcp - ok
15:47:43.0959 0x04e4 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
15:47:43.0996 0x04e4 DiagTrack - ok
15:47:44.0002 0x04e4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:47:44.0022 0x04e4 discache - ok
15:47:44.0035 0x04e4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:47:44.0043 0x04e4 Disk - ok
15:47:44.0057 0x04e4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:47:44.0072 0x04e4 dmvsc - ok
15:47:44.0086 0x04e4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:47:44.0111 0x04e4 Dnscache - ok
15:47:44.0129 0x04e4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:47:44.0155 0x04e4 dot3svc - ok
15:47:44.0164 0x04e4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:47:44.0185 0x04e4 DPS - ok
15:47:44.0201 0x04e4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:47:44.0213 0x04e4 drmkaud - ok
15:47:44.0246 0x04e4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:47:44.0265 0x04e4 DXGKrnl - ok
15:47:44.0284 0x04e4 [ 1BEF2C2E229452EC49FFE5A27283341D, 7010273570BD38E578FCF1DD2EB00C21E8FA3504CE2342AEE3755F6EFC4581E9 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
15:47:44.0296 0x04e4 e1cexpress - ok
15:47:44.0308 0x04e4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:47:44.0329 0x04e4 EapHost - ok
15:47:44.0340 0x04e4 EasyAntiCheat - ok
15:47:44.0398 0x04e4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:47:44.0474 0x04e4 ebdrv - ok
15:47:44.0519 0x04e4 [ DB817375F4D6D3F2556DE7777775D885, 6DC5CC936E26CBB468ACDD008F6F8B30F8D9D1EC631BCDDF7E692814C9A54D7D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
15:47:44.0532 0x04e4 eeCtrl - ok
15:47:44.0554 0x04e4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
15:47:44.0569 0x04e4 EFS - ok
15:47:44.0605 0x04e4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:47:44.0632 0x04e4 ehRecvr - ok
15:47:44.0636 0x04e4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:47:44.0645 0x04e4 ehSched - ok
15:47:44.0660 0x04e4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:47:44.0675 0x04e4 elxstor - ok
15:47:44.0677 0x04e4 emupia - ok
15:47:44.0704 0x04e4 [ A47F76D4AAFD6193AAC5E049C560213D, 2B6E4EB31394C4D8D2444A197FFCC3C702BC17B0F7BDF0D6FF87DF5C14016FC1 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:47:44.0713 0x04e4 EraserUtilRebootDrv - ok
15:47:44.0718 0x04e4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:47:44.0726 0x04e4 ErrDev - ok
15:47:44.0743 0x04e4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:47:44.0768 0x04e4 EventSystem - ok
15:47:44.0780 0x04e4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:47:44.0802 0x04e4 exfat - ok
15:47:44.0811 0x04e4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:47:44.0833 0x04e4 fastfat - ok
15:47:44.0856 0x04e4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:47:44.0881 0x04e4 Fax - ok
15:47:44.0893 0x04e4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:47:44.0907 0x04e4 fdc - ok
15:47:44.0920 0x04e4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:47:44.0945 0x04e4 fdPHost - ok
15:47:44.0947 0x04e4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:47:44.0966 0x04e4 FDResPub - ok
15:47:44.0972 0x04e4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:47:44.0980 0x04e4 FileInfo - ok
15:47:44.0987 0x04e4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:47:45.0013 0x04e4 Filetrace - ok
15:47:45.0022 0x04e4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:47:45.0030 0x04e4 flpydisk - ok
15:47:45.0038 0x04e4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:47:45.0049 0x04e4 FltMgr - ok
15:47:45.0100 0x04e4 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
15:47:45.0143 0x04e4 FontCache - ok
15:47:45.0166 0x04e4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:47:45.0173 0x04e4 FontCache3.0.0.0 - ok
15:47:45.0179 0x04e4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:47:45.0186 0x04e4 FsDepends - ok
15:47:45.0192 0x04e4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:47:45.0199 0x04e4 Fs_Rec - ok
15:47:45.0219 0x04e4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:47:45.0230 0x04e4 fvevol - ok
15:47:45.0260 0x04e4 [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
15:47:45.0285 0x04e4 fwlanusbn - ok
15:47:45.0299 0x04e4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:47:45.0306 0x04e4 gagp30kx - ok
15:47:45.0328 0x04e4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:45.0333 0x04e4 GEARAspiWDM - ok
15:47:45.0425 0x04e4 [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:47:45.0458 0x04e4 GfExperienceService - ok
15:47:45.0479 0x04e4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:47:45.0509 0x04e4 gpsvc - ok
15:47:45.0512 0x04e4 ha20x22k - ok
15:47:45.0513 0x04e4 ha20x2k - ok
15:47:45.0535 0x04e4 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:47:45.0541 0x04e4 hamachi - ok
15:47:45.0605 0x04e4 [ 8ED7438466D005B0BFEBB9C4FB1738BC, A61AED801C9EF015FBA0E3E09D1F99E92B9871FEA66A5514FEB11FD1DE62F70F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:47:45.0658 0x04e4 Hamachi2Svc - ok
15:47:45.0669 0x04e4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:47:45.0687 0x04e4 hcw85cir - ok
15:47:45.0713 0x04e4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:45.0727 0x04e4 HdAudAddService - ok
15:47:45.0740 0x04e4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:45.0752 0x04e4 HDAudBus - ok
15:47:45.0755 0x04e4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:47:45.0762 0x04e4 HidBatt - ok
15:47:45.0773 0x04e4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:47:45.0787 0x04e4 HidBth - ok
15:47:45.0800 0x04e4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:47:45.0817 0x04e4 HidIr - ok
15:47:45.0821 0x04e4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:47:45.0840 0x04e4 hidserv - ok
15:47:45.0854 0x04e4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:47:45.0864 0x04e4 HidUsb - ok
15:47:45.0870 0x04e4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:47:45.0890 0x04e4 hkmsvc - ok
15:47:45.0900 0x04e4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:47:45.0916 0x04e4 HomeGroupListener - ok
15:47:45.0925 0x04e4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:47:45.0940 0x04e4 HomeGroupProvider - ok
15:47:45.0953 0x04e4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:47:45.0960 0x04e4 HpSAMD - ok
15:47:45.0994 0x04e4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:47:46.0022 0x04e4 HTTP - ok
15:47:46.0032 0x04e4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:47:46.0038 0x04e4 hwpolicy - ok
15:47:46.0044 0x04e4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:47:46.0053 0x04e4 i8042prt - ok
15:47:46.0071 0x04e4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:47:46.0083 0x04e4 iaStorV - ok
15:47:46.0113 0x04e4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:47:46.0137 0x04e4 idsvc - ok
15:47:46.0211 0x04e4 [ 3448DB2B812AA873ED6E5D609B1DB067, E0F9B35FE59713C09BD838FAD5305DF5FDF24DF1D88F8849F7F88466CF93A7F7 ] IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20151218.001\IDSvia64.sys
15:47:46.0227 0x04e4 IDSVia64 - ok
15:47:46.0240 0x04e4 IEEtwCollectorService - ok
15:47:46.0247 0x04e4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:47:46.0254 0x04e4 iirsp - ok
15:47:46.0279 0x04e4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:47:46.0311 0x04e4 IKEEXT - ok
15:47:46.0392 0x04e4 [ 8CAA2A543155675D09B0D5239E31EC99, 033CF96E110136A59E01C4D26FE3681862C0993938959059A37A34DC1C0E1D49 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:47:46.0446 0x04e4 IntcAzAudAddService - ok
15:47:46.0492 0x04e4 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:47:46.0507 0x04e4 Intel(R) Capability Licensing Service Interface - ok
15:47:46.0518 0x04e4 [ 42CEE1BA152FA267AE8587B4DE3B7B28, A16989C875F1794E2AB82B24AF63F7E0BFA0CBDDCBB527C73A6B4F6CA574E014 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:47:46.0527 0x04e4 Intel(R) PROSet Monitoring Service - ok
15:47:46.0541 0x04e4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:47:46.0548 0x04e4 intelide - ok
15:47:46.0553 0x04e4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:47:46.0564 0x04e4 intelppm - ok
15:47:46.0582 0x04e4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:47:46.0603 0x04e4 IPBusEnum - ok
15:47:46.0606 0x04e4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:46.0632 0x04e4 IpFilterDriver - ok
15:47:46.0650 0x04e4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:47:46.0666 0x04e4 iphlpsvc - ok
15:47:46.0673 0x04e4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:47:46.0682 0x04e4 IPMIDRV - ok
15:47:46.0691 0x04e4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:47:46.0711 0x04e4 IPNAT - ok
15:47:46.0743 0x04e4 [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:47:46.0758 0x04e4 iPod Service - ok
15:47:46.0768 0x04e4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:47:46.0780 0x04e4 IRENUM - ok
15:47:46.0783 0x04e4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:47:46.0790 0x04e4 isapnp - ok
15:47:46.0814 0x04e4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:47:46.0824 0x04e4 iScsiPrt - ok
15:47:46.0838 0x04e4 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:47:46.0844 0x04e4 iusb3hcs - ok
15:47:46.0853 0x04e4 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:47:46.0863 0x04e4 iusb3hub - ok
15:47:46.0881 0x04e4 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:47:46.0897 0x04e4 iusb3xhc - ok
15:47:46.0924 0x04e4 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:47:46.0932 0x04e4 jhi_service - ok
15:47:46.0942 0x04e4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:46.0949 0x04e4 kbdclass - ok
15:47:46.0951 0x04e4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:47:46.0959 0x04e4 kbdhid - ok
15:47:46.0966 0x04e4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
15:47:46.0973 0x04e4 KeyIso - ok
15:47:46.0994 0x04e4 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:47:47.0002 0x04e4 KSecDD - ok
15:47:47.0024 0x04e4 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:47:47.0033 0x04e4 KSecPkg - ok
15:47:47.0068 0x04e4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:47:47.0087 0x04e4 ksthunk - ok
15:47:47.0107 0x04e4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:47:47.0137 0x04e4 KtmRm - ok
15:47:47.0153 0x04e4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:47:47.0181 0x04e4 LanmanServer - ok
15:47:47.0193 0x04e4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:47.0214 0x04e4 LanmanWorkstation - ok
15:47:47.0231 0x04e4 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
15:47:47.0237 0x04e4 LGBusEnum - ok
15:47:47.0264 0x04e4 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
15:47:47.0270 0x04e4 LGSHidFilt - ok
15:47:47.0285 0x04e4 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
15:47:47.0291 0x04e4 LGVirHid - ok
15:47:47.0321 0x04e4 [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
15:47:47.0328 0x04e4 lirsgt - ok
15:47:47.0342 0x04e4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:47:47.0366 0x04e4 lltdio - ok
15:47:47.0380 0x04e4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:47:47.0411 0x04e4 lltdsvc - ok
15:47:47.0423 0x04e4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:47:47.0443 0x04e4 lmhosts - ok
15:47:47.0456 0x04e4 [ 659486446A7475FAB4C05C1190E6767B, 51699F7DFE030698FBC595804666E3552FE0A41B090F4D3E762174F2618A70CE ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
15:47:47.0467 0x04e4 LMIGuardianSvc - ok
15:47:47.0480 0x04e4 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:47:47.0489 0x04e4 LMS - ok
15:47:47.0495 0x04e4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:47:47.0503 0x04e4 LSI_FC - ok
15:47:47.0520 0x04e4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:47:47.0528 0x04e4 LSI_SAS - ok
15:47:47.0536 0x04e4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:47:47.0543 0x04e4 LSI_SAS2 - ok
15:47:47.0551 0x04e4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:47:47.0559 0x04e4 LSI_SCSI - ok
15:47:47.0563 0x04e4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:47:47.0584 0x04e4 luafv - ok
15:47:47.0601 0x04e4 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:47:47.0608 0x04e4 MBAMProtector - ok
15:47:47.0643 0x04e4 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:47:47.0676 0x04e4 MBAMService - ok
15:47:47.0684 0x04e4 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:47:47.0690 0x04e4 MBAMWebAccessControl - ok
15:47:47.0705 0x04e4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:47:47.0715 0x04e4 Mcx2Svc - ok
15:47:47.0719 0x04e4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:47:47.0726 0x04e4 megasas - ok
15:47:47.0738 0x04e4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:47:47.0748 0x04e4 MegaSR - ok
15:47:47.0764 0x04e4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:47:47.0770 0x04e4 MEIx64 - ok
15:47:47.0781 0x04e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:47:47.0802 0x04e4 MMCSS - ok
15:47:47.0804 0x04e4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:47:47.0824 0x04e4 Modem - ok
15:47:47.0826 0x04e4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:47:47.0835 0x04e4 monitor - ok
15:47:47.0848 0x04e4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:47:47.0855 0x04e4 mouclass - ok
15:47:47.0859 0x04e4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:47:47.0871 0x04e4 mouhid - ok
15:47:47.0891 0x04e4 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:47:47.0900 0x04e4 mountmgr - ok
15:47:47.0923 0x04e4 [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:47:47.0931 0x04e4 MozillaMaintenance - ok
15:47:47.0935 0x04e4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:47:47.0944 0x04e4 mpio - ok
15:47:47.0950 0x04e4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:47:47.0969 0x04e4 mpsdrv - ok
15:47:47.0991 0x04e4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:47:48.0027 0x04e4 MpsSvc - ok
15:47:48.0044 0x04e4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:47:48.0059 0x04e4 MRxDAV - ok
15:47:48.0079 0x04e4 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:48.0099 0x04e4 mrxsmb - ok
15:47:48.0125 0x04e4 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:48.0137 0x04e4 mrxsmb10 - ok
15:47:48.0154 0x04e4 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:48.0164 0x04e4 mrxsmb20 - ok
15:47:48.0178 0x04e4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:47:48.0184 0x04e4 msahci - ok
15:47:48.0189 0x04e4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:47:48.0197 0x04e4 msdsm - ok
15:47:48.0204 0x04e4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:47:48.0218 0x04e4 MSDTC - ok
15:47:48.0229 0x04e4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:47:48.0253 0x04e4 Msfs - ok
15:47:48.0268 0x04e4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:47:48.0287 0x04e4 mshidkmdf - ok
15:47:48.0295 0x04e4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:47:48.0301 0x04e4 msisadrv - ok
15:47:48.0316 0x04e4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:47:48.0338 0x04e4 MSiSCSI - ok
15:47:48.0340 0x04e4 msiserver - ok
15:47:48.0354 0x04e4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:47:48.0374 0x04e4 MSKSSRV - ok
15:47:48.0381 0x04e4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:48.0407 0x04e4 MSPCLOCK - ok
15:47:48.0409 0x04e4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:47:48.0427 0x04e4 MSPQM - ok
15:47:48.0434 0x04e4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:47:48.0446 0x04e4 MsRPC - ok
15:47:48.0455 0x04e4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:47:48.0462 0x04e4 mssmbios - ok
15:47:48.0466 0x04e4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:47:48.0490 0x04e4 MSTEE - ok
15:47:48.0492 0x04e4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:47:48.0506 0x04e4 MTConfig - ok
15:47:48.0515 0x04e4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:47:48.0522 0x04e4 Mup - ok
15:47:48.0610 0x04e4 [ F5060B229D5997980C5CB28E6EDFF314, 5FB56E9E83D0966E6438748529921F9B6EDBA3A580C498403B9FD4D8857D7FD6 ] N360 C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe
15:47:48.0620 0x04e4 N360 - ok
15:47:48.0639 0x04e4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:47:48.0665 0x04e4 napagent - ok
15:47:48.0684 0x04e4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:47:48.0699 0x04e4 NativeWifiP - ok
15:47:48.0752 0x04e4 [ FE7B38240E86075E6BC5953496B5C2F1, 13CBDCFD5E63A49D6E66D9EBA701037F014EEED9BBFE8588CE2968A35FF2E16E ] NAVENG C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151220.001\ENG64.SYS
15:47:48.0760 0x04e4 NAVENG - ok
15:47:48.0812 0x04e4 [ C002FA84570CA35F704ACF0AC4A5EAB0, E4246631E5D7AFD31CE642157A9102CB0DDE5B5051D08C3A5EA736CB3C99C6D9 ] NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151220.001\EX64.SYS
15:47:48.0847 0x04e4 NAVEX15 - ok
15:47:48.0888 0x04e4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:47:48.0915 0x04e4 NDIS - ok
15:47:48.0924 0x04e4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:47:48.0943 0x04e4 NdisCap - ok
15:47:48.0959 0x04e4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:48.0978 0x04e4 NdisTapi - ok
15:47:48.0986 0x04e4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:49.0005 0x04e4 Ndisuio - ok
15:47:49.0012 0x04e4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:49.0040 0x04e4 NdisWan - ok
15:47:49.0051 0x04e4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:47:49.0071 0x04e4 NDProxy - ok
15:47:49.0075 0x04e4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:47:49.0094 0x04e4 NetBIOS - ok
15:47:49.0107 0x04e4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:47:49.0129 0x04e4 NetBT - ok
15:47:49.0139 0x04e4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
15:47:49.0146 0x04e4 Netlogon - ok
15:47:49.0162 0x04e4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:47:49.0192 0x04e4 Netman - ok
15:47:49.0226 0x04e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:49.0236 0x04e4 NetMsmqActivator - ok
15:47:49.0245 0x04e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:49.0254 0x04e4 NetPipeActivator - ok
15:47:49.0269 0x04e4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:47:49.0296 0x04e4 netprofm - ok
15:47:49.0305 0x04e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:49.0314 0x04e4 NetTcpActivator - ok
15:47:49.0318 0x04e4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:49.0326 0x04e4 NetTcpPortSharing - ok
15:47:49.0336 0x04e4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:47:49.0343 0x04e4 nfrd960 - ok
15:47:49.0364 0x04e4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:47:49.0386 0x04e4 NlaSvc - ok
15:47:49.0388 0x04e4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:47:49.0408 0x04e4 Npfs - ok
15:47:49.0414 0x04e4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:47:49.0434 0x04e4 nsi - ok
15:47:49.0436 0x04e4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:47:49.0459 0x04e4 nsiproxy - ok
15:47:49.0506 0x04e4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:47:49.0553 0x04e4 Ntfs - ok
15:47:49.0556 0x04e4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:47:49.0582 0x04e4 Null - ok
15:47:49.0586 0x04e4 NVHDA - ok
15:47:49.0767 0x04e4 [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:47:49.0909 0x04e4 nvlddmkm - ok
15:47:49.0986 0x04e4 [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:47:50.0033 0x04e4 NvNetworkService - ok
15:47:50.0048 0x04e4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:47:50.0057 0x04e4 nvraid - ok
15:47:50.0065 0x04e4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:47:50.0074 0x04e4 nvstor - ok
15:47:50.0121 0x04e4 [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:47:50.0127 0x04e4 NvStreamKms - ok
15:47:50.0132 0x04e4 NvStreamSvc - ok
15:47:50.0162 0x04e4 [ 2A4F832243E869FD7564AA90402D74BD, E730A517EB6D49036B6FC196BFC930ED93EDB4FD4FA7EB1EB69A434BB94AE3C0 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:47:50.0189 0x04e4 nvsvc - ok
15:47:50.0196 0x04e4 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:47:50.0202 0x04e4 nvvad_WaveExtensible - ok
15:47:50.0208 0x04e4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:47:50.0216 0x04e4 nv_agp - ok
15:47:50.0224 0x04e4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:47:50.0232 0x04e4 ohci1394 - ok
15:47:50.0316 0x04e4 [ 28DDD258E19923891AC9B1A95E3D0F44, F7FD0EEBEDCBE8C2AE0C6B191B047F88F9D9BD375B78CCA252A4C2E52D9622C1 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:47:50.0370 0x04e4 Origin Client Service - ok
15:47:50.0402 0x04e4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:50.0411 0x04e4 ose - ok
15:47:50.0516 0x04e4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:50.0621 0x04e4 osppsvc - ok
15:47:50.0646 0x04e4 [ 7A07F911655BA3723EB98F3DDFA56E4B, 83180ECE3DA2EA4BDB3F8F4A482A47DA4DB11046D014288839D7753807D3D57E ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
15:47:50.0655 0x04e4 ossrv - ok
15:47:50.0673 0x04e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:47:50.0697 0x04e4 p2pimsvc - ok
15:47:50.0710 0x04e4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:47:50.0724 0x04e4 p2psvc - ok
15:47:50.0734 0x04e4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:47:50.0743 0x04e4 Parport - ok
15:47:50.0760 0x04e4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:47:50.0768 0x04e4 partmgr - ok
15:47:50.0788 0x04e4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:47:50.0804 0x04e4 PcaSvc - ok
15:47:50.0815 0x04e4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:47:50.0824 0x04e4 pci - ok
15:47:50.0846 0x04e4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:47:50.0853 0x04e4 pciide - ok
15:47:50.0865 0x04e4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:47:50.0874 0x04e4 pcmcia - ok
15:47:50.0879 0x04e4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:47:50.0886 0x04e4 pcw - ok
15:47:50.0910 0x04e4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:47:50.0933 0x04e4 PEAUTH - ok
15:47:50.0962 0x04e4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:47:51.0003 0x04e4 PeerDistSvc - ok
15:47:51.0039 0x04e4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:47:51.0053 0x04e4 PerfHost - ok
15:47:51.0086 0x04e4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:47:51.0132 0x04e4 pla - ok
15:47:51.0157 0x04e4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:47:51.0177 0x04e4 PlugPlay - ok
15:47:51.0182 0x04e4 PnkBstrA - ok
15:47:51.0190 0x04e4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:47:51.0201 0x04e4 PNRPAutoReg - ok
15:47:51.0207 0x04e4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:47:51.0219 0x04e4 PNRPsvc - ok
15:47:51.0240 0x04e4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:47:51.0265 0x04e4 PolicyAgent - ok
15:47:51.0278 0x04e4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:47:51.0301 0x04e4 Power - ok
15:47:51.0318 0x04e4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:47:51.0341 0x04e4 PptpMiniport - ok
15:47:51.0350 0x04e4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:47:51.0366 0x04e4 Processor - ok
15:47:51.0387 0x04e4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:47:51.0408 0x04e4 ProfSvc - ok
15:47:51.0410 0x04e4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:47:51.0418 0x04e4 ProtectedStorage - ok
15:47:51.0428 0x04e4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:47:51.0449 0x04e4 Psched - ok
15:47:51.0478 0x04e4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:47:51.0523 0x04e4 ql2300 - ok
15:47:51.0531 0x04e4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:47:51.0539 0x04e4 ql40xx - ok
15:47:51.0549 0x04e4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:47:51.0563 0x04e4 QWAVE - ok
15:47:51.0568 0x04e4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:47:51.0578 0x04e4 QWAVEdrv - ok
15:47:51.0583 0x04e4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:47:51.0602 0x04e4 RasAcd - ok
15:47:51.0614 0x04e4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:47:51.0640 0x04e4 RasAgileVpn - ok
15:47:51.0647 0x04e4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:47:51.0667 0x04e4 RasAuto - ok
15:47:51.0674 0x04e4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:51.0695 0x04e4 Rasl2tp - ok
15:47:51.0708 0x04e4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:47:51.0731 0x04e4 RasMan - ok
15:47:51.0735 0x04e4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:51.0756 0x04e4 RasPppoe - ok
15:47:51.0758 0x04e4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:47:51.0778 0x04e4 RasSstp - ok
15:47:51.0791 0x04e4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:47:51.0814 0x04e4 rdbss - ok
15:47:51.0819 0x04e4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:47:51.0828 0x04e4 rdpbus - ok
15:47:51.0841 0x04e4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:51.0860 0x04e4 RDPCDD - ok
15:47:51.0875 0x04e4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:47:51.0887 0x04e4 RDPDR - ok
15:47:51.0892 0x04e4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:47:51.0911 0x04e4 RDPENCDD - ok
15:47:51.0914 0x04e4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:47:51.0933 0x04e4 RDPREFMP - ok
15:47:51.0953 0x04e4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:47:51.0966 0x04e4 RDPWD - ok
15:47:51.0983 0x04e4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:47:51.0993 0x04e4 rdyboost - ok
15:47:52.0009 0x04e4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:47:52.0029 0x04e4 RemoteAccess - ok
15:47:52.0038 0x04e4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:47:52.0098 0x04e4 RemoteRegistry - ok
15:47:52.0106 0x04e4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:47:52.0134 0x04e4 RpcEptMapper - ok
15:47:52.0142 0x04e4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:47:52.0150 0x04e4 RpcLocator - ok
15:47:52.0162 0x04e4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:47:52.0188 0x04e4 RpcSs - ok
15:47:52.0197 0x04e4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:47:52.0217 0x04e4 rspndr - ok
15:47:52.0219 0x04e4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:47:52.0226 0x04e4 s3cap - ok
15:47:52.0235 0x04e4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
15:47:52.0242 0x04e4 SamSs - ok
15:47:52.0252 0x04e4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:47:52.0260 0x04e4 sbp2port - ok
15:47:52.0266 0x04e4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:47:52.0288 0x04e4 SCardSvr - ok
15:47:52.0293 0x04e4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:47:52.0316 0x04e4 scfilter - ok
15:47:52.0355 0x04e4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:47:52.0400 0x04e4 Schedule - ok
15:47:52.0416 0x04e4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:47:52.0436 0x04e4 SCPolicySvc - ok
15:47:52.0450 0x04e4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:47:52.0465 0x04e4 SDRSVC - ok
15:47:52.0472 0x04e4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:47:52.0494 0x04e4 secdrv - ok
15:47:52.0499 0x04e4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:47:52.0519 0x04e4 seclogon - ok
15:47:52.0525 0x04e4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:47:52.0553 0x04e4 SENS - ok
15:47:52.0556 0x04e4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:47:52.0565 0x04e4 SensrSvc - ok
15:47:52.0579 0x04e4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:47:52.0586 0x04e4 Serenum - ok
15:47:52.0595 0x04e4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
15:47:52.0603 0x04e4 Serial - ok
15:47:52.0605 0x04e4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:47:52.0613 0x04e4 sermouse - ok
15:47:52.0624 0x04e4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:47:52.0650 0x04e4 SessionEnv - ok
15:47:52.0654 0x04e4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:47:52.0662 0x04e4 sffdisk - ok
15:47:52.0665 0x04e4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:47:52.0673 0x04e4 sffp_mmc - ok
15:47:52.0675 0x04e4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:47:52.0684 0x04e4 sffp_sd - ok
15:47:52.0690 0x04e4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:47:52.0698 0x04e4 sfloppy - ok
15:47:52.0712 0x04e4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:47:52.0737 0x04e4 SharedAccess - ok
15:47:52.0750 0x04e4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:47:52.0774 0x04e4 ShellHWDetection - ok
15:47:52.0788 0x04e4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:47:52.0795 0x04e4 SiSRaid2 - ok
15:47:52.0804 0x04e4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:47:52.0811 0x04e4 SiSRaid4 - ok
15:47:52.0815 0x04e4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:47:52.0835 0x04e4 Smb - ok
15:47:52.0841 0x04e4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:47:52.0854 0x04e4 SNMPTRAP - ok
15:47:52.0859 0x04e4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:47:52.0865 0x04e4 spldr - ok
15:47:52.0888 0x04e4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:47:52.0908 0x04e4 Spooler - ok
15:47:52.0971 0x04e4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:47:53.0065 0x04e4 sppsvc - ok
15:47:53.0076 0x04e4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:47:53.0097 0x04e4 sppuinotify - ok
15:47:53.0158 0x04e4 [ AB3558A087FA03861162F8DE9B681AE8, ACEBE679C31BD9238D1836C38F2433C47FF1C7E8B4F8248404F5D14DE5014A37 ] SRTSP C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS
15:47:53.0177 0x04e4 SRTSP - ok
15:47:53.0195 0x04e4 [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS
15:47:53.0202 0x04e4 SRTSPX - ok
15:47:53.0218 0x04e4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:47:53.0237 0x04e4 srv - ok
15:47:53.0250 0x04e4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:47:53.0267 0x04e4 srv2 - ok
15:47:53.0275 0x04e4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:47:53.0290 0x04e4 srvnet - ok
15:47:53.0306 0x04e4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:47:53.0329 0x04e4 SSDPSRV - ok
15:47:53.0338 0x04e4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:47:53.0359 0x04e4 SstpSvc - ok
15:47:53.0400 0x04e4 [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:47:53.0422 0x04e4 Steam Client Service - ok
15:47:53.0438 0x04e4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:47:53.0445 0x04e4 stexstor - ok
15:47:53.0464 0x04e4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:47:53.0486 0x04e4 stisvc - ok
15:47:53.0498 0x04e4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:47:53.0505 0x04e4 storflt - ok
15:47:53.0513 0x04e4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
15:47:53.0521 0x04e4 StorSvc - ok
15:47:53.0525 0x04e4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:47:53.0532 0x04e4 storvsc - ok
15:47:53.0537 0x04e4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:47:53.0543 0x04e4 swenum - ok
15:47:53.0563 0x04e4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:47:53.0591 0x04e4 swprv - ok
15:47:53.0626 0x04e4 [ 6F227CF9E64364578E2DABD1EF6E51A4, D5223B441A319D4C57FDBEA9BFBB8E5C95CA6F7B6AE6F4029BCE84A5CCE51B33 ] SymEFASI C:\Windows\system32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS
15:47:53.0666 0x04e4 SymEFASI - ok
15:47:53.0686 0x04e4 [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
15:47:53.0694 0x04e4 SymEvent - ok
15:47:53.0713 0x04e4 [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS
15:47:53.0723 0x04e4 SymIRON - ok
15:47:53.0742 0x04e4 [ 751C968945EFD42469FE52D6CE384196, 3386681036909F60A249951009822190EFB1C390D2F46E7EFE44893F28D0F31C ] SymNetS C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS
15:47:53.0756 0x04e4 SymNetS - ok
15:47:53.0801 0x04e4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:47:53.0860 0x04e4 SysMain - ok
15:47:53.0866 0x04e4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:47:53.0877 0x04e4 TabletInputService - ok
15:47:53.0900 0x04e4 [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
15:47:53.0909 0x04e4 tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
15:47:55.0139 0x1bc0 Object required for P2P: [ F5060B229D5997980C5CB28E6EDFF314 ] N360
15:47:56.0228 0x04e4 Detect skipped due to KSN trusted
15:47:56.0228 0x04e4 tap0901t - ok
15:47:56.0243 0x04e4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:47:56.0268 0x04e4 TapiSrv - ok
15:47:56.0274 0x04e4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:47:56.0295 0x04e4 TBS - ok
15:47:56.0340 0x04e4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:47:56.0387 0x04e4 Tcpip - ok
15:47:56.0425 0x04e4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:47:56.0456 0x04e4 TCPIP6 - ok
15:47:56.0472 0x04e4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:47:56.0488 0x04e4 tcpipreg - ok
15:47:56.0495 0x04e4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:47:56.0507 0x04e4 TDPIPE - ok
15:47:56.0513 0x04e4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:47:56.0520 0x04e4 TDTCP - ok
15:47:56.0541 0x04e4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:47:56.0550 0x04e4 tdx - ok
15:47:56.0565 0x04e4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:47:56.0572 0x04e4 TermDD - ok
15:47:56.0602 0x04e4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:47:56.0624 0x04e4 TermService - ok
15:47:56.0629 0x04e4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:47:56.0640 0x04e4 Themes - ok
15:47:56.0650 0x04e4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:47:56.0669 0x04e4 THREADORDER - ok
15:47:56.0678 0x04e4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:47:56.0707 0x04e4 TrkWks - ok
15:47:56.0736 0x04e4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:47:56.0758 0x04e4 TrustedInstaller - ok
15:47:56.0777 0x04e4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:56.0784 0x04e4 tssecsrv - ok
15:47:56.0794 0x04e4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:47:56.0808 0x04e4 TsUsbFlt - ok
15:47:56.0817 0x04e4 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:47:56.0824 0x04e4 TsUsbGD - ok
15:47:56.0832 0x04e4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:47:56.0852 0x04e4 tunnel - ok
15:47:56.0896 0x04e4 [ 9CD4CDD55376852FB8F3B208990C9A15, 4BA2B9046911F6890AB255734CBFC5AC6D5D7CA23A52402643B0FCE3F7610020 ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
15:47:56.0918 0x04e4 TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
15:47:57.0579 0x1bc0 Object send P2P result: true
15:47:59.0237 0x04e4 Detect skipped due to KSN trusted
15:47:59.0237 0x04e4 TunngleService - ok
15:47:59.0249 0x04e4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:47:59.0256 0x04e4 uagp35 - ok
15:47:59.0265 0x04e4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:47:59.0289 0x04e4 udfs - ok
15:47:59.0303 0x04e4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:47:59.0312 0x04e4 UI0Detect - ok
15:47:59.0317 0x04e4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:47:59.0324 0x04e4 uliagpkx - ok
15:47:59.0326 0x04e4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:47:59.0334 0x04e4 umbus - ok
15:47:59.0336 0x04e4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:47:59.0343 0x04e4 UmPass - ok
15:47:59.0360 0x04e4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:47:59.0371 0x04e4 UmRdpService - ok
15:47:59.0421 0x04e4 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:47:59.0432 0x04e4 UNS - ok
15:47:59.0444 0x04e4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:47:59.0470 0x04e4 upnphost - ok
15:47:59.0493 0x04e4 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:47:59.0507 0x04e4 USBAAPL64 - ok
15:47:59.0527 0x04e4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:47:59.0550 0x04e4 usbaudio - ok
15:47:59.0564 0x04e4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:59.0574 0x04e4 usbccgp - ok
15:47:59.0592 0x04e4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:47:59.0603 0x04e4 usbcir - ok
15:47:59.0607 0x04e4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:47:59.0615 0x04e4 usbehci - ok
15:47:59.0633 0x04e4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:47:59.0645 0x04e4 usbhub - ok
15:47:59.0659 0x04e4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:47:59.0666 0x04e4 usbohci - ok
15:47:59.0671 0x04e4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:47:59.0680 0x04e4 usbprint - ok
15:47:59.0700 0x04e4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:47:59.0708 0x04e4 usbscan - ok
15:47:59.0715 0x04e4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:59.0732 0x04e4 USBSTOR - ok
15:47:59.0754 0x04e4 [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP C:\Windows\system32\DRIVERS\tinspusb.sys
15:47:59.0771 0x04e4 USBTINSP - ok
15:47:59.0780 0x04e4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:47:59.0788 0x04e4 usbuhci - ok
15:47:59.0796 0x04e4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:47:59.0822 0x04e4 UxSms - ok
15:47:59.0830 0x04e4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
15:47:59.0838 0x04e4 VaultSvc - ok
15:47:59.0842 0x04e4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:47:59.0849 0x04e4 vdrvroot - ok
15:47:59.0866 0x04e4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:47:59.0893 0x04e4 vds - ok
15:47:59.0902 0x04e4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:59.0912 0x04e4 vga - ok
15:47:59.0914 0x04e4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:47:59.0933 0x04e4 VgaSave - ok
15:47:59.0943 0x04e4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:47:59.0952 0x04e4 vhdmp - ok
15:47:59.0955 0x04e4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:47:59.0961 0x04e4 viaide - ok
15:47:59.0977 0x04e4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:47:59.0986 0x04e4 vmbus - ok
15:47:59.0994 0x04e4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:48:00.0001 0x04e4 VMBusHID - ok
15:48:00.0011 0x04e4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:48:00.0018 0x04e4 volmgr - ok
15:48:00.0027 0x04e4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:48:00.0039 0x04e4 volmgrx - ok
15:48:00.0050 0x04e4 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:48:00.0062 0x04e4 volsnap - ok
15:48:00.0070 0x04e4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:48:00.0078 0x04e4 vsmraid - ok
15:48:00.0112 0x04e4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:48:00.0170 0x04e4 VSS - ok
15:48:00.0179 0x04e4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:48:00.0188 0x04e4 vwifibus - ok
15:48:00.0200 0x04e4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:48:00.0225 0x04e4 W32Time - ok
15:48:00.0229 0x04e4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:48:00.0236 0x04e4 WacomPen - ok
15:48:00.0242 0x04e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:48:00.0263 0x04e4 WANARP - ok
15:48:00.0266 0x04e4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:48:00.0285 0x04e4 Wanarpv6 - ok
15:48:00.0317 0x04e4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:48:00.0367 0x04e4 wbengine - ok
15:48:00.0382 0x04e4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:48:00.0403 0x04e4 WbioSrvc - ok
15:48:00.0415 0x04e4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:48:00.0431 0x04e4 wcncsvc - ok
15:48:00.0438 0x04e4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:48:00.0458 0x04e4 WcsPlugInService - ok
15:48:00.0466 0x04e4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:48:00.0473 0x04e4 Wd - ok
15:48:00.0502 0x04e4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:48:00.0520 0x04e4 Wdf01000 - ok
15:48:00.0528 0x04e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:48:00.0557 0x04e4 WdiServiceHost - ok
15:48:00.0560 0x04e4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:48:00.0572 0x04e4 WdiSystemHost - ok
15:48:00.0594 0x04e4 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
15:48:00.0609 0x04e4 WebClient - ok
15:48:00.0618 0x04e4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:48:00.0641 0x04e4 Wecsvc - ok
15:48:00.0647 0x04e4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:48:00.0667 0x04e4 wercplsupport - ok
15:48:00.0675 0x04e4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:48:00.0696 0x04e4 WerSvc - ok
15:48:00.0699 0x04e4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:48:00.0718 0x04e4 WfpLwf - ok
15:48:00.0720 0x04e4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:48:00.0726 0x04e4 WIMMount - ok
15:48:00.0740 0x04e4 WinDefend - ok
15:48:00.0749 0x04e4 WinHttpAutoProxySvc - ok
15:48:00.0768 0x04e4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:48:00.0796 0x04e4 Winmgmt - ok
15:48:00.0843 0x04e4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:48:00.0899 0x04e4 WinRM - ok
15:48:00.0930 0x04e4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:48:00.0958 0x04e4 Wlansvc - ok
15:48:00.0963 0x04e4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:48:00.0971 0x04e4 WmiAcpi - ok
15:48:00.0978 0x04e4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:48:00.0988 0x04e4 wmiApSrv - ok
15:48:00.0990 0x04e4 WMPNetworkSvc - ok
15:48:01.0004 0x04e4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:48:01.0022 0x04e4 WPCSvc - ok
15:48:01.0032 0x04e4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:48:01.0042 0x04e4 WPDBusEnum - ok
15:48:01.0046 0x04e4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:48:01.0065 0x04e4 ws2ifsl - ok
15:48:01.0071 0x04e4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:48:01.0083 0x04e4 wscsvc - ok
15:48:01.0085 0x04e4 WSearch - ok
15:48:01.0144 0x04e4 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll
15:48:01.0216 0x04e4 wuauserv - ok
15:48:01.0231 0x04e4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:48:01.0249 0x04e4 WudfPf - ok
15:48:01.0262 0x04e4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:48:01.0272 0x04e4 WUDFRd - ok
15:48:01.0285 0x04e4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:48:01.0294 0x04e4 wudfsvc - ok
15:48:01.0321 0x04e4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:48:01.0342 0x04e4 WwanSvc - ok
15:48:01.0372 0x04e4 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
15:48:01.0389 0x04e4 xusb21 - ok
15:48:01.0398 0x04e4 ================ Scan global ===============================
15:48:01.0414 0x04e4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:48:01.0435 0x04e4 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
15:48:01.0442 0x04e4 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
15:48:01.0454 0x04e4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:48:01.0474 0x04e4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:48:01.0479 0x04e4 [ Global ] - ok
15:48:01.0479 0x04e4 ================ Scan MBR ==================================
15:48:01.0481 0x04e4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:48:01.0565 0x04e4 \Device\Harddisk1\DR1 - ok
15:48:01.0572 0x04e4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:48:01.0620 0x04e4 \Device\Harddisk0\DR0 - ok
15:48:01.0620 0x04e4 ================ Scan VBR ==================================
15:48:01.0621 0x04e4 [ 4A179E39949F34311296665AFC9C3206 ] \Device\Harddisk1\DR1\Partition1
15:48:01.0669 0x04e4 \Device\Harddisk1\DR1\Partition1 - ok
15:48:01.0670 0x04e4 [ D199AB940C3CEA735145954C6D761D90 ] \Device\Harddisk0\DR0\Partition1
15:48:01.0671 0x04e4 \Device\Harddisk0\DR0\Partition1 - ok
15:48:01.0678 0x04e4 [ CD097EC5EE7FDD98455527837803BAAD ] \Device\Harddisk0\DR0\Partition2
15:48:01.0679 0x04e4 \Device\Harddisk0\DR0\Partition2 - ok
15:48:01.0686 0x04e4 [ BF5D6BA0331BDD4ABD5817AF90A1BF77 ] \Device\Harddisk0\DR0\Partition3
15:48:01.0687 0x04e4 \Device\Harddisk0\DR0\Partition3 - ok
15:48:01.0687 0x04e4 ================ Scan generic autorun ======================
15:48:01.0836 0x04e4 [ 559F228C84DD7B5E35D33154CED320B2, 7D6C77613550024825DE7B17249A8B5E822FA54DAC475A849374A89D84993F8F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
15:48:01.0979 0x04e4 RTHDVCPL - ok
15:48:01.0994 0x04e4 Nvtmru - ok
15:48:02.0007 0x04e4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:48:02.0019 0x04e4 ShadowPlay - ok
15:48:02.0201 0x04e4 [ 2AA3480A3980B77338057E55CF8F5469, 508A75BBBDBD4714CC31F74607B79D48B0CF12C2CA36AFDD184B1CEDB0D842F5 ] C:\Program Files\Logitech Gaming Software\LCore.exe
15:48:02.0313 0x04e4 Launch LCore - ok
15:48:02.0373 0x04e4 [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:48:02.0433 0x04e4 NvBackend - ok
15:48:02.0469 0x04e4 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
15:48:02.0492 0x04e4 XboxStat - ok
15:48:02.0524 0x04e4 [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:48:02.0534 0x04e4 USB3MON - ok
15:48:02.0582 0x04e4 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
15:48:02.0632 0x04e4 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
15:48:04.0984 0x04e4 Detect skipped due to KSN trusted
15:48:04.0984 0x04e4 AVMWlanClient - ok
15:48:05.0024 0x04e4 [ 7389FE13F97605BFC1C18E6073BD3BE2, 5EC5BDD2AEFBC40FB55CA9BD623DCD5A79028657E2555839D04F9859D36DF03D ] C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
15:48:05.0046 0x04e4 Sound Blaster Z-Series Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
15:48:07.0363 0x04e4 Detect skipped due to KSN trusted
15:48:07.0363 0x04e4 Sound Blaster Z-Series Control Panel - ok
15:48:07.0602 0x04e4 [ 16E07FF49F44461A847E8770506BB428, CE0B52FCA06137CA3B8F5EB537998196023B27C847CC8FA5DA8D6838BE196BA4 ] C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
15:48:07.0855 0x04e4 Corsair Utility Engine - ok
15:48:07.0896 0x04e4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:07.0938 0x04e4 Sidebar - ok
15:48:07.0950 0x04e4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:07.0962 0x04e4 mctadmin - ok
15:48:07.0980 0x04e4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:08.0002 0x04e4 Sidebar - ok
15:48:08.0006 0x04e4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:08.0017 0x04e4 mctadmin - ok
15:48:08.0018 0x04e4 Waiting for KSN requests completion. In queue: 97
15:48:09.0018 0x04e4 Waiting for KSN requests completion. In queue: 5
15:48:10.0018 0x04e4 Waiting for KSN requests completion. In queue: 5
15:48:11.0027 0x04e4 AV detected via SS2: Norton 360 Online, C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
15:48:11.0029 0x04e4 FW detected via SS2: Norton 360 Online, C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
15:48:13.0392 0x04e4 ============================================================
15:48:13.0392 0x04e4 Scan finished
15:48:13.0392 0x04e4 ============================================================
15:48:13.0395 0x190c Detected object count: 0
15:48:13.0396 0x190c Actual detected object count: 0
|
|
21.12.2015, 16:09
| #4 |
| /// Malwareteam | Rundumcheck Hi, wenn die 2 Scanner nichts finden, wovon ich eigentlich ausgehe, sollte alles passen. Schritt # 1: MBAM Lade dir, falls nicht schon vorhanden,  Malwarebytes Anti-Malware herunter, installiere und starte es.
Schritt # 2: ESET ESET Online Scanner
Schritt # 3: FRST Und noch ein frisches FRST-Log bitte. Schritt # 4: Bitte Posten
|
|
21.12.2015, 22:55
| #5 |
| | Rundumcheck Hi! Hat etwas gedauert, der Scan von ESET hat ein paar Stunden gebraucht. mbam hat nichts gefunden, ESET allerdings schon. Ich vermute/hoffe mal, das ist eine Falschmeldung? Die Logs sind unten. FRST hat keine neue Addition.txt erstellt, soll ich die noch nachholen? Grüße, Felix Logs: mbam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 21.12.2015 Suchlaufzeit: 16:12 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.21.04 Rootkit-Datenbank: v2015.12.18.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ******* Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 352591 Abgelaufene Zeit: 10 Min., 44 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a9997302b5fad14db5582e26d2e9c53d
# end=init
# utc_time=2015-12-21 03:32:55
# local_time=2015-12-21 04:32:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27300
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a9997302b5fad14db5582e26d2e9c53d
# end=updated
# utc_time=2015-12-21 03:37:03
# local_time=2015-12-21 04:37:03 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a9997302b5fad14db5582e26d2e9c53d
# engine=27300
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-21 09:23:02
# local_time=2015-12-21 10:23:02 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=3589 16777213 100 57 180852 213329567 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 67834842 202362832 0 0
# scanned=836812
# found=1
# cleaned=0
# scan_time=20759
sh=8400A2090BA4FFC49B99BC228AFBD4CEEF383460 ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.CWLA Trojaner" ac=I fn="E:\Gamersgate\The Scourge Project\GamersGate temporary files\16841\NSISSource_1.1.65.38105.zip"
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015 durchgeführt von ******* (Administrator) auf VESSNAR (21-12-2015 22:38:05) Gestartet von C:\Users\*******\Desktop Geladene Profile: ******* (Verfügbare Profile: *******) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\n360.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TS3\ts3client_win64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor) HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation) HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin) HKLM-x32\...\Run: [Sound Blaster Z-Series Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe [735744 2013-02-27] (Creative Technology Ltd) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [13253952 2015-11-17] (Corsair Components, Inc.) HKU\S-1-5-21-3912806440-3427432520-2885912131-1000\...\MountPoints2: {bf7cb2ed-3f1e-11e3-8b48-74d02b25f13c} - F:\pushinst.exe HKU\S-1-5-18\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1 ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{3526D6E8-20AC-4671-BE1C-964C54141690}: [DhcpNameServer] 10.77.0.254 Tcpip\..\Interfaces\{D2E1D197-871E-4505-99DF-337FE653F2F4}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-15] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => Keine Datei BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-12-15] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Toolbar: HKU\S-1-5-21-3912806440-3427432520-2885912131-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\rzi1zg4r.default FF Homepage: file:///E:/Backup/*******/Documents/firefox/starting%20page.html FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [2013-11-12] (EA Digital Illusions CE AB) FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-18] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-30] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: WOT - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\rzi1zg4r.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09] FF Extension: Adblock Plus - C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\rzi1zg4r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-12-15] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon Chrome: ======= CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-25] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-25] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.17\AsusFanControlService.exe [381824 2012-08-28] (ASUSTeK Computer Inc.) R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2802360 2015-11-24] (Microsoft Corporation) R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112640 2013-05-22] (Creative Technology Ltd) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2015-01-11] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-12-13] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-03] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-08-30] () S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-09-06] () S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\BASHDefs\20151218.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) R3 CorsairVBusDriver; C:\Windows\System32\DRIVERS\CorsairVBusDriver.sys [47840 2015-09-28] (Corsair) R3 CorsairVHidDriver; C:\Windows\System32\DRIVERS\CorsairVHidDriver.sys [21728 2015-09-28] (Corsair) R3 cthda; C:\Windows\System32\drivers\cthda.sys [1060632 2013-05-22] (Creative Technology Ltd) R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [33560 2013-05-22] (Creative Technology Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation) R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\IPSDefs\20151218.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-09-06] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-21] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151221.002\ENG64.SYS [138488 2015-12-01] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.2.15\Definitions\VirusDefs\20151221.002\EX64.SYS [2148080 2015-12-01] (Symantec Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-22] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 USBTINSP; C:\Windows\System32\DRIVERS\tinspusb.sys [142848 2010-03-29] (Texas Instruments) S3 CT20XUT; system32\drivers\CT20XUT.SYS [X] S3 CT20XUT.SYS; \SystemRoot\System32\drivers\CT20XUT.SYS [X] S3 ctac32k; system32\drivers\ctac32k.sys [X] S3 ctaud2k; system32\drivers\ctaud2k.sys [X] S3 CTEXFIFX; system32\drivers\CTEXFIFX.SYS [X] S3 CTEXFIFX.SYS; \SystemRoot\System32\drivers\CTEXFIFX.SYS [X] S3 CTHWIUT; system32\drivers\CTHWIUT.SYS [X] S3 CTHWIUT.SYS; \SystemRoot\System32\drivers\CTHWIUT.SYS [X] S3 ctprxy2k; system32\drivers\ctprxy2k.sys [X] S3 emupia; system32\drivers\emupia2k.sys [X] S3 ha20x22k; system32\drivers\ha20x22k.sys [X] S3 ha20x2k; system32\drivers\ha20x2k.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-21 16:32 - 2015-12-21 16:32 - 00000000 ____D C:\Program Files (x86)\ESET 2015-12-21 16:27 - 2015-12-21 16:27 - 02870984 _____ (ESET) C:\Users\*******\Desktop\esetsmartinstaller_deu.exe 2015-12-21 15:46 - 2015-12-21 16:03 - 00225664 _____ C:\TDSSKiller.3.1.0.9_21.12.2015_15.46.09_log.txt 2015-12-21 15:44 - 2015-12-21 15:44 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\*******\Desktop\tdsskiller.exe 2015-12-20 23:16 - 2015-12-20 23:16 - 00000000 ____D C:\Users\*******\AppData\Local\The Brotherhood 2015-12-20 18:43 - 2015-12-20 18:43 - 00095293 _____ C:\Users\*******\Downloads\Addition 2von2.txt 2015-12-20 18:43 - 2015-12-20 18:43 - 00034303 _____ C:\Users\*******\Downloads\Addition 1von2.txt 2015-12-20 18:29 - 2015-12-20 18:29 - 00095293 _____ C:\Users\*******\Desktop\Addition 2von2.txt 2015-12-20 18:27 - 2015-12-20 18:29 - 00034303 _____ C:\Users\*******\Desktop\Addition 1von2.txt 2015-12-20 18:10 - 2015-12-21 22:38 - 00021564 _____ C:\Users\*******\Desktop\FRST.txt 2015-12-20 18:10 - 2015-12-20 18:11 - 00129657 _____ C:\Users\*******\Desktop\Addition.txt 2015-12-20 17:04 - 2015-12-21 22:36 - 00000000 ____D C:\Users\*******\Desktop\FRST-OlderVersion 2015-12-20 16:04 - 2015-12-21 22:38 - 00000000 ____D C:\FRST 2015-12-20 16:02 - 2015-12-21 22:36 - 02370560 _____ (Farbar) C:\Users\*******\Desktop\FRST64.exe 2015-12-19 20:34 - 2015-12-19 20:58 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-12-19 20:34 - 2015-12-19 20:34 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-12-19 20:31 - 2015-12-19 20:31 - 82474680 _____ (Adobe Systems Incorporated) C:\Users\*******\Downloads\AcroRdrDC1500920069_de_DE.exe 2015-12-19 00:50 - 2015-12-19 00:50 - 00000000 ____D C:\Users\*******\AppData\LocalLow\Simogo 2015-12-18 22:00 - 2015-12-19 16:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-15 15:45 - 2015-12-16 00:13 - 00021558 _____ C:\Windows\ntbtlog.txt 2015-12-14 15:36 - 2015-12-14 15:36 - 00023592 _____ C:\Users\*******\Downloads\Der Heiland ist geboren.pdf 2015-12-12 23:55 - 2015-12-12 23:55 - 00000000 ____D C:\Users\*******\Documents\Outlook-Dateien 2015-12-08 19:42 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-12-08 19:42 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-12-08 19:42 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-12-08 19:42 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-12-08 19:42 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-12-08 19:42 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-12-08 19:42 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-12-08 19:42 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-12-08 19:42 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-12-08 19:42 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-08 19:42 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-08 19:42 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-08 19:42 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-08 19:42 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-08 19:42 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-08 19:42 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-08 19:42 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-12-08 19:42 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-08 19:42 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-08 19:42 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-08 19:42 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-12-08 19:42 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-08 19:42 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-08 19:42 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-08 19:42 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-08 19:42 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-08 19:42 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-08 19:42 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-12-08 19:42 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-08 19:42 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-12-08 19:42 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-12-08 19:42 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-12-08 19:42 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-08 19:42 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-08 19:42 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-12-08 19:42 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-12-08 19:42 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-08 19:42 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-12-08 19:42 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-08 19:42 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-12-08 19:42 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-12-08 19:42 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-12-08 19:42 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-08 19:42 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-12-08 19:42 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-08 19:42 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-08 19:42 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-08 19:42 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-12-08 19:42 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-08 19:42 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-08 19:42 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-08 19:42 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-12-08 19:42 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-12-08 19:42 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-12-08 19:42 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-08 19:42 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-08 19:42 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-12-08 19:42 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-12-08 19:42 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-12-08 19:42 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-12-08 19:42 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-08 19:42 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-08 19:42 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-08 19:42 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-12-08 19:42 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-12-08 19:42 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-12-08 19:42 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-12-08 19:42 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-12-08 19:42 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-12-08 19:42 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-08 19:42 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-12-08 19:42 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-08 19:42 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-08 19:42 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-08 19:42 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-08 19:42 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-12-08 19:42 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-08 19:42 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-08 19:42 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-08 19:42 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-08 19:42 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll 2015-12-08 19:42 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll 2015-12-08 19:42 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-12-08 19:42 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2015-12-08 19:42 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-08 19:42 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2015-12-08 19:42 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2015-12-08 19:42 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2015-12-08 19:42 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2015-12-08 19:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2015-12-08 19:42 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2015-12-08 19:42 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2015-12-08 19:42 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls 2015-12-08 19:42 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls 2015-12-08 19:41 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-08 19:41 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-12-08 19:41 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-12-08 19:41 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll 2015-12-08 19:41 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll 2015-12-08 14:58 - 2015-12-08 14:58 - 00021081 _____ C:\Users\*******\Downloads\Weihnachtslieder.pdf 2015-12-01 22:33 - 2015-12-01 22:34 - 00675632 _____ C:\Windows\Minidump\120115-29328-01.dmp 2015-12-01 21:38 - 2015-12-01 21:38 - 18220192 _____ (Adobe Systems Inc.) C:\Users\*******\Downloads\AdobeAIRInstaller.exe 2015-11-30 21:37 - 2015-11-30 21:37 - 00000000 ____D C:\Users\*******\AppData\Roaming\Ice-Pick Lodge 2015-11-29 23:54 - 2015-11-29 23:54 - 00000000 ____D C:\Users\*******\Documents\fallout 3 ini backup 2015-11-29 22:04 - 2015-11-29 22:04 - 00000000 ____D C:\Windows\SysWOW64\xlive 2015-11-29 22:04 - 2015-11-29 22:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE 2015-11-29 17:10 - 2015-11-29 21:25 - 00000000 ____D C:\Users\*******\AppData\Local\Fallout3 2015-11-29 02:41 - 2015-11-29 03:03 - 00000820 _____ C:\Windows\system32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx 2015-11-28 21:15 - 2015-11-28 21:15 - 00000000 ____D C:\Users\*******\AppData\Roaming\Smart Recorder 2015-11-28 21:14 - 2015-11-28 21:14 - 00000000 ____D C:\Users\*******\AppData\Roaming\Creative 2015-11-28 20:35 - 2015-11-29 02:41 - 00062240 _____ C:\Windows\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx 2015-11-28 20:34 - 2015-11-29 02:40 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information 2015-11-28 20:33 - 2015-11-29 03:03 - 00000000 ____D C:\Windows\SysWOW64\Data 2015-11-28 20:33 - 2015-11-29 03:03 - 00000000 ____D C:\Windows\system32\Data 2015-11-28 20:33 - 2007-09-13 18:05 - 00002560 _____ () C:\Windows\system32\CTXFIGER.DLL 2015-11-28 20:33 - 2007-09-13 03:05 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIGER.DLL 2015-11-28 20:33 - 2004-07-30 14:46 - 00020480 _____ (Creative Technology Limited) C:\Windows\SysWOW64\INRESGER.DLL 2015-11-27 16:27 - 2015-11-27 16:27 - 00000000 ____D C:\Users\*******\AppData\Roaming\Corsair 2015-11-27 16:27 - 2015-11-27 16:27 - 00000000 ____D C:\Users\*******\AppData\Local\Corsair 2015-11-27 16:26 - 2015-11-27 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine 2015-11-27 16:26 - 2015-11-27 16:26 - 00000000 ____D C:\Program Files (x86)\Corsair 2015-11-27 16:22 - 2015-11-27 16:22 - 00000000 ____D C:\Users\*******\Downloads\Corsair-Utility-Engine-v1.12.75 2015-11-27 16:21 - 2015-11-27 16:22 - 59659068 _____ C:\Users\*******\Downloads\Corsair-Utility-Engine-v1.12.75.zip 2015-11-26 17:19 - 2015-11-26 17:19 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360 2015-11-26 17:13 - 2015-11-26 17:13 - 00003206 _____ C:\Windows\System32\Tasks\Norton WSC Integration ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-21 21:09 - 2013-11-17 16:49 - 00000000 ____D C:\Users\*******\AppData\Roaming\TS3Client 2015-12-21 17:23 - 2011-04-12 08:43 - 00699416 _____ C:\Windows\system32\perfh007.dat 2015-12-21 17:23 - 2011-04-12 08:43 - 00149556 _____ C:\Windows\system32\perfc007.dat 2015-12-21 17:23 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI 2015-12-21 17:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-12-21 16:12 - 2014-05-16 19:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-12-21 15:44 - 2009-07-14 05:45 - 00030880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-12-21 15:44 - 2009-07-14 05:45 - 00030880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-12-21 15:40 - 2013-10-27 20:29 - 00000000 ____D C:\Program Files (x86)\Steam 2015-12-21 15:33 - 2015-07-31 13:27 - 00000000 ____D C:\Windows\System32\Tasks\Remediation 2015-12-21 15:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-12-20 18:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-12-19 20:35 - 2014-08-25 15:47 - 00000000 ____D C:\Users\*******\AppData\Local\Adobe 2015-12-19 20:34 - 2014-12-25 15:42 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-12-19 20:23 - 2013-10-27 20:54 - 00000000 ____D C:\ProgramData\Adobe 2015-12-19 19:08 - 2013-11-04 23:59 - 00000000 ____D C:\Users\*******\Documents\Gamesaves 2015-12-19 19:08 - 2013-11-04 23:56 - 00000000 ____D C:\Users\*******\Documents\games 2015-12-19 16:06 - 2013-11-06 18:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-19 01:40 - 2013-10-28 20:06 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-12-18 21:47 - 2009-07-14 04:20 - 00000000 __RSD C:\Windows\Media 2015-12-18 02:29 - 2015-04-05 01:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-12-18 02:29 - 2015-04-05 01:31 - 00000000 ___SD C:\Windows\system32\GWX 2015-12-16 22:07 - 2013-11-06 17:50 - 00000000 ____D C:\Users\*******\AppData\Local\NPE 2015-12-16 17:34 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-12-16 16:41 - 2013-12-14 14:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-12-16 16:30 - 2013-12-14 14:29 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-12-15 15:46 - 2014-05-13 13:44 - 00000000 ____D C:\NPE 2015-12-15 15:40 - 2014-04-27 14:48 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-15 15:39 - 2014-04-27 14:47 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-12-13 00:05 - 2013-11-05 00:00 - 00000000 ____D C:\Users\*******\Documents\University 2015-12-12 23:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-12-10 00:16 - 2013-11-13 20:11 - 00000456 _____ C:\Users\*******\Desktop\bestellliste.txt 2015-12-09 14:13 - 2009-07-14 05:45 - 00435408 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-09 00:53 - 2013-10-27 18:19 - 00000000 ____D C:\Windows\system32\MRT 2015-12-09 00:50 - 2013-10-27 18:19 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-06 19:36 - 2013-10-27 20:59 - 00000000 ____D C:\ProgramData\Origin 2015-12-03 16:46 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-12-03 16:39 - 2013-10-27 20:59 - 00000000 ____D C:\Program Files (x86)\Origin 2015-12-01 22:33 - 2013-10-27 22:59 - 1227878191 _____ C:\Windows\MEMORY.DMP 2015-12-01 22:33 - 2013-10-27 22:59 - 00000000 ____D C:\Windows\Minidump 2015-11-30 21:06 - 2014-10-24 16:31 - 00003353 _____ C:\Users\*******\Desktop\cart.txt 2015-11-29 17:09 - 2013-10-31 16:57 - 00000000 ____D C:\Users\*******\Documents\my games 2015-11-29 03:04 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Creative 2015-11-29 03:03 - 2013-11-16 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative 2015-11-29 03:03 - 2013-11-16 16:13 - 00000078 ___RH C:\Windows\ctfile.rfc 2015-11-29 03:02 - 2013-11-16 16:17 - 00000000 ____D C:\ProgramData\Creative 2015-11-29 03:01 - 2013-10-27 16:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-26 17:14 - 2013-10-27 16:47 - 00000000 ____D C:\Windows\system32\Drivers\N360x64 2015-11-26 17:13 - 2015-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2015-11-26 17:13 - 2015-08-22 17:12 - 00002239 _____ C:\Users\Public\Desktop\Norton 360 Online.LNK 2015-11-24 21:03 - 2013-10-27 21:02 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-11-24 13:08 - 2014-05-16 19:48 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-01-05 21:00 - 2015-01-07 21:22 - 0001474 _____ () C:\Users\*******\AppData\Roaming\SpeedRunnersLog.txt 2014-05-06 16:11 - 2014-05-06 16:11 - 0007679 _____ () C:\Users\*******\AppData\Local\Resmon.ResmonCfg 2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\*******\AppData\Local\setup.txt 2013-10-30 18:38 - 2013-10-30 18:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-01-02 13:48 - 2014-11-03 13:48 - 0000032 ____R () C:\ProgramData\hash.dat 2015-10-17 22:00 - 2015-10-17 22:00 - 0000128 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\hash.dat Einige Dateien in TEMP: ==================== C:\Users\*******\AppData\Local\Temp\OfficeSetup.exe C:\Users\*******\AppData\Local\Temp\_is9C0F.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-12 23:02 ==================== Ende von FRST.txt ============================ |
|
22.12.2015, 13:32
| #6 |
| /// Malwareteam | Rundumcheck Hi, das ist nichts schlimmes. Der Rechner ist sauber  Dann wären wir hier durch. Deine Logs sind sauber Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür! Schritt # 1: Entfernen unserer Tools Die Reihenfolge ist hier entscheidend.
Abschließend noch ein paar Tipps von mir: Schritt # 2: Empfohlene Software Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet). Ich empfehle:
Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen. Alternativ kannst du verwenden:Dazu sind folgende Add-ons empfehlenswert:  uBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus. Ghostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst.Du kannst auch  Malwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen.Halte immer deine Plug-ins und Software aktuell, vor allem:
PluginCheck Filehippo App Manager Schritt # 3: Tipps um eine Neuinfektion zu vermeiden Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt. Da hilft es nur aufmerksam zu sein. Ein Tool, welches dich dabei gut unterstützen kann, ist:  Unchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln. Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit Malwarebytes Anti-Malware und  ESET.Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen. Schritt # 4: Unterstütze uns! Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html  Es reicht aber auch schon ein simples  hier, wenn du mit uns zufrieden warst.  unsere Facebook-Seite!Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann.
__________________ --> Rundumcheck |
|
22.12.2015, 17:04
| #7 |
| | Rundumcheck Hi! Super, freut mich, das zu hören! Dann noch einmal vielen Dank für die großartige Hilfe! Schritte habe ich größtenteils abgearbeitet (Norton hat bei DelFix zwar erst mal rumgemeckert, aber das ist erledigt). Liebe Grüße, ein frohes Fest und schon mal einen guten Rutsch ins neue Jahr! Felix |
|
22.12.2015, 17:34
| #8 |
| /// Malwareteam | Rundumcheck Wünsch ich dir ebenfalls! |
|
| Themen zu Rundumcheck |
| adobe, bonjour, computer, defender, dnsapi.dll, explorer, firefox, helper, homepage, installation, launch, mozilla, neustart, programm, prozess, prozesse, realtek, registry, rundll, services.exe, software, stick, svchost.exe, symantec, temp, usb, windows |
Emsisoft Anti-Malware
Microsoft Security Essentials
Mozilla Firefox
Google Chrome
Flash Player
Java
PDF Reader
Linear-Darstellung
