| |
| |||||||
Log-Analyse und Auswertung: Rechner total infiziert, zerschossen, hinüber, keine Ahnung.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.01.2016, 15:37
| #1 |
 |  Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, in den einen oder andern Thread hab ich geschrieben, dass ich möglichst viel selbst machen möchte. Learning by doing. Ansich bin ich recht "gut" darin selbst Fehler zu finden und zu beheben, google sei dank. Doch an einem Rechner beiß ich mir die Zähne aus. Die Fehler lassen sich von mir nicht lokalisieren und beheben. Ich versuche mal eine Kurzfassung zu schreiben: -Rechner ist total langsam. Ca. 5 oder mehr Minuten zum bootvorgang. - es kommen x^n Fehlermeldung - Graka raucht ab (Das war mir vorher schon bewusst). Es könnten noch die einen oder anderen unbekannten Probleme auftauchen, die mir nicht bewusst gewoden sind. Nu das nächste Problem. Ich hab zwar Zugang zum Rechner, doch Plattmachen kommt für die nächsten Wochen nicht in Frage.(Falls es überhaupt sein muss, was ich leider befürchte...) Besitzer ist auf Reisen weshalb Sie mit mir zusammen Daten sichern möchte, um auf der sicheren Seite zu sein. Nicht das wichtige Dokumente im Datennirvana verschwinden... Zwecks Cracks, Keygens, other illegal stuff, keine Ahnung. Habe den Rechner mit einer frischen Installation vor mehrern Jahren übernommen und weitergegeben. Seit dem nicht mehr gesehen. Leider stehe ich gerade unter Zugzwang und kann wenn heute Abend erst irgendwelche Logs posten. (Danke schonmal für eure Bausteine  ) Könnte sich einer mal einen Überblick verschaffen? Das wäre nett!  PS: Wenn es möglich ist, möchte ich alle sensiblen Daten unkenntlich machen. PPS: Ich hab keine Logs, keine Virenfunde kein gar nichts hier. Hab ihn bekommen und angeschlossen. PPPS: Firefox geht nun gar nicht mehr. Wird immer besser Gruß Plankton hi, hatte noch Zeit einen ersten Suchlauf mit ADW und MBAM zu machen. Leider finde ich nirgends den Log zu MBAM. Unter den ganzen Protokollen war nur die Schutzprotokolle zu finden, nicht der Suchlog. Code:
ATTFilter # AdwCleaner v5.028 - Bericht erstellt am 09/01/2016 um 15:27:36
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : XXXXX - KESSEL-PC
# Gestartet von : C:\Users\XXXXX\Desktop\adwcleaner_5.028.exe
# Option : Löschen
# Unterstützung : http://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : DnsBlockUpdateSvc
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files\myfree codec
[!] Ordner Nicht Gelöscht : C:\Program Files\{8304F121-E05F-4470-83A4-7033D9B65E80}
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\742foh81.default\Extensions\staged\{a2bff6ba-8d18-488c-853c-ad9bc29f2482}
[!] Ordner Nicht Gelöscht : C:\Users\XXXXX\AppData\Local\DnsBlock
[#] Ordner Gelöscht : C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\3dnfo0e4.default-1429815653061\Extensions\anttoolbar@ant.com
[!] Ordner Nicht Gelöscht : C:\Windows\Installer\{F8B78F42-4AE5-41B6-A922-0108D1D474F0}
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\742foh81.default\user.js
[-] Datei Gelöscht : C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\3dnfo0e4.default-1429815653061\user.js
[-] Datei Gelöscht : C:\Windows\system32\DnsBlockUpdateSvc.exe
[-] Datei Gelöscht : C:\Windows\system32\dns.block
[-] Datei Gelöscht : C:\Windows\system32\GroupPolicy\Machine\Registry.pol
[-] Datei Gelöscht : C:\Windows\system32\GroupPolicy\GPT.ini
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\c
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\CLASSES\APPID\DPBHO.DLL
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1C6F51F8-BCE6-4702-8952-6A8233359FBC}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E7BF74EE-9106-4113-B216-2F980BA29141}
[!] Schlüssel Nicht Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
[!] Schlüssel Nicht Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\DownloadProtect
[!] Schlüssel Nicht Gelöscht : HKCU\Software\CLKAPP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\WebBar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Hola
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Hola
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Hola
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\video MediaPlay-Air
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2753653969-2359815990-1846906343-1020-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2753653969-2359815990-1846906343-1020-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\DownloadProtect
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2753653969-2359815990-1846906343-1020-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\CLKAPP
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2753653969-2359815990-1846906343-1020-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-2753653969-2359815990-1846906343-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Myfree Codec
***** [ Internetbrowser ] *****
[-] [C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\3dnfo0e4.default-1429815653061\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
########## EOF - C:\AdwCleaner\AdwCleaner[C16].txt - [8542 Bytes] ##########
Geändert von P.Lankton (09.01.2016 um 14:33 Uhr) |
|
09.01.2016, 19:59
| #2 |
| /// Malwareteam  | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Wir schauen zuerst mal nach Malware, wobei auch die Festplatte abgeraucht sein könnte, mal schauen. Schritt # 1: FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt # 2: TDSS Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt # 3: Bitte Posten
__________________ |
|
09.01.2016, 21:46
| #3 |
| | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi,
__________________heute schaff ich es nicht mehr. War zu lang unterwegs. Morgen arbeite ich Schritt für Schritt die Schritte durch. Ähm, beim AdW Log hab ich ja alle Namen durch XXXX ersetzen können, sowie beim ESETLog auch. Laut dem Log hat er nur die ADW funde entfernt. Wie kann ich sensible Daten, falls vorhanden unkenntlich machen? Möchte ungern das jemand Rückschlüsse auf die Personen ziehen kann.  danke und bis morgen Gruß Plankton |
|
10.01.2016, 11:53
| #4 |
| /// Malwareteam | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, ja du musst halt die Logs durchschauen, was persönliche Infos sind und was nicht deiner Meinung nach. Aber bitte keine Zeilen rauslöschen sondern am besten so wie vorher durch Xerln ersetzen. Ich kann auch nicht immer, also einfach antworten wanns geht |
|
10.01.2016, 13:08
| #5 |
| | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, hier die logs Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:09-01-2015
durchgeführt von XXXX (Administrator) auf Banane-Kirsch (10-01-2016 12:54:25)
Gestartet von C:\Users\XXXX\Desktop
Geladene Profile: XXXX (Verfügbare Profile: XXXX & Gast)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(hxxp://libusb-win32.sourceforge.net) C:\Windows\System32\libusbd-nt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-10] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-10-15] (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.246.64.8 62.220.18.8
Tcpip\..\Interfaces\{E6849F8A-240A-497D-B345-3A8F58514B42}: [DhcpNameServer] 89.246.64.8 62.220.18.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020 -> {970AEA44-9A13-4C45-98BB-6A399F1BD453} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020 -> {B3658E89-7EB9-431A-9B65-D879396CE693} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020 -> {DFB49A55-BD5E-45B3-8E40-342D7DCEDC9B} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020 -> {E6B1E037-366A-4BD0-A03B-769ACEC4812D} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-20] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-07] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-20] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\3dnfo0e4.default-1429815653061
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-2753653969-2359815990-1846906343-1020: @phonostar.de/phonostar -> C:\Program Files\dradio-Recorder\npphonostarDetectNP.dll [Keine Datei]
FF Extension: avast! Ad Blocker - C:\Program Files\Mozilla Firefox\extensions\adblocker@avast.com.xpi [2013-02-25] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-16]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3219136 2015-10-15] (Avast Software)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
U2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15904544 2014-02-05] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
S2 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [X]
S4 AntiVirWebService; "C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-10-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-10-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-10-15] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [115640 2015-10-15] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-10-15] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69240 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1093888 2011-12-12] (Broadcom Corporation)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1872192 2010-02-09] (C-Media Inc)
R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [107984 2015-10-15] (AVAST Software)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-27] (NVIDIA Corporation)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows (R) Win 7 DDK provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-10-15] (Avast Software)
S3 catchme; \??\C:\Users\Kessel\AppData\Local\Temp\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\EE06.tmp [X]
S0 PxHelp20; system32\DRIVERS\PxHelp20.sys [X]
S3 XDva405; \??\C:\Windows\system32\XDva405.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-10 12:54 - 2016-01-10 12:54 - 01721856 _____ (Farbar) C:\Users\XXXX\Desktop\FRST.exe
2016-01-10 12:54 - 2016-01-10 12:54 - 00015394 _____ C:\Users\XXXX\Desktop\FRST.txt
2016-01-10 12:54 - 2016-01-10 12:54 - 00000000 ____D C:\FRST
2016-01-10 12:49 - 2016-01-10 12:53 - 00206580 _____ C:\TDSSKiller.3.1.0.9_10.01.2016_12.49.27_log.txt
2016-01-10 12:48 - 2016-01-10 12:49 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\XXXX\Desktop\tdsskiller.exe
2016-01-09 21:41 - 2016-01-09 21:44 - 00010338 _____ C:\Users\XXXX\Desktop\Esetlog.txt
2016-01-09 16:03 - 2016-01-09 16:03 - 02870984 _____ (ESET) C:\Users\XXXX\Downloads\esetsmartinstaller_deu.exe
2016-01-09 15:59 - 2016-01-09 15:59 - 00001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-09 15:59 - 2016-01-09 15:59 - 00001118 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-09 15:56 - 2016-01-09 15:57 - 00248736 _____ C:\Users\XXXX\Downloads\Firefox Setup Stub 43.0.4.exe
2016-01-09 15:34 - 2016-01-09 15:35 - 16563352 _____ (Malwarebytes Corp.) C:\Users\XXXX\Downloads\mbar-1.09.3.1001.exe
2016-01-09 14:47 - 2016-01-09 16:00 - 00000000 ____D C:\Program Files\Opera
2016-01-09 14:45 - 2016-01-09 14:45 - 00001073 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-09 14:28 - 2015-12-20 11:34 - 00191584 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2016-01-09 14:28 - 2015-12-20 11:34 - 00191072 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2016-01-09 14:28 - 2013-03-13 21:19 - 00861088 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2016-01-09 14:28 - 2013-03-13 21:19 - 00782240 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2016-01-02 21:07 - 2016-01-02 21:08 - 66130920 _____ (Landesfinanzdirektion Thüringen) C:\Users\XXXX\Downloads\ElsterFormular-16.3.170.20151019p.exe
2016-01-02 18:21 - 2016-01-02 18:21 - 00000000 ____D C:\Users\XXXX\Downloads\Ant Videos
2016-01-02 16:01 - 2016-01-02 16:26 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\dBpoweramp
2016-01-02 16:01 - 2016-01-02 16:01 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\AccurateRip
2016-01-02 13:03 - 2016-01-02 13:03 - 00000000 ____D C:\Users\Public\CyberLink
2016-01-01 19:46 - 2016-01-01 19:46 - 00000034 _____ C:\Windows\cdplayer.ini
2016-01-01 19:23 - 2016-01-01 19:46 - 00000000 ____D C:\Program Files\Audiograbber
2015-12-30 17:01 - 2015-12-30 17:01 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\FreeDownloadManager.ORG
2015-12-30 17:01 - 2015-12-30 17:01 - 00000000 ____D C:\ProgramData\FreeDownloadManager.ORG
2015-12-30 17:00 - 2015-12-30 17:00 - 10796688 _____ (FreeDownloadManager.ORG ) C:\Users\XXXX\Downloads\fdminst.exe
2015-12-28 23:02 - 2016-01-10 12:51 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-26 12:47 - 2015-12-29 18:33 - 00000000 ____D C:\Users\XXXX\Desktop\Bewerbungsunterlagen, korrigiert
2015-12-26 12:20 - 2015-12-26 12:23 - 00000000 ____D C:\Users\XXXX\Desktop\Photos 3
2015-12-26 12:18 - 2015-12-26 12:18 - 00000000 ____D C:\Users\XXXX\Desktop\Photos 2
2015-12-25 13:09 - 2015-12-25 13:10 - 00000000 ____D C:\Users\XXXX\Desktop\Photos
2015-12-20 11:50 - 2016-01-01 11:46 - 00000000 ____D C:\Users\XXXX\PC Tools
2015-12-20 11:35 - 2015-12-20 11:35 - 00000000 ____D C:\Program Files\Common Files\Java
2015-12-20 11:34 - 2015-12-20 11:34 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Sun
2015-12-20 11:34 - 2015-12-20 11:34 - 00000000 ____D C:\Users\XXXX\.oracle_jre_usage
2015-12-20 11:31 - 2015-12-20 11:31 - 00000000 ____D C:\Users\XXXX\AppData\LocalLow\Oracle
2015-12-20 11:29 - 2015-12-20 11:29 - 00000000 ____D C:\Users\XXXX\AppData\Local\Windows Live
2015-12-20 11:27 - 2015-12-20 11:27 - 00000020 _____ C:\Windows\€ùW
2015-12-19 14:16 - 2015-12-20 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office-Bibliothek
2015-12-19 14:16 - 2015-12-20 11:25 - 00000000 ____D C:\Program Files\Office-Bibliothek
2015-12-19 14:16 - 2015-12-19 14:16 - 00000000 ____D C:\ProgramData\BIFAB
2015-12-18 20:59 - 2015-11-20 19:34 - 02956800 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-18 20:59 - 2015-11-20 19:34 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-18 20:59 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-18 20:59 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-18 20:59 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-18 20:59 - 2015-11-20 19:34 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-18 20:59 - 2015-11-20 19:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-18 20:59 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-18 20:59 - 2015-11-20 19:33 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-18 20:59 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-18 20:59 - 2015-11-20 19:33 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-18 20:59 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-18 20:59 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-18 20:59 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-18 20:59 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-18 20:59 - 2015-11-05 10:48 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-18 20:59 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-18 20:59 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-16 18:18 - 2015-12-16 18:18 - 00000207 _____ C:\Windows\tweaking.com-regbackup-Banane-Kirsch-Windows-7-Professional-(32-bit).dat
2015-12-16 18:18 - 2015-12-16 18:18 - 00000000 ____D C:\RegBackup
2015-12-16 18:11 - 2015-12-16 18:11 - 00000000 ____D C:\Program Files\Tweaking.com
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-10 12:54 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-10 12:53 - 2015-02-07 20:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-10 12:51 - 2009-07-14 05:34 - 00025328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-10 12:51 - 2009-07-14 05:34 - 00025328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-10 12:39 - 2013-02-05 20:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-10 12:39 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-09 16:04 - 2014-03-01 17:46 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-09 16:00 - 2014-10-10 19:57 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Opera Software
2016-01-09 16:00 - 2014-10-10 19:57 - 00000000 ____D C:\Users\XXXX\AppData\Local\Opera Software
2016-01-09 15:39 - 2014-05-17 16:29 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-09 15:38 - 2014-07-28 16:29 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-09 15:27 - 2013-11-25 22:10 - 00000000 ____D C:\AdwCleaner
2016-01-09 15:27 - 2009-07-14 03:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-01-09 15:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Web
2016-01-09 14:45 - 2014-07-28 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-01-09 14:45 - 2014-07-28 16:29 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2016-01-09 14:30 - 2013-02-18 16:13 - 00000000 ____D C:\Program Files\CCleaner
2016-01-09 14:28 - 2013-02-23 19:22 - 00000000 ____D C:\Program Files\Java
2016-01-09 14:27 - 2014-07-24 09:49 - 00000000 ____D C:\Program Files\Free Download Manager
2016-01-03 10:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-02 21:09 - 2015-10-18 12:57 - 00000000 ____D C:\Program Files\ElsterFormular
2016-01-02 17:52 - 2013-02-05 20:27 - 01658084 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-02 17:52 - 2009-07-14 09:47 - 00713394 _____ C:\Windows\system32\perfh007.dat
2016-01-02 17:52 - 2009-07-14 09:47 - 00155330 _____ C:\Windows\system32\perfc007.dat
2016-01-02 16:26 - 2014-05-18 11:56 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\vlc
2016-01-02 13:03 - 2014-12-08 19:40 - 00000000 ____D C:\ProgramData\CyberLink
2015-12-29 15:53 - 2015-02-07 20:39 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-29 15:53 - 2015-02-07 20:39 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-26 12:37 - 2014-07-20 15:11 - 00000000 ___RD C:\Users\XXXX\Documents\Scanned Documents
2015-12-20 18:46 - 2015-10-22 18:49 - 00153826 _____ C:\Users\XXXX\Desktop\Elsterformular Daten hinzufügen.elfo
2015-12-20 11:50 - 2014-05-16 12:36 - 00000000 ____D C:\Users\XXXX
2015-12-20 11:40 - 2015-05-15 18:40 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-12-20 11:36 - 2013-10-26 11:20 - 00000000 ____D C:\ProgramData\Oracle
2015-12-20 11:35 - 2013-10-26 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-20 11:34 - 2014-05-05 12:22 - 00278624 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-12-20 11:34 - 2013-02-23 19:22 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-12-20 11:29 - 2013-02-20 12:00 - 00000000 ____D C:\Program Files\Windows Live
2015-12-20 11:28 - 2013-02-20 11:56 - 00000000 ____D C:\Program Files\Common Files\Windows Live
2015-12-20 11:27 - 2013-02-05 21:40 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-12-20 11:27 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-20 11:26 - 2015-08-16 15:09 - 00000079 _____ C:\Windows\wininit.ini
2015-12-19 20:36 - 2015-12-09 13:15 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-19 20:34 - 2013-06-28 13:56 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-19 17:19 - 2015-09-26 19:33 - 00436552 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-19 14:48 - 2015-04-04 09:16 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-19 14:20 - 2015-09-26 19:43 - 00124480 _____ C:\Users\XXXX\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-19 14:17 - 2014-05-17 10:46 - 00000000 ____D C:\Users\XXXX\AppData\Local\VirtualStore
2015-12-19 12:01 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-12-19 11:12 - 2014-06-08 14:46 - 00000000 ____D C:\ProgramData\elsterformular
2015-12-18 22:06 - 2013-02-20 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-18 22:05 - 2013-02-20 12:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-18 21:56 - 2013-08-05 16:10 - 00000000 ____D C:\Windows\system32\MRT
2015-12-18 21:56 - 2013-02-05 21:18 - 137798368 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-16 19:08 - 2015-07-10 14:39 - 00000000 ___HD C:\$Windows.~BT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-07 19:05 - 2014-12-08 20:05 - 0000064 _____ () C:\Users\XXXX\AppData\Roaming\WB.CFG
2014-05-30 14:22 - 2014-05-30 14:22 - 0000099 _____ () C:\Users\XXXX\AppData\Local\fusioncache.dat
2013-02-07 22:23 - 2013-02-07 22:23 - 0000040 _____ () C:\ProgramData\ra3.ini
Einige Dateien in TEMP:
====================
C:\Users\XXXX\AppData\Local\temp\DseShExt-x86.dll
C:\Users\XXXX\AppData\Local\temp\nsuB4ED.exe
C:\Users\XXXX\AppData\Local\temp\SDShelEx-win32.dll
C:\Users\XXXX\AppData\Local\temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-09 19:10
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:09-01-2015
durchgeführt von XXXXX (2016-01-10 12:55:04)
Gestartet von C:\Users\XXXXX\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-02-05 19:24:13)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2753653969-2359815990-1846906343-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2753653969-2359815990-1846906343-1005 - Limited - Enabled)
Gast (S-1-5-21-2753653969-2359815990-1846906343-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2753653969-2359815990-1846906343-1002 - Limited - Enabled)
XXXXX (S-1-5-21-2753653969-2359815990-1846906343-1020 - Administrator - Enabled) => C:\Users\XXXXX
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.4.2233 - AVAST Software)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink Media Suite 10 (HKLM\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
dBpoweramp DSP Effects (HKLM\...\dBpoweramp DSP Effects) (Version: Release 6 - Illustrate)
dBpoweramp m4a Nero AAC Encoder (HKLM\...\dBpoweramp m4a Nero AAC Encoder) (Version: Release 1 - Illustrate)
dBpoweramp Music Converter (HKLM\...\dBpoweramp Music Converter) (Version: Release 14.4 - Illustrate)
dBpoweramp Ogg Vorbis Codec (HKLM\...\dBpoweramp Ogg Vorbis Codec) (Version: Release 22 (Vorbis v1.3.3) - Illustrate)
dBpoweramp Windows Media Audio 10 Codec (HKLM\...\dBpoweramp Windows Media Audio 10 Codec) (Version: Release 7 - Illustrate)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.2.24.20150630 - Landesfinanzdirektion Thüringen)
Englischlehrer.de Klausuren-Bewertungsbogen 2.1.0 (HKLM\...\Englischlehrer.de Klausuren-Bewertungsbogen) (Version: 2.1.0 - )
Facebook Messenger 2.1.4814.0 (HKLM\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
Free YouTube Download version 3.2.61.805 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.61.805 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LibUSB-Win32-0.1.10.1 (HKLM\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Lotus Word Pro 96 (HKLM\...\WordPro V96.0) (Version: - )
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
mathepower.de - 2013 (HKLM\...\{90F1F08B-EF46-481A-89C4-184613B96572}_is1) (Version: 2013 - Computerdienst Meyn GmbH)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
MSI Afterburner 2.3.1 (HKLM\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
NETGEAR WNA3100 wireless USB 2.0 driver (HKLM\...\{CF7B20C3-C08E-422B-B6A1-225A9A0F13AC}) (Version: 2.1.0.0 - NETGEAR)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA nTune (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office-Bibliothek (HKLM\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.00.4 - Bibliographisches Institut GmbH)
Oxford Advanced Learner's Dictionary - 8th Edition (HKLM\...\NSIS_oald8) (Version: - )
Paragon Software PONS-CD 7 (HKLM\...\Paragon Software PONS-CD 7) (Version: - )
Red Line Grammatik Sprachtrainer (HKLM\...\{E56D4424-C89F-4D96-96F9-FC5DA7E37F49}) (Version: 1.00.000 - Klett)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Trust 5.1 Soundcard 14319 (HKLM\...\C-Media PCI Audio Driver) (Version: - )
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.194 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
Winamp (HKLM\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
YouCam (Version: 3.1.5324 - CyberLink Corp.) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2F3E0A66-1E3A-4907-BA3E-DE17FCAF0269} - System32\Tasks\Google Updater and Installer => C:\Users\Kessel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {42F4F92F-E6C3-4978-BAF6-26FE4ED1BDFC} - System32\Tasks\{71130AC4-9D5F-4EF1-AE8F-15C9AC8BAF6F} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {46738277-B9B9-4C70-A72D-D8A6B71BD05C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {4A6F01A4-0460-4079-A426-DF1301E2739A} - System32\Tasks\{391EFD2E-99DD-459E-AF20-29F1954AE901} => pcalua.exe -a "C:\Users\XXXXX\Downloads\wmp11-windowsxp-x86-DE-DE.exe" -d "C:\Users\XXXXX\Downloads"
Task: {4D77F6C8-BB07-4B7E-A39D-97E365504C9C} - System32\Tasks\{CDF0AF54-7DBA-43B0-AA5F-C514A9539756} => pcalua.exe -a E:\Setup.exe -d E:\
Task: {5F5AC907-C8DB-4A7F-B594-F1342F4A9F1D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {6531C4CC-B24F-4D9B-9672-F305BBB46538} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-18] (Google Inc.)
Task: {6AEF0C98-2CB4-4B67-8C70-4C977C7355CC} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {6B08AF71-5829-4767-BD97-6383510CE30A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {6E93AE83-9CF0-4381-8B48-A84B4B0D37B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {72F4AB2B-3B97-4666-932A-846109FA97A1} - System32\Tasks\{0935E5A2-E841-4107-8572-0F7238D7B0C1} => pcalua.exe -a "C:\Users\XXXXX\Downloads\wmp11-windowsxp-x86-DE-DE(2).exe" -d "C:\Users\XXXXX\Downloads"
Task: {750F00D3-6060-4B8A-88C2-02AAD86C3A03} - System32\Tasks\{F805E1A3-6231-4E26-87B3-70F78D3ACA89} => pcalua.exe -a E:\setup.exe -d E:\
Task: {8B1BA3E3-4928-401D-8B1C-5B49F26DAD5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-18] (Google Inc.)
Task: {8C6D3E7F-DD03-43F9-BD09-C32DA749103B} - System32\Tasks\{2EE1056A-97D8-4049-82DB-9765855F5C31} => C:\Program Files\Skype\Phone\Skype.exe
Task: {9BA97BD3-1AD0-49F6-B959-BE608F77B157} - System32\Tasks\{71BC1623-EC56-4D14-AAEA-C16FAED93932} => pcalua.exe -a E:\Driver\Setup_Afterburner.exe -d E:\Driver
Task: {9DF671B1-868E-47BA-A094-9E0E1A6C5B21} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A7F5EE44-D396-47A2-A903-C266273A00D4} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink)
Task: {B0803E06-8410-49BD-9F38-22B59E0B8B6E} - System32\Tasks\{0C602DE5-8B65-42D0-851A-D6A57B44E5D0} => pcalua.exe -a E:\install_flash_player_active_x.exe -d E:\
Task: {B14031D6-5426-41BC-8A59-5C35D85A75B5} - System32\Tasks\{2433512E-B599-409C-A51C-57E4AA44C9B6} => pcalua.exe -a "C:\Program Files\HQPureQualV1.8\Uninstall.exe" -c /fcp=1
Task: {B1F4936F-AB85-4EFD-9B77-91590DE6B6D8} - System32\Tasks\{0575DD58-BF0B-41ED-81CB-1D0EA80F924D} => pcalua.exe -a "C:\Users\XXXXX\Desktop\Bing-Maps-3D.exe" -d "C:\Users\XXXXX\Desktop"
Task: {C0BA2BAD-B978-4CB2-AD84-D15A7A4B3D7D} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation)
Task: {C4CDDE66-CDD3-4FDB-8814-57801F5D5834} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {D622195C-D680-4FEA-9C56-59660C7C9E94} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {D9F51BFE-11FD-4E9E-A4BB-EB07C020D7AC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-15] (AVAST Software)
Task: {ED90D98A-66FB-4394-93BD-751EE0AE61C9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {FA9112B4-66ED-4937-936F-620587C8A22C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-02-05 20:38 - 2014-03-04 13:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-10-15 18:02 - 2015-10-15 18:02 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-15 18:02 - 2015-10-15 18:02 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-09 19:30 - 2016-01-09 19:30 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16010901\algo.dll
2013-02-05 22:24 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-11-29 19:48 - 2011-12-07 18:31 - 00303360 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
2014-11-29 19:48 - 2011-10-25 14:54 - 00372736 _____ () C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
2015-10-15 18:02 - 2015-10-15 18:02 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\XXXXX\Desktop\Bild.jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\XXXXX\Desktop\Bild.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\XXXXX\Documents\~$risten machen Schule Zwickau.doc:DocumentSummaryInformation
AlternateDataStreams: C:\Users\XXXXX\Documents\~$risten machen Schule Zwickau.doc:SummaryInformation
AlternateDataStreams: C:\Users\XXXXX\Documents\~$risten machen Schule Zwickau.doc:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\XXXXX\Documents\~$werbung Jeetzeschule.doc:DocumentSummaryInformation
AlternateDataStreams: C:\Users\XXXXX\Documents\~$werbung Jeetzeschule.doc:SummaryInformation
AlternateDataStreams: C:\Users\XXXXX\Documents\~$werbung Jeetzeschule.doc:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\...\123simsen.com -> www.123simsen.com
Da befinden sich 7866 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:04 - 2015-05-15 18:58 - 00449968 ___RA C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15463 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2753653969-2359815990-1846906343-1020\Control Panel\Desktop\\Wallpaper -> C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 89.246.64.8 - 62.220.18.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Genie.lnk => C:\Windows\pss\NETGEAR WNA3100 Genie.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Free Download Manager => "C:\Program Files\Free Download Manager\fdm.exe" -autorun
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: NVIDIA nTune => "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6FE1887B-D571-4A30-A728-2D457DB23F0B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9BA6B65E-A335-40E0-82B8-BAF3F2A27AD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{61526BD9-9A63-4855-9108-ADC5513C379E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D2690348-2F5A-4A3F-8028-B4E8D295189E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E90F06FB-3C4B-4B05-B6C6-AAACE87BEE03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4720E975-9EE3-43A3-95A1-EBD961013C76}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{2A210D3B-6F99-4B1E-8189-02D8349C5547}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{EFD70090-6815-4884-BB36-CBE606D10137}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51FE0278-B6F6-4433-86E4-DF36496D05A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{19A931E9-83AD-4AFD-833F-3EF9EA016743}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C75E2871-F564-4A33-A2C6-3B0CD8E20B75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{924862E0-9EBF-4233-908F-4FF2A8E19916}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{170AE2DE-6C43-43B9-B21C-D2CA5077335A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EF4709FC-9165-4791-B8AA-3B9294AD2432}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{82705C03-7DF1-4442-8422-40382FAF2AFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7BA6B31E-0067-4C9B-9D72-67B2F160EF09}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4007DA2C-3EA8-42BF-A39C-D2F27ED3D69B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1D0118C9-C541-4394-B460-1FE7979905A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3CC139C5-1ABA-42D7-ABA0-288D8D0381EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A114FA01-88D2-4CBB-A57F-0F767380846B}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{FE0C8E59-A40E-4B68-9552-FBD9EEF16D46}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{214E3C21-F80F-4CC3-91EC-1E0BCB952294}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CB71CC34-21A4-4EC4-AEF9-CAC7FD6FAAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8BCDF2A8-6FF0-476A-9814-6EE5BDDCD59A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C5716B1-375A-4225-9CC7-F2B980F638D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C9A9A2F9-8FE6-46DA-A37B-1B73948114F2}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{BD8B6714-C12C-4DB7-8F65-CCB9F2D63394}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{1B65C34C-1517-40BE-8ABF-A3839FA42CE7}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{6A448CDD-051F-490B-B158-BA172959AC52}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{2F3F75B9-5FA0-46F2-ADEC-1EC1692EBD34}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{743900F6-A705-4B7F-8C1D-7B521A3308CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{246913D2-6B2C-4EE6-B28F-2804F743D8CD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{741697C4-DC6D-47B5-BB81-7EC8E3CC5BC8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
23-12-2015 22:22:50 Windows Update
24-12-2015 14:57:05 Windows Update
24-12-2015 23:17:47 Windows Update
25-12-2015 23:21:03 Windows Update
26-12-2015 11:25:53 Windows Update
26-12-2015 23:48:20 Windows Update
27-12-2015 22:53:27 Windows Update
28-12-2015 11:40:36 Windows Update
28-12-2015 15:59:38 Windows Update
28-12-2015 23:17:05 Windows Update
29-12-2015 22:18:50 Windows Update
30-12-2015 11:36:30 Windows Update
30-12-2015 22:05:26 Windows Update
31-12-2015 14:41:56 Windows Update
31-12-2015 23:14:22 Windows Update
01-01-2016 16:30:02 Windows Update
01-01-2016 23:09:21 Windows Update
02-01-2016 10:33:55 Windows Update
02-01-2016 22:50:33 Windows Update
09-01-2016 14:22:13 AVG PC TuneUp 2015 wird entfernt
09-01-2016 14:24:31 AVG PC TuneUp 2015 wird entfernt
09-01-2016 14:25:17 AVG PC TuneUp 2015 (de-DE) wird entfernt
09-01-2016 14:27:26 Removed Java 7 Update 13
09-01-2016 17:47:42 Windows Update
10-01-2016 12:46:00 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/09/2016 02:45:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17631, Zeitstempel: 0x54b31a70
Name des fehlerhaften Moduls: MSHTML.dll, Version: 11.0.9600.17631, Zeitstempel: 0x54b33039
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00775bda
ID des fehlerhaften Prozesses: 0x720
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (01/09/2016 02:44:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17631, Zeitstempel: 0x54b31a70
Name des fehlerhaften Moduls: MSHTML.dll, Version: 11.0.9600.17631, Zeitstempel: 0x54b33039
Ausnahmecode: 0xc0000005
Fehleroffset: 0x007755e6
ID des fehlerhaften Prozesses: 0x1270
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (01/02/2016 06:31:52 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [0]
Error: (01/01/2016 11:09:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [0]
Error: (01/01/2016 02:40:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 43.0.3.5835, Zeitstempel: 0x567b4c13
Name des fehlerhaften Moduls: mozglue.dll, Version: 43.0.3.5835, Zeitstempel: 0x567b3f6a
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed56
ID des fehlerhaften Prozesses: 0x4390
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/01/2016 02:40:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 43.0.3.5835 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1790
Startzeit: 01d1447b5ff686d2
Endzeit: 681
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: 2d5fae84-b08d-11e5-872d-001999690e38
Error: (12/31/2015 11:14:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [0]
Error: (12/31/2015 02:41:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [0]
Error: (12/30/2015 12:11:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (12/30/2015 12:11:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Systemfehler:
=============
Error: (01/10/2016 12:42:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
PxHelp20
Error: (01/10/2016 12:39:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/10/2016 12:39:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/09/2016 03:31:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
PxHelp20
Error: (01/09/2016 03:29:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/09/2016 03:29:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/09/2016 03:28:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/09/2016 03:28:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/09/2016 03:27:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WSWNA3100" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/09/2016 03:27:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-12-20 11:17:11.694
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-20 11:17:11.610
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-20 11:17:11.568
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-16 17:50:32.783
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-12-16 17:50:32.675
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-21 09:20:33.324
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-21 09:20:33.311
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-21 09:20:33.286
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-15 20:47:34.043
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-11-15 20:47:34.029
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 3070.42 MB
Verfügbarer physikalischer RAM: 1676.72 MB
Summe virtueller Speicher: 6139.14 MB
Verfügbarer virtueller Speicher: 4299.9 MB
==================== Laufwerke ================================
Drive c: (Windows 7) (Fixed) (Total:74.43 GB) (Free:19.85 GB) NTFS
Drive d: (Daten) (Fixed) (Total:465.76 GB) (Free:414.83 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D444D444)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: CE6D92B5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
ESET Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\AdvancedSystemProtector.exe.vir Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\AspManager.exe.vir Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\ASPUninstall.exe.vir Variante von Win32/Systweak.K evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\Communication.dll.vir Win32/Systweak.F evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\filetypehelper.exe.vir Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\scandll.dll.vir Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\SSDPTstub.exe.vir Win32/Systweak.G evtl. unerwünschte Anwendung gelöscht
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.com.vir MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.exe.vir MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.pif.vir MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\Troubleshooter\asp-fixer.scr.vir MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\Troubleshooter\firefox.com.vir MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\Troubleshooter\iexplore.exe.vir MSIL/AdvancedSystemProtector.G evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\MyPC Backup\MPCBClient.dll.vir Variante von Win32/MyPCBackup.D evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\MyPC Backup\MyPC Backup.exe.vir Variante von MSIL/MyPCBackup.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\RegClean Pro\CleanSchedule.exe.vir Win32/Systweak.O evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\RegClean Pro\RCPUninstall.exe.vir Variante von Win32/Systweak.K evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\RegClean Pro\RegCleanPro.exe.vir Variante von Win32/Systweak evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Program Files\RegClean Pro\systweakasp.exe.vir MSIL/AdvancedSystemProtector.C evtl. unerwünschte Anwendung gelöscht
C:\AdwCleaner\Quarantine\C\Program Files\SupTab\DpInterface32.dll.vir Win32/Thinknice.B evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir Variante von Win32/Adware.Yontoo.B Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Users\XXXXX\AppData\Roaming\1H1Q\Open Office Packages\uninstaller.exe.vir Variante von Win32/InstallCore.AEO.gen evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Users\XXXXX\AppData\Roaming\OpenCandy\AC63CC4B443D43D4B6D9F4BC836FC1B5\sp-downloader.exe.vir Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Users\XXXXX\AppData\Roaming\sweet-page\UninstallManager.exe.vir Variante von Win32/ELEX.CP evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Users\XXXXX\AppData\Roaming\VOPackage\Uninstall.exe.vir Win32/Adware.ConvertAd.AQ Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Users\JURYMO~1\AppData\Local\Temp\OCS\ocs_v71b.exe.vir Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot.exe.vir Variante von Win32/Systweak.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Downloads\Windows Media Player - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Downloads\Software\download-audiograbber-mp3plugin.exe Variante von Win32/DownloadGuide.K evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Downloads\Software\download-audiograbber.exe Variante von Win32/DownloadGuide.K evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Users\XXXXX\AppData\Local\temp\DMR\dmr_72.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung Gesäubert durch Löschen
|
|
10.01.2016, 13:08
| #6 |
| /// Malwareteam | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, mach mal bitte das hier: Zustand der Festplatte herausfinden - so gehts - Anleitungen Das TDSS-Killer Log kannst du auch auf mehrere Posts aufteilen
__________________ --> Rechner total infiziert, zerschossen, hinüber, keine Ahnung. |
|
10.01.2016, 13:14
| #7 | |
| | Rechner total infiziert, zerschossen, hinüber, keine Ahnung.Zitat:
Festplatte Code:
ATTFilter ----------------------------------------------------------------------------
CrystalDiskInfo 6.6.1 (C) 2008-2015 hiyohiyo
Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Professional SP1 [6.1 Build 7601] (x86)
Date : 2016/01/10 13:11:32
-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- ST380817AS ATA Device
+ ATA Channel 1 (1) [ATA]
- HL-DT-ST DVD-ROM DH10N ATA Device
- WDC WD5000AAKS-07V0A0 ATA Device
+ Intel(R) 82801GB/GR/GH (ICH7 Familie) Serieller ATA-Speichercontroller - 27C0 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKS-07V0A0 : 500,1 GB [0/1/1, pd1] - wd
(2) ST380817AS : 80,0 GB [1/0/1, pd1] - st
----------------------------------------------------------------------------
(1) WDC WD5000AAKS-07V0A0
----------------------------------------------------------------------------
Model : WDC WD5000AAKS-07V0A0
Firmware : 05.01D05
Serial Number : WD-WMAWF1246153
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Unbekannt
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 13864 Std.
Power On Count : 3077 mal
Temperature : 31 C (87 F)
Health Status : Gut
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 8080h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Lesefehlerrate
03 142 141 _21 000000000F12 Mittlere Anlaufzeit
04 _97 _97 __0 000000000DF5 Start/Stopp-Zyklen der Spindel
05 200 200 140 000000000000 Wiederzugewiesene Sektoren
07 200 200 __0 000000000000 Suchfehler
09 _82 _82 __0 000000003628 Betriebsstunden
0A 100 100 __0 000000000000 Misslungene Spindelanläufe
0B 100 100 __0 000000000000 Nnotwendige Rekalibrierungen
0C _97 _97 __0 000000000C05 Geräte-Einschaltvorgänge
C0 200 200 __0 000000000087 Ausschaltungsabbrüche
C1 199 199 __0 000000000D6D Laden/Entladen-Zyklen
C2 112 _97 __0 00000000001F Temperatur
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse
C5 200 200 __0 000000000000 Aktuell ausstehende Sektoren
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 193 __0 000000000020 UltraDMA-CRC-Fehler
C8 200 200 __0 000000000000 Schreibfehlerrate
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4157 4631 3234 3631 3533
020: 0000 8000 0032 3035 2E30 3144 3035 5744 4320 5744
030: 3530 3030 4141 4B53 2D30 3756 3041 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BE41 4123 407F 0028
090: 0028 0000 FFFE 0000 8080 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE0
110: 571C 869B 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16EC 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 99A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8E 8D 12 0F 00 00 00 00 00 04 32 00 61 61 F5
020: 0D 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 52 52 28 36 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 61 61 05 0C 00 00 00 00 00 C0 32
070: 00 C8 C8 87 00 00 00 00 00 00 C1 32 00 C7 C7 6D
080: 0D 00 00 00 00 00 C2 22 00 70 61 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C1 20 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 2C 1F 01 7B
170: 03 00 01 00 02 5F 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C9
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D
----------------------------------------------------------------------------
(2) ST380817AS
----------------------------------------------------------------------------
Model : ST380817AS
Firmware : 3.42
Serial Number : 4MR03XSB
Disk Size : 80,0 GB (8,4/80,0/80,0/80,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 156301488
Rotation Rate : Unbekannt
Interface : Serial ATA
Major Version : ATA/ATAPI-6
Minor Version : ATA/ATAPI-6 T13 1410D version 2
Transfer Mode : ---- | SATA/150
Power On Hours : 15683 Std.
Power On Count : 6465 mal
Temperature : 31 C (87 F)
Health Status : Gut
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _62 _49 __6 0000033C9953 Lesefehlerrate
03 _98 _98 __0 000000000000 Mittlere Anlaufzeit
04 _96 _96 _20 0000000013E1 Start/Stopp-Zyklen der Spindel
05 100 100 _36 000000000000 Wiederzugewiesene Sektoren
07 _75 _60 _30 000001DFDA78 Suchfehler
09 _83 _83 __0 000000003D43 Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C _94 _94 _20 000000001941 Geräte-Einschaltvorgänge
C2 _31 _45 __0 00090000001F Temperatur
C3 _62 _49 __0 0000033C9953 Hardware-ECC wiederhergestellt
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 199 __0 000000000001 UltraDMA-CRC-Fehler
C8 100 253 __0 000000000000 Schreibfehlerrate
CA 100 253 __0 000000000000 Datenadressierungsfehler
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 344D 5230 3358 5342
020: 0000 4000 0004 332E 3432 2020 2020 5354 3338 3038
030: 3137 4153 2020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 001F 0102 0000 0000 0000
080: 007E 001B 346B 7D01 4003 3469 3C01 4003 407F 0000
090: 0000 FEFE FFFE 0000 FE00 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 F8B0
130: 0950 F8B0 0950 2020 0002 42B6 0000 008A 3C06 3C0A
140: 0000 07C6 0100 0800 0F78 1000 0002 0080 0000 0000
150: 0000 0002 0000 FE03 0050 0000 0000 0000 00A9 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 B7A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 3E 31 53 99 3C 03 00 00 00 03 03
010: 00 62 62 00 00 00 00 00 00 00 04 32 00 60 60 E1
020: 13 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 4B 3C 78 DA DF 01 00 00 00 09 32
040: 00 53 53 43 3D 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 5E 5E 41 19 00 00 00
060: 00 00 C2 22 00 1F 2D 1F 00 00 00 09 00 00 C3 1A
070: 00 3E 31 53 99 3C 03 00 00 00 C5 12 00 64 64 00
080: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
090: 00 00 C7 3E 00 C8 C7 01 00 00 00 00 00 00 C8 00
0A0: 00 64 FD 00 00 00 00 00 00 00 CA 32 00 64 FD 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 2F 00 00 00 00 00 00 00 00 00 00
180: 00 00 D2 4F 02 00 00 02 02 02 02 02 02 02 02 00
190: 00 00 00 00 00 00 00 01 C8 F9 1B 03 00 00 00 00
1A0: 00 00 FC D6 A6 7B 8D 02 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 C8 F9 1B 03 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 01 00 00 00 08 59 B0 87 03 00
1D0: 00 00 21 7A 88 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 12
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
070: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
080: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
090: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0A0: 00 00 00 00 00 00 00 00 00 00 CA 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89
[CODE] Code:
ATTFilter 13:02:12.0363 0x0d30 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:02:15.0331 0x0d30 ============================================================
13:02:15.0331 0x0d30 Current date / time: 2016/01/10 13:02:15.0331
13:02:15.0331 0x0d30 SystemInfo:
13:02:15.0331 0x0d30
13:02:15.0331 0x0d30 OS Version: 6.1.7601 ServicePack: 1.0
13:02:15.0331 0x0d30 Product type: Workstation
13:02:15.0331 0x0d30 ComputerName: KESSEL-PC
13:02:15.0331 0x0d30 UserName: Jury Moritz
13:02:15.0331 0x0d30 Windows directory: C:\Windows
13:02:15.0331 0x0d30 System windows directory: C:\Windows
13:02:15.0331 0x0d30 Processor architecture: Intel x86
13:02:15.0331 0x0d30 Number of processors: 2
13:02:15.0331 0x0d30 Page size: 0x1000
13:02:15.0331 0x0d30 Boot type: Normal boot
13:02:15.0331 0x0d30 ============================================================
13:02:17.0128 0x0d30 KLMD registered as C:\Windows\system32\drivers\74219898.sys
13:02:18.0060 0x0d30 System UUID: {1B801F01-7F91-53B0-38FC-443A0507975A}
13:02:18.0711 0x0d30 Drive \Device\Harddisk1\DR1 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:02:18.0711 0x0d30 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:02:18.0860 0x0d30 ============================================================
13:02:18.0860 0x0d30 \Device\Harddisk1\DR1:
13:02:18.0894 0x0d30 MBR partitions:
13:02:18.0894 0x0d30 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:02:18.0894 0x0d30 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800
13:02:18.0894 0x0d30 \Device\Harddisk0\DR0:
13:02:18.0894 0x0d30 MBR partitions:
13:02:18.0894 0x0d30 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
13:02:18.0894 0x0d30 ============================================================
13:02:19.0068 0x0d30 C: <-> \Device\Harddisk1\DR1\Partition2
13:02:19.0072 0x0d30 D: <-> \Device\Harddisk0\DR0\Partition1
13:02:19.0073 0x0d30 ============================================================
13:02:19.0073 0x0d30 Initialize success
13:02:19.0073 0x0d30 ============================================================
13:02:22.0721 0x065c ============================================================
13:02:22.0721 0x065c Scan started
13:02:22.0721 0x065c Mode: Manual; SigCheck; TDLFS;
13:02:22.0721 0x065c ============================================================
13:02:22.0721 0x065c KSN ping started
13:02:36.0355 0x065c KSN ping finished: true
13:02:38.0142 0x065c ================ Scan system memory ========================
13:02:38.0142 0x065c System memory - ok
13:02:38.0146 0x065c ================ Scan services =============================
13:02:38.0611 0x065c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:02:38.0713 0x065c 1394ohci - ok
13:02:38.0859 0x065c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:02:38.0898 0x065c ACPI - ok
13:02:38.0964 0x065c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:02:39.0024 0x065c AcpiPmi - ok
13:02:39.0120 0x065c [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:02:39.0140 0x065c AdobeFlashPlayerUpdateSvc - ok
13:02:39.0223 0x065c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:02:39.0264 0x065c adp94xx - ok
13:02:39.0303 0x065c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:02:39.0336 0x065c adpahci - ok
13:02:39.0360 0x065c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:02:39.0387 0x065c adpu320 - ok
13:02:39.0426 0x065c [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:02:39.0443 0x065c AeLookupSvc - ok
13:02:39.0487 0x065c [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
13:02:39.0539 0x065c AFD - ok
13:02:39.0560 0x065c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:02:39.0583 0x065c agp440 - ok
13:02:39.0617 0x065c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:02:39.0641 0x065c aic78xx - ok
13:02:39.0718 0x065c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
13:02:39.0734 0x065c ALG - ok
13:02:39.0757 0x065c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
13:02:39.0779 0x065c aliide - ok
13:02:39.0796 0x065c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:02:39.0823 0x065c amdagp - ok
13:02:39.0851 0x065c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
13:02:39.0875 0x065c amdide - ok
13:02:39.0903 0x065c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:02:39.0931 0x065c AmdK8 - ok
13:02:39.0953 0x065c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:02:39.0982 0x065c AmdPPM - ok
13:02:40.0049 0x065c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:02:40.0078 0x065c amdsata - ok
13:02:40.0145 0x065c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:02:40.0182 0x065c amdsbs - ok
13:02:40.0243 0x065c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:02:40.0266 0x065c amdxata - ok
13:02:40.0330 0x065c AntiVirSchedulerService - ok
13:02:40.0376 0x065c AntiVirService - ok
13:02:40.0403 0x065c AntiVirWebService - ok
13:02:40.0439 0x065c [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID C:\Windows\system32\drivers\appid.sys
13:02:40.0490 0x065c AppID - ok
13:02:40.0560 0x065c [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:02:40.0575 0x065c AppIDSvc - ok
13:02:40.0626 0x065c [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll
13:02:40.0642 0x065c Appinfo - ok
13:02:40.0711 0x065c [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:02:40.0730 0x065c AppMgmt - ok
13:02:40.0766 0x065c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:02:40.0793 0x065c arc - ok
13:02:40.0826 0x065c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:02:40.0853 0x065c arcsas - ok
13:02:41.0373 0x065c [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:02:41.0391 0x065c aspnet_state - ok
13:02:41.0459 0x065c [ 7E31ED7D09D591DDD04B3C1BDE31A631, 49253C254F552BF390480705DFF607534C15793FE9747F008970321F4C3A290F ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
13:02:41.0477 0x065c aswHwid - ok
13:02:41.0514 0x065c [ D522080F0AD8AEB0D51CEABE4AE71AFB, AA8D2BD9D34C933BDD3E18E3194BF36D49FD1E0EF6F246FBBD11767BC8B27056 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:02:41.0538 0x065c aswMonFlt - ok
13:02:41.0570 0x065c [ 1E481F7BDA311259C180EA99B5BD8585, 663733A454E8AD782EDF768C50B0C07BF31E93919FC6E145D320E2CB136C33DA ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
13:02:41.0595 0x065c aswRdr - ok
13:02:41.0645 0x065c [ F47C251FAFCB1785849A3C54A8EDA56B, 6A8577244C5D134154120A6EE4B313301A384B578EE7FE11713CF29003A3669B ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
13:02:41.0663 0x065c aswRvrt - ok
13:02:41.0720 0x065c [ B9A9BE793A4BFA49120C321A6B0045D9, 4CBB768FE2F604C1ADD4883B299ECB6ECCCD5980C4116554316D389C0261D20E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:02:41.0778 0x065c aswSnx - ok
13:02:41.0882 0x065c [ 67527C8C4041FAFBF4DC51A6DD88B479, BEAB64D76E136EB722F8CA4673E446BAE499D7B9EA24393E9672CFEBD956789A ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:02:41.0905 0x065c aswSP - ok
13:02:41.0940 0x065c [ B9A86D39229010342E434FFAF836AC6C, FAB505E50F744294A40A1F11FCCEAF96299D3858E4E2FA68A03277C6246EC4A9 ] aswStm C:\Windows\system32\drivers\aswStm.sys
13:02:41.0955 0x065c aswStm - ok
13:02:42.0009 0x065c [ 7358232E267C175061775FF258558D67, 65E1DBC05643B4298A6F45F5F0C58EE65303BF61B8A84E85E4F69EA2C1744D4C ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
13:02:42.0029 0x065c aswVmm - ok
13:02:42.0055 0x065c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:02:42.0093 0x065c AsyncMac - ok
13:02:42.0165 0x065c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
13:02:42.0189 0x065c atapi - ok
13:02:42.0232 0x065c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:02:42.0261 0x065c AudioEndpointBuilder - ok
13:02:42.0290 0x065c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:02:42.0319 0x065c Audiosrv - ok
13:02:42.0471 0x065c [ 11120878E5276B367E1A10FF8C9B595B, 7C02EEF3733307C31BAC4DA9975EC017AC40D0893D88228C30FFAA536DAA73FB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:02:42.0487 0x065c avast! Antivirus - ok
13:02:43.0025 0x065c [ 5240A6EF7387964F2DA24A60FAAA5FB0, D4FF51880A46EE3034A2C5519A9A504694480503A35491B7CF4227FD9D5575B6 ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
13:02:43.0126 0x065c AvastVBoxSvc - ok
13:02:43.0223 0x065c [ B8C10FF9369394EB84993F331810CF29, 84D674EF4FB73FD9D1539DFCC52361C2FBAFD5A2DEF1FFF4F1F416721AA80F85 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:02:43.0248 0x065c avgntflt - ok
13:02:43.0291 0x065c [ 4189E5AB2CAD6F395D87DAAE73EB090F, 8A98667451F0A9E81204BC9DD34B7BDA147FB867F0969361ED6F9C0CD422E49C ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:02:43.0318 0x065c avipbb - ok
13:02:43.0360 0x065c [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:02:43.0384 0x065c avkmgr - ok
13:02:43.0412 0x065c [ 444E1CF85DD54019DC6CBB73C0875728, DC0BC6EDE0E81E7F062C173F6D6B22B207504CF5274F88ABEB3FA521E4A51E01 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
13:02:43.0435 0x065c avnetflt - ok
13:02:43.0462 0x065c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:02:43.0481 0x065c AxInstSV - ok
13:02:43.0519 0x065c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:02:43.0567 0x065c b06bdrv - ok
13:02:43.0586 0x065c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:02:43.0618 0x065c b57nd60x - ok
13:02:43.0696 0x065c [ B172E759651C4FBD77C009F8E1571EB3, BB10525DB83947B32D7543728F4059BFB26C745953D32BBD49F51474D880A472 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
13:02:43.0766 0x065c BCMH43XX - ok
13:02:43.0791 0x065c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
13:02:43.0807 0x065c BDESVC - ok
13:02:43.0820 0x065c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
13:02:43.0856 0x065c Beep - ok
13:02:43.0894 0x065c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
13:02:43.0921 0x065c BFE - ok
13:02:43.0967 0x065c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
13:02:44.0022 0x065c BITS - ok
13:02:44.0043 0x065c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:02:44.0070 0x065c blbdrive - ok
13:02:44.0093 0x065c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:02:44.0119 0x065c bowser - ok
13:02:44.0146 0x065c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:02:44.0170 0x065c BrFiltLo - ok
13:02:44.0186 0x065c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:02:44.0202 0x065c BrFiltUp - ok
13:02:44.0249 0x065c [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:02:44.0277 0x1794 Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
13:02:44.0294 0x065c BridgeMP - ok
13:02:44.0325 0x065c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
13:02:44.0355 0x065c Browser - ok
13:02:44.0376 0x065c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:02:44.0397 0x065c Brserid - ok
13:02:44.0404 0x065c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:02:44.0422 0x065c BrSerWdm - ok
13:02:44.0438 0x065c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:02:44.0454 0x065c BrUsbMdm - ok
13:02:44.0470 0x065c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:02:44.0488 0x065c BrUsbSer - ok
13:02:44.0496 0x065c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:02:44.0523 0x065c BTHMODEM - ok
13:02:44.0556 0x065c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
13:02:44.0590 0x065c bthserv - ok
13:02:44.0635 0x065c catchme - ok
13:02:44.0651 0x065c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:02:44.0689 0x065c cdfs - ok
13:02:44.0723 0x065c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:02:44.0753 0x065c cdrom - ok
13:02:44.0793 0x065c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
13:02:44.0820 0x065c CertPropSvc - ok
13:02:44.0846 0x065c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:02:44.0873 0x065c circlass - ok
13:02:44.0908 0x065c [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
13:02:44.0940 0x065c CLFS - ok
13:02:44.0991 0x065c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:02:45.0006 0x065c clr_optimization_v2.0.50727_32 - ok
13:02:45.0033 0x065c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:02:45.0053 0x065c clr_optimization_v4.0.30319_32 - ok
13:02:45.0098 0x065c [ 0187042EA17404BD54E903CB3A8B0C10, 8E62E5E282E7F4FB288D6D0787317FF15D08922596D0256F019462D52843EBE8 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
13:02:45.0110 0x065c clwvd - ok
13:02:45.0136 0x065c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:02:45.0151 0x065c CmBatt - ok
13:02:45.0173 0x065c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:02:45.0195 0x065c cmdide - ok
13:02:45.0284 0x065c [ 48CA0EF55ECA320EF7862B75B91662FE, 5A3B6EAEC2AA8BF5758FBCFE7D0BA839216215E714966B401C4DE121CE7C738F ] cmuda3 C:\Windows\system32\drivers\cmudax3.sys
13:02:45.0380 0x065c cmuda3 - detected UnsignedFile.Multi.Generic ( 1 )
13:02:46.0836 0x1798 Object required for P2P: [ 11120878E5276B367E1A10FF8C9B595B ] avast! Antivirus
13:02:47.0028 0x1794 Object send P2P result: true
13:02:48.0032 0x065c Detect skipped due to KSN trusted
13:02:48.0032 0x065c cmuda3 - ok
13:02:48.0067 0x065c [ F516F1167EFBBC5ABC90687C94497869, AD650D56241533439419EA00236ABE14AB6E50B768620211D1A44047A9FA14EC ] CNG C:\Windows\system32\Drivers\cng.sys
13:02:48.0106 0x065c CNG - ok
13:02:48.0122 0x065c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:02:48.0146 0x065c Compbatt - ok
13:02:48.0174 0x065c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:02:48.0200 0x065c CompositeBus - ok
13:02:48.0205 0x065c COMSysApp - ok
13:02:48.0223 0x065c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:02:48.0246 0x065c crcdisk - ok
13:02:48.0264 0x065c [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:02:48.0289 0x065c CryptSvc - ok
13:02:48.0322 0x065c [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
13:02:48.0377 0x065c CSC - ok
13:02:48.0410 0x065c [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
13:02:48.0437 0x065c CscService - ok
13:02:48.0464 0x065c [ 5E0C1B51629DF668376DEBB70363ED4E, A4F8CC25D57594F69854660A14714364E7975F662F83F001979B481F34402438 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
13:02:48.0478 0x065c dc3d - ok
13:02:48.0532 0x065c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
13:02:48.0570 0x065c DcomLaunch - ok
13:02:48.0602 0x065c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
13:02:48.0635 0x065c defragsvc - ok
13:02:48.0656 0x065c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:02:48.0693 0x065c DfsC - ok
13:02:48.0728 0x065c dgderdrv - ok
13:02:48.0764 0x065c [ 7A5FB3E4E0D77740D56E516EE6B2DC2B, 5B4636EC04903D2E512AC8FB98A484F7CEBE4EE0A081CF897CD13E8491C0D8CC ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
13:02:48.0778 0x065c dg_ssudbus - ok
13:02:48.0811 0x065c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:02:48.0838 0x065c Dhcp - ok
13:02:48.0863 0x065c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
13:02:48.0900 0x065c discache - ok
13:02:48.0919 0x065c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:02:48.0943 0x065c Disk - ok
13:02:48.0974 0x065c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:02:48.0993 0x065c Dnscache - ok
13:02:49.0021 0x065c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
13:02:49.0053 0x065c dot3svc - ok
13:02:49.0076 0x065c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
13:02:49.0106 0x065c DPS - ok
13:02:49.0129 0x065c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:02:49.0160 0x065c drmkaud - ok
13:02:49.0201 0x065c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:02:49.0251 0x065c DXGKrnl - ok
13:02:49.0286 0x065c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
13:02:49.0319 0x065c EapHost - ok
13:02:49.0451 0x065c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:02:49.0598 0x065c ebdrv - ok
13:02:49.0632 0x065c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] EFS C:\Windows\System32\lsass.exe
13:02:49.0649 0x065c EFS - ok
13:02:49.0714 0x065c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:02:49.0742 0x065c ehRecvr - ok
13:02:49.0792 0x1798 Object send P2P result: true
13:02:49.0812 0x065c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
13:02:49.0829 0x065c ehSched - ok
13:02:49.0846 0x065c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:02:49.0884 0x065c elxstor - ok
13:02:49.0912 0x065c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:02:49.0937 0x065c ErrDev - ok
13:02:49.0989 0x065c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
13:02:50.0028 0x065c EventSystem - ok
13:02:50.0037 0x065c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
13:02:50.0081 0x065c exfat - ok
13:02:50.0096 0x065c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:02:50.0140 0x065c fastfat - ok
13:02:50.0180 0x065c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
13:02:50.0221 0x065c Fax - ok
13:02:50.0260 0x065c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:02:50.0285 0x065c fdc - ok
13:02:50.0301 0x065c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
13:02:50.0330 0x065c fdPHost - ok
13:02:50.0346 0x065c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
13:02:50.0374 0x065c FDResPub - ok
13:02:50.0388 0x065c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:02:50.0412 0x065c FileInfo - ok
13:02:50.0418 0x065c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:02:50.0456 0x065c Filetrace - ok
13:02:50.0468 0x065c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:02:50.0492 0x065c flpydisk - ok
13:02:50.0518 0x065c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:02:50.0553 0x065c FltMgr - ok
13:02:50.0611 0x065c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
13:02:50.0677 0x065c FontCache - ok
13:02:50.0729 0x065c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:02:50.0742 0x065c FontCache3.0.0.0 - ok
13:02:50.0757 0x065c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:02:50.0781 0x065c FsDepends - ok
13:02:50.0801 0x065c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:02:50.0825 0x065c Fs_Rec - ok
13:02:50.0860 0x065c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:02:50.0894 0x065c fvevol - ok
13:02:50.0913 0x065c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:02:50.0936 0x065c gagp30kx - ok
13:02:50.0973 0x065c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
13:02:51.0018 0x065c gpsvc - ok
13:02:51.0093 0x065c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:02:51.0107 0x065c gupdate - ok
13:02:51.0114 0x065c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:02:51.0125 0x065c gupdatem - ok
13:02:51.0132 0x065c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:02:51.0166 0x065c hcw85cir - ok
13:02:51.0190 0x065c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:02:51.0229 0x065c HdAudAddService - ok
13:02:51.0248 0x065c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:02:51.0278 0x065c HDAudBus - ok
13:02:51.0285 0x065c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:02:51.0309 0x065c HidBatt - ok
13:02:51.0326 0x065c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:02:51.0355 0x065c HidBth - ok
13:02:51.0361 0x065c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:02:51.0392 0x065c HidIr - ok
13:02:51.0413 0x065c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
13:02:51.0448 0x065c hidserv - ok
13:02:51.0470 0x065c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:02:51.0494 0x065c HidUsb - ok
13:02:51.0514 0x065c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
13:02:51.0546 0x065c hkmsvc - ok
13:02:51.0583 0x065c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:02:51.0620 0x065c HomeGroupListener - ok
13:02:51.0650 0x065c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:02:51.0674 0x065c HomeGroupProvider - ok
13:02:51.0695 0x065c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:02:51.0719 0x065c HpSAMD - ok
13:02:51.0756 0x065c [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:02:51.0814 0x065c HTTP - ok
13:02:51.0834 0x065c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:02:51.0858 0x065c hwpolicy - ok
13:02:51.0878 0x065c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:02:51.0911 0x065c i8042prt - ok
13:02:51.0936 0x065c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:02:51.0973 0x065c iaStorV - ok
13:02:52.0074 0x065c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:02:52.0081 0x065c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:02:54.0724 0x065c Detect skipped due to KSN trusted
13:02:54.0724 0x065c IDriverT - ok
13:02:54.0804 0x065c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:02:54.0859 0x065c idsvc - ok
13:02:54.0895 0x065c IEEtwCollectorService - ok
13:02:54.0931 0x065c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:02:54.0954 0x065c iirsp - ok
13:02:55.0001 0x065c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
13:02:55.0043 0x065c IKEEXT - ok
13:02:55.0073 0x065c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
13:02:55.0095 0x065c intelide - ok
13:02:55.0111 0x065c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:02:55.0138 0x065c intelppm - ok
13:02:55.0166 0x065c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:02:55.0199 0x065c IPBusEnum - ok
13:02:55.0207 0x065c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:02:55.0248 0x065c IpFilterDriver - ok
13:02:55.0288 0x065c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:02:55.0320 0x065c iphlpsvc - ok
13:02:55.0338 0x065c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:02:55.0365 0x065c IPMIDRV - ok
13:02:55.0373 0x065c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:02:55.0414 0x065c IPNAT - ok
13:02:55.0430 0x065c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:02:55.0457 0x065c IRENUM - ok
13:02:55.0464 0x065c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:02:55.0488 0x065c isapnp - ok
13:02:55.0524 0x065c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:02:55.0559 0x065c iScsiPrt - ok
13:02:55.0588 0x065c [ C4C95805B85BCE1EB9D20F4A02FC5F9B, 0ED6A3004B0C5020223C2E1F70B7590C6772D5B272A0033679BC610E21EAE670 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
13:02:55.0622 0x065c k57nd60x - ok
13:02:55.0643 0x065c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:02:55.0667 0x065c kbdclass - ok
13:02:55.0686 0x065c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:02:55.0710 0x065c kbdhid - ok
13:02:55.0726 0x065c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] KeyIso C:\Windows\system32\lsass.exe
13:02:55.0745 0x065c KeyIso - ok
13:02:55.0762 0x065c [ EF88BAC2B489D9C46F4E41ACF0219CD0, BF0FAF51BB6D0E588E53E483EF48D8D96B33544113892CC723CDEFAE7E5FB97A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:02:55.0788 0x065c KSecDD - ok
13:02:55.0806 0x065c [ 49D70660EE8266988C1F99A0297A1430, D17B7A3118DB42358DEA80D8A21C5F1B0CC33BF74F6570676D4708B36BB91FD4 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:02:55.0834 0x065c KSecPkg - ok
13:02:55.0873 0x065c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:02:55.0917 0x065c KtmRm - ok
13:02:55.0939 0x065c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
13:02:55.0975 0x065c LanmanServer - ok
13:02:56.0000 0x065c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:02:56.0033 0x065c LanmanWorkstation - ok
13:02:56.0056 0x065c [ E2F1DCF4A68CC6CF694FBFBA1842F4CD, E0BB3DBBBDDC7613003389FDD94F295F5D7BE10F9B1F3E62CA59A764E26E6C3B ] libusb0 C:\Windows\system32\drivers\libusb0.sys
13:02:56.0063 0x065c libusb0 - detected UnsignedFile.Multi.Generic ( 1 )
13:02:58.0700 0x065c Detect skipped due to KSN trusted
13:02:58.0700 0x065c libusb0 - ok
13:02:58.0722 0x065c [ 8B4B572753419FE601220526205F9455, F83D5E790017D1E7E9F48C0EDC04F051AE96C043C23A51A5F7ECDE8318598065 ] libusbd C:\Windows\system32\libusbd-nt.exe
13:02:58.0729 0x065c libusbd - detected UnsignedFile.Multi.Generic ( 1 )
13:03:01.0382 0x065c Detect skipped due to KSN trusted
13:03:01.0382 0x065c libusbd - ok
13:03:01.0397 0x065c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:03:01.0451 0x065c lltdio - ok
13:03:01.0482 0x065c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:03:01.0523 0x065c lltdsvc - ok
13:03:01.0530 0x065c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:03:01.0559 0x065c lmhosts - ok
13:03:01.0580 0x065c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:03:01.0604 0x065c LSI_FC - ok
13:03:01.0617 0x065c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:03:01.0642 0x065c LSI_SAS - ok
13:03:01.0649 0x065c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:03:01.0673 0x065c LSI_SAS2 - ok
13:03:01.0681 0x065c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:03:01.0706 0x065c LSI_SCSI - ok
13:03:01.0726 0x065c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
13:03:01.0768 0x065c luafv - ok
13:03:01.0827 0x065c [ 40C7F4B63337414F967AC53E0520B06B, 1E42F17F17B8BF748EFB15112EDA2DBD76761A011673B654020084AEC02089F1 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:03:01.0852 0x065c MBAMProtector - ok
13:03:01.0993 0x065c [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:03:02.0073 0x065c MBAMService - ok
13:03:02.0135 0x065c [ 63254775FE0F974F5316B4EC3F163038, 05C83C2A8C29075C25E506AA4554906096320DF5517EE550724A1DE35A7A5206 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:03:02.0169 0x065c MBAMWebAccessControl - ok
13:03:02.0200 0x065c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:03:02.0225 0x065c Mcx2Svc - ok
13:03:02.0251 0x065c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:03:02.0276 0x065c megasas - ok
13:03:02.0291 0x065c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:03:02.0336 0x065c MegaSR - ok
13:03:02.0360 0x065c MEMSWEEP2 - ok
13:03:02.0394 0x065c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
13:03:02.0429 0x065c MMCSS - ok
13:03:02.0435 0x065c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
13:03:02.0486 0x065c Modem - ok
13:03:02.0505 0x065c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:03:02.0546 0x065c monitor - ok
13:03:02.0565 0x065c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:03:02.0604 0x065c mouclass - ok
13:03:02.0630 0x065c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:03:02.0658 0x065c mouhid - ok
13:03:02.0698 0x065c [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:03:02.0724 0x065c mountmgr - ok
13:03:02.0775 0x065c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
13:03:02.0808 0x065c mpio - ok
13:03:02.0828 0x065c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:03:02.0873 0x065c mpsdrv - ok
13:03:02.0932 0x065c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:03:03.0012 0x065c MpsSvc - ok
13:03:03.0034 0x065c [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:03:03.0088 0x065c MRxDAV - ok
13:03:03.0114 0x065c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:03:03.0232 0x065c mrxsmb - ok
13:03:03.0262 0x065c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:03:03.0302 0x065c mrxsmb10 - ok
13:03:03.0318 0x065c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:03:03.0352 0x065c mrxsmb20 - ok
13:03:03.0379 0x065c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
13:03:03.0407 0x065c msahci - ok
13:03:03.0426 0x065c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:03:03.0457 0x065c msdsm - ok
13:03:03.0482 0x065c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
13:03:03.0507 0x065c MSDTC - ok
13:03:03.0529 0x065c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:03:03.0580 0x065c Msfs - ok
13:03:03.0606 0x065c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:03:03.0637 0x065c mshidkmdf - ok
13:03:03.0691 0x065c [ 956741C67ABAA78B19AADC5474936842, 8D0B04E0E03CFF5A004500C8587BDD3C4E7FFACA552CC90C193CAE16F36A96E3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
13:03:03.0727 0x065c MSHUSBVideo - ok
13:03:03.0760 0x065c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:03:03.0783 0x065c msisadrv - ok
13:03:03.0811 0x065c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:03:03.0842 0x065c MSiSCSI - ok
13:03:03.0848 0x065c msiserver - ok
13:03:03.0879 0x065c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:03:03.0907 0x065c MSKSSRV - ok
13:03:03.0930 0x065c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:03:03.0958 0x065c MSPCLOCK - ok
13:03:03.0973 0x065c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:03:04.0002 0x065c MSPQM - ok
13:03:04.0022 0x065c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:03:04.0054 0x065c MsRPC - ok
13:03:04.0083 0x065c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:03:04.0106 0x065c mssmbios - ok
13:03:04.0119 0x065c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:03:04.0149 0x065c MSTEE - ok
13:03:04.0165 0x065c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:03:04.0191 0x065c MTConfig - ok
13:03:04.0210 0x065c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
13:03:04.0233 0x065c Mup - ok
13:03:04.0266 0x065c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
13:03:04.0303 0x065c napagent - ok
13:03:04.0350 0x065c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:03:04.0399 0x065c NativeWifiP - ok
13:03:04.0456 0x065c [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:03:04.0542 0x065c NDIS - ok
13:03:04.0560 0x065c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:03:04.0601 0x065c NdisCap - ok
13:03:04.0613 0x065c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:03:04.0658 0x065c NdisTapi - ok
13:03:04.0696 0x065c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:03:04.0740 0x065c Ndisuio - ok
13:03:04.0764 0x065c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:03:04.0810 0x065c NdisWan - ok
13:03:04.0839 0x065c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:03:04.0880 0x065c NDProxy - ok
13:03:04.0909 0x065c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:03:04.0952 0x065c NetBIOS - ok
13:03:04.0990 0x065c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:03:05.0053 0x065c NetBT - ok
13:03:05.0069 0x065c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] Netlogon C:\Windows\system32\lsass.exe
13:03:05.0094 0x065c Netlogon - ok
13:03:05.0126 0x065c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
13:03:05.0173 0x065c Netman - ok
13:03:05.0207 0x065c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:03:05.0228 0x065c NetMsmqActivator - ok
13:03:05.0243 0x065c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:03:05.0260 0x065c NetPipeActivator - ok
13:03:05.0291 0x065c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
13:03:05.0334 0x065c netprofm - ok
13:03:05.0349 0x065c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:03:05.0373 0x065c NetTcpActivator - ok
13:03:05.0387 0x065c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:03:05.0407 0x065c NetTcpPortSharing - ok
13:03:05.0451 0x065c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:03:05.0481 0x065c nfrd960 - ok
13:03:05.0574 0x065c [ B06110733A2CCD49A3A5AFB6624F299E, 264AE7743D80B337ABCA785A7A7C69ADC84F4D0D6A5F5441FBF79AC9687A01C1 ] ngvss C:\Windows\system32\drivers\ngvss.sys
13:03:05.0602 0x065c ngvss - ok
13:03:05.0640 0x065c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:03:05.0671 0x065c NlaSvc - ok
13:03:05.0714 0x065c [ B9730495E0CF674680121E34BD95A73B, 1A3DD943B0EEA19A676175825CB135825ECF41404B59349AC9B1E6D137FA9B46 ] NPF C:\Windows\system32\DRIVERS\npf.sys
13:03:05.0740 0x065c NPF - ok
13:03:05.0798 0x065c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:03:05.0838 0x065c Npfs - ok
13:03:05.0858 0x065c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
13:03:05.0890 0x065c nsi - ok
13:03:05.0903 0x065c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:03:05.0940 0x065c nsiproxy - ok
13:03:06.0035 0x065c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:03:06.0136 0x065c Ntfs - ok
13:03:06.0151 0x065c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
13:03:06.0188 0x065c Null - ok
13:03:06.0221 0x065c [ FBEC0FD36ED61EFEE1E3063281EAB984, AE4BC81897FDDE6EBEE7A9A3C9252A8E454B80831A853F9D1DCC0C2F8FA7DAAC ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
13:03:06.0248 0x065c NVHDA - ok
13:03:06.0693 0x065c [ 8E3BD4ED84EEF035B1AF3F90141D13D1, 764C700D9C08548225B1F0CD978265976B9CE65F20931970B69B2953CD00B611 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:03:06.0984 0x065c nvlddmkm - ok
13:03:07.0128 0x065c [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
13:03:07.0177 0x065c NvNetworkService - ok
13:03:07.0206 0x065c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:03:07.0245 0x065c nvraid - ok
13:03:07.0262 0x065c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:03:07.0293 0x065c nvstor - ok
13:03:08.0094 0x065c [ DA09A1DAEBD38226C0CB22BA8D967F63, 55654C3D4D96185E5754DE63C08D40FA6CB46FAECBAACA6CEAB0F48E643C392C ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
13:03:08.0784 0x065c NvStreamSvc - ok
13:03:08.0892 0x065c [ 7A50B5448C45C0BEBFCF0E6481ABD73F, 6890320DD8DC9A58F845D6C6E058858F4651067B62E25AEED9F94436F10A4EA1 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:03:08.0922 0x065c nvsvc - ok
13:03:08.0976 0x065c [ D230D757C084FB8D7BC4936E3D6334B8, 28F6416C2C8B174F388B42F7951E2D35B42EA5443DC9A89A016FCDE8A3D57F4A ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
13:03:09.0002 0x065c nvvad_WaveExtensible - ok
13:03:09.0038 0x065c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:03:09.0071 0x065c nv_agp - ok
13:03:09.0087 0x065c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:03:09.0109 0x065c ohci1394 - ok
13:03:09.0144 0x065c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:03:09.0161 0x065c ose - ok
13:03:09.0200 0x065c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:03:09.0226 0x065c p2pimsvc - ok
13:03:09.0246 0x065c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
13:03:09.0273 0x065c p2psvc - ok
13:03:09.0302 0x065c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:03:09.0331 0x065c Parport - ok
13:03:09.0355 0x065c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:03:09.0380 0x065c partmgr - ok
13:03:09.0400 0x065c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:03:09.0424 0x065c Parvdm - ok
13:03:09.0455 0x065c [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
13:03:09.0500 0x065c PcaSvc - ok
13:03:09.0543 0x065c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
13:03:09.0577 0x065c pci - ok
13:03:09.0601 0x065c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
13:03:09.0628 0x065c pciide - ok
13:03:09.0670 0x065c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:03:09.0733 0x065c pcmcia - ok
13:03:09.0750 0x065c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
13:03:09.0777 0x065c pcw - ok
13:03:09.0825 0x065c [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:03:10.0071 0x065c PEAUTH - ok
13:03:10.0156 0x065c [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:03:10.0256 0x065c PeerDistSvc - ok
13:03:10.0353 0x065c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
13:03:10.0456 0x065c pla - ok
13:03:10.0516 0x065c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:03:10.0553 0x065c PlugPlay - ok
13:03:10.0578 0x065c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:03:10.0598 0x065c PNRPAutoReg - ok
13:03:10.0628 0x065c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:03:10.0653 0x065c PNRPsvc - ok
13:03:10.0679 0x065c [ E1BDA4A545CB54889CC24DF72A024E75, D7A005CAE89485ED3FE805A84F6A578BFFE6483D30B9C8E1732C5F41832D48CA ] Point32 C:\Windows\system32\DRIVERS\point32.sys
13:03:10.0704 0x065c Point32 - ok
13:03:10.0735 0x065c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:03:10.0774 0x065c PolicyAgent - ok
13:03:10.0811 0x065c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
13:03:10.0865 0x065c Power - ok
13:03:10.0900 0x065c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:03:10.0968 0x065c PptpMiniport - ok
13:03:10.0988 0x065c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:03:11.0021 0x065c Processor - ok
13:03:11.0077 0x065c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
13:03:11.0113 0x065c ProfSvc - ok
13:03:11.0129 0x065c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:03:11.0145 0x065c ProtectedStorage - ok
13:03:11.0166 0x065c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:03:11.0208 0x065c Psched - ok
13:03:11.0214 0x065c PxHelp20 - ok
13:03:11.0288 0x065c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:03:11.0372 0x065c ql2300 - ok
13:03:11.0386 0x065c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:03:11.0419 0x065c ql40xx - ok
13:03:11.0443 0x065c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
13:03:11.0475 0x065c QWAVE - ok
13:03:11.0489 0x065c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:03:11.0518 0x065c QWAVEdrv - ok
13:03:11.0531 0x065c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:03:11.0567 0x065c RasAcd - ok
13:03:11.0593 0x065c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:03:11.0635 0x065c RasAgileVpn - ok
13:03:11.0657 0x065c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
13:03:11.0693 0x065c RasAuto - ok
13:03:11.0719 0x065c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:03:11.0762 0x065c Rasl2tp - ok
13:03:11.0801 0x065c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
13:03:11.0854 0x065c RasMan - ok
13:03:11.0873 0x065c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:03:11.0913 0x065c RasPppoe - ok
13:03:11.0929 0x065c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:03:11.0974 0x065c RasSstp - ok
13:03:12.0012 0x065c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:03:12.0073 0x065c rdbss - ok
13:03:12.0087 0x065c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:03:12.0116 0x065c rdpbus - ok
13:03:12.0149 0x065c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:03:12.0189 0x065c RDPCDD - ok
13:03:12.0219 0x065c [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:03:12.0250 0x065c RDPDR - ok
13:03:12.0257 0x065c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:03:12.0296 0x065c RDPENCDD - ok
13:03:12.0314 0x065c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:03:12.0352 0x065c RDPREFMP - ok
13:03:12.0450 0x065c [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:03:12.0488 0x065c RdpVideoMiniport - ok
13:03:12.0527 0x065c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:03:12.0563 0x065c RDPWD - ok
13:03:12.0606 0x065c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:03:12.0641 0x065c rdyboost - ok
13:03:12.0702 0x065c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:03:12.0735 0x065c RemoteAccess - ok
13:03:12.0763 0x065c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:03:12.0799 0x065c RemoteRegistry - ok
13:03:12.0823 0x065c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:03:12.0857 0x065c RpcEptMapper - ok
13:03:12.0918 0x065c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
13:03:12.0982 0x065c RpcLocator - ok
13:03:13.0051 0x065c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
13:03:13.0095 0x065c RpcSs - ok
13:03:13.0127 0x065c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:03:13.0165 0x065c rspndr - ok
13:03:13.0195 0x065c [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:03:13.0232 0x065c s3cap - ok
13:03:13.0249 0x065c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] SamSs C:\Windows\system32\lsass.exe
13:03:13.0266 0x065c SamSs - ok
13:03:13.0284 0x065c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:03:13.0309 0x065c sbp2port - ok
13:03:13.0345 0x065c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:03:13.0379 0x065c SCardSvr - ok
13:03:13.0398 0x065c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:03:13.0449 0x065c scfilter - ok
13:03:13.0500 0x065c [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll
13:03:13.0551 0x065c Schedule - ok
13:03:13.0609 0x065c [ 46FB343BA8538009D5A24B110E8C7724, E0336D0DD72EA7728917FD7C788BF49C9E8675544E87DF9CACC5B30D988404CA ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
13:03:13.0629 0x065c SCMNdisP - ok
13:03:13.0644 0x065c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:03:13.0672 0x065c SCPolicySvc - ok
13:03:13.0698 0x065c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:03:13.0721 0x065c SDRSVC - ok
13:03:13.0744 0x065c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:03:13.0782 0x065c secdrv - ok
13:03:13.0802 0x065c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
13:03:13.0834 0x065c seclogon - ok
13:03:13.0853 0x065c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
13:03:13.0885 0x065c SENS - ok
13:03:13.0914 0x065c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:03:13.0940 0x065c SensrSvc - ok
13:03:13.0955 0x065c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:03:13.0982 0x065c Serenum - ok
13:03:13.0998 0x065c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:03:14.0025 0x065c Serial - ok
13:03:14.0054 0x065c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:03:14.0079 0x065c sermouse - ok
13:03:14.0122 0x065c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
13:03:14.0155 0x065c SessionEnv - ok
13:03:14.0186 0x065c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:03:14.0212 0x065c sffdisk - ok
13:03:14.0238 0x065c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:03:14.0264 0x065c sffp_mmc - ok
13:03:14.0288 0x065c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:03:14.0313 0x065c sffp_sd - ok
13:03:14.0340 0x065c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:03:14.0363 0x065c sfloppy - ok
13:03:14.0397 0x065c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:03:14.0436 0x065c SharedAccess - ok
13:03:14.0497 0x065c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:03:14.0539 0x065c ShellHWDetection - ok
13:03:14.0570 0x065c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:03:14.0595 0x065c sisagp - ok
13:03:14.0603 0x065c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:03:14.0627 0x065c SiSRaid2 - ok
13:03:14.0636 0x065c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:03:14.0663 0x065c SiSRaid4 - ok
13:03:14.0672 0x065c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:03:14.0711 0x065c Smb - ok
13:03:14.0753 0x065c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:03:14.0772 0x065c SNMPTRAP - ok
13:03:14.0785 0x065c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
13:03:14.0807 0x065c spldr - ok
13:03:14.0849 0x065c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
13:03:14.0882 0x065c Spooler - ok
13:03:15.0023 0x065c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
13:03:15.0172 0x065c sppsvc - ok
13:03:15.0207 0x065c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:03:15.0238 0x065c sppuinotify - ok
13:03:15.0279 0x065c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:03:15.0326 0x065c srv - ok
13:03:15.0351 0x065c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:03:15.0390 0x065c srv2 - ok
13:03:15.0418 0x065c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:03:15.0446 0x065c srvnet - ok
13:03:15.0490 0x065c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:03:15.0528 0x065c SSDPSRV - ok
13:03:15.0586 0x065c [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
13:03:15.0601 0x065c ssmdrv - ok
13:03:15.0623 0x065c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:03:15.0657 0x065c SstpSvc - ok
13:03:15.0712 0x065c [ 5EE6503C932CB79B493E4B4D8E23D219, 51DC712611E21F5CF3ED2322A146E167769D082E826B82601471CF782090E8B5 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
13:03:15.0729 0x065c ssudmdm - ok
13:03:15.0849 0x065c [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
13:03:15.0878 0x065c ss_conn_service - ok
13:03:15.0936 0x065c [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:03:15.0957 0x065c Stereo Service - ok
13:03:15.0988 0x065c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:03:16.0012 0x065c stexstor - ok
13:03:16.0070 0x065c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
13:03:16.0106 0x065c StiSvc - ok
13:03:16.0125 0x065c [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:03:16.0139 0x065c storflt - ok
13:03:16.0173 0x065c [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
13:03:16.0203 0x065c StorSvc - ok
13:03:16.0227 0x065c [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:03:16.0253 0x065c storvsc - ok
13:03:16.0281 0x065c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
13:03:16.0295 0x065c swenum - ok
13:03:16.0334 0x065c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
13:03:16.0374 0x065c swprv - ok
13:03:16.0442 0x065c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
13:03:16.0531 0x065c SysMain - ok
13:03:16.0566 0x065c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:03:16.0590 0x065c TabletInputService - ok
13:03:16.0641 0x065c [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
13:03:16.0655 0x065c tap0901 - ok
13:03:16.0696 0x065c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
13:03:16.0733 0x065c TapiSrv - ok
13:03:16.0779 0x065c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
13:03:16.0813 0x065c TBS - ok
13:03:16.0882 0x065c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:03:16.0960 0x065c Tcpip - ok
13:03:17.0023 0x065c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:03:17.0106 0x065c TCPIP6 - ok
13:03:17.0142 0x065c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:03:17.0166 0x065c tcpipreg - ok
13:03:17.0197 0x065c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:03:17.0226 0x065c TDPIPE - ok
13:03:17.0246 0x065c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:03:17.0270 0x065c TDTCP - ok
13:03:17.0291 0x065c [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:03:17.0317 0x065c tdx - ok
13:03:17.0348 0x065c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:03:17.0373 0x065c TermDD - ok
13:03:17.0417 0x065c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
13:03:17.0457 0x065c TermService - ok
13:03:17.0486 0x065c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
13:03:17.0508 0x065c Themes - ok
13:03:17.0522 0x065c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
13:03:17.0553 0x065c THREADORDER - ok
13:03:17.0577 0x065c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
13:03:17.0611 0x065c TrkWks - ok
13:03:17.0655 0x065c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:03:17.0684 0x065c TrustedInstaller - ok
13:03:17.0713 0x065c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:03:17.0738 0x065c tssecsrv - ok
13:03:17.0759 0x065c [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:03:17.0796 0x065c TsUsbFlt - ok
13:03:17.0819 0x065c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:03:17.0859 0x065c tunnel - ok
13:03:17.0883 0x065c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:03:17.0907 0x065c uagp35 - ok
13:03:17.0931 0x065c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:03:17.0976 0x065c udfs - ok
13:03:18.0028 0x065c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:03:18.0071 0x065c UI0Detect - ok
13:03:18.0100 0x065c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:03:18.0124 0x065c uliagpkx - ok
13:03:18.0151 0x065c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:03:18.0178 0x065c umbus - ok
13:03:18.0191 0x065c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:03:18.0215 0x065c UmPass - ok
13:03:18.0244 0x065c [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
13:03:18.0268 0x065c UmRdpService - ok
13:03:18.0302 0x065c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
13:03:18.0342 0x065c upnphost - ok
13:03:18.0389 0x065c [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:03:18.0418 0x065c usbaudio - ok
13:03:18.0451 0x065c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:03:18.0486 0x065c usbccgp - ok
13:03:18.0512 0x065c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:03:18.0546 0x065c usbcir - ok
13:03:18.0574 0x065c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:03:18.0607 0x065c usbehci - ok
13:03:18.0634 0x065c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:03:18.0669 0x065c usbhub - ok
13:03:18.0687 0x065c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:03:18.0710 0x065c usbohci - ok
13:03:18.0751 0x065c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:03:18.0776 0x065c usbprint - ok
13:03:18.0801 0x065c [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:03:18.0832 0x065c usbscan - ok
13:03:18.0857 0x065c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:03:18.0895 0x065c USBSTOR - ok
13:03:18.0910 0x065c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:03:18.0935 0x065c usbuhci - ok
13:03:18.0961 0x065c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:03:18.0978 0x065c usbvideo - ok
13:03:19.0003 0x065c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
13:03:19.0035 0x065c UxSms - ok
13:03:19.0052 0x065c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] VaultSvc C:\Windows\system32\lsass.exe
13:03:19.0070 0x065c VaultSvc - ok
13:03:19.0159 0x065c [ FC27A8404D680F2E89F7E2EA68D097FB, 5D137C8BE0F45E7F23B2DD90AA95634CA351254AF9676D161E550656354194B4 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
13:03:19.0195 0x065c VBoxAswDrv - ok
13:03:19.0224 0x065c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:03:19.0249 0x065c vdrvroot - ok
13:03:19.0286 0x065c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
13:03:19.0330 0x065c vds - ok
13:03:19.0337 0x065c Scan was interrupted by user!
13:03:19.0338 0x065c Waiting for KSN requests completion. In queue: 216
13:03:20.0338 0x065c Waiting for KSN requests completion. In queue: 216
13:03:21.0338 0x065c Waiting for KSN requests completion. In queue: 216
13:03:22.0351 0x065c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.4.2233.1299 ), 0x41000 ( enabled : updated )
13:03:22.0353 0x065c FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.4.2233.1299 ), 0x40010 ( disabled )
13:03:22.0357 0x065c Win FW state via NFP2: enabled ( trusted )
13:03:25.0004 0x065c ============================================================
13:03:25.0004 0x065c Scan finished
13:03:25.0004 0x065c ============================================================
13:03:25.0013 0x0bbc Detected object count: 0
13:03:25.0013 0x0bbc Actual detected object count: 0
13:03:30.0189 0x165c ============================================================
13:03:30.0189 0x165c Scan started
13:03:30.0189 0x165c Mode: Manual; SigCheck; TDLFS;
13:03:30.0189 0x165c ============================================================
13:03:30.0189 0x165c KSN ping started
13:03:32.0805 0x165c KSN ping finished: true
13:03:33.0995 0x165c ================ Scan system memory ========================
13:03:33.0995 0x165c System memory - ok
13:03:33.0999 0x165c ================ Scan services =============================
13:03:34.0132 0x165c [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:03:34.0202 0x165c 1394ohci - ok
13:03:34.0245 0x165c [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:03:34.0286 0x165c ACPI - ok
13:03:34.0323 0x165c [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:03:34.0354 0x165c AcpiPmi - ok
13:03:34.0414 0x165c [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:03:34.0436 0x165c AdobeFlashPlayerUpdateSvc - ok
13:03:34.0436 0x165c Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
13:03:49.0183 0x165c Object send P2P result: true
13:03:49.0222 0x165c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:03:49.0262 0x165c adp94xx - ok
13:03:49.0287 0x165c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:03:49.0324 0x165c adpahci - ok
13:03:49.0352 0x165c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:03:49.0380 0x165c adpu320 - ok
13:03:49.0410 0x165c [ 39AEAECE9F42407F176FE130D790BFBE, 19010DF87BDC1884268098CC04B4B15ECB710C94054A57157C0F9B7A795BDB28 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:03:49.0429 0x165c AeLookupSvc - ok
13:03:49.0455 0x165c [ 93B49FA857F7036A4EFF32371F6E7391, B9B2867D9A80E7F028E9D7C6ABCB9EC5198ACE28CEE101C5A846666B356B2843 ] AFD C:\Windows\system32\drivers\afd.sys
13:03:49.0496 0x165c AFD - ok
13:03:49.0519 0x165c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:03:49.0544 0x165c agp440 - ok
13:03:49.0560 0x165c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:03:49.0586 0x165c aic78xx - ok
13:03:49.0618 0x165c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
13:03:49.0644 0x165c ALG - ok
13:03:49.0657 0x165c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
13:03:49.0682 0x165c aliide - ok
13:03:49.0701 0x165c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:03:49.0732 0x165c amdagp - ok
13:03:49.0760 0x165c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
13:03:49.0782 0x165c amdide - ok
13:03:49.0794 0x165c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:03:49.0830 0x165c AmdK8 - ok
13:03:49.0857 0x165c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:03:49.0883 0x165c AmdPPM - ok
13:03:49.0916 0x165c [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:03:49.0942 0x165c amdsata - ok
13:03:49.0954 0x165c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:03:49.0983 0x165c amdsbs - ok
13:03:50.0018 0x165c [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:03:50.0040 0x165c amdxata - ok
13:03:50.0074 0x165c AntiVirSchedulerService - ok
13:03:50.0086 0x165c AntiVirService - ok
13:03:50.0092 0x165c AntiVirWebService - ok
|
|
10.01.2016, 13:15
| #8 |
| | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. teil 2 Code:
ATTFilter 13:03:50.0122 0x165c [ E499E422412EF37576092A52648DB2B4, 95E9C11258CAF37060242BA4E1170CEDECF3376CF0A9A1E61D46706D7C7F36F8 ] AppID C:\Windows\system32\drivers\appid.sys 13:03:50.0150 0x165c AppID - ok 13:03:50.0175 0x165c [ 89B6FA43B68A373B304DFB8F6776B255, 36ABD9AB89CBC7991DE9B04051B26014982953697862BC46EF8AE4ACC2404128 ] AppIDSvc C:\Windows\System32\appidsvc.dll 13:03:50.0191 0x165c AppIDSvc - ok 13:03:50.0225 0x165c [ 133A7896E643D139443B47FDBFA327C7, 371FC602B531DF1EFDCEEC3A2F5497A0D0BE7F558B0583F572862C69A65BD454 ] Appinfo C:\Windows\System32\appinfo.dll 13:03:50.0244 0x165c Appinfo - ok 13:03:50.0285 0x165c [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll 13:03:50.0370 0x165c AppMgmt - ok 13:03:50.0399 0x165c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys 13:03:50.0423 0x165c arc - ok 13:03:50.0434 0x165c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 13:03:50.0488 0x165c arcsas - ok 13:03:50.0572 0x165c [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 13:03:50.0603 0x165c aspnet_state - ok 13:03:50.0625 0x165c [ 7E31ED7D09D591DDD04B3C1BDE31A631, 49253C254F552BF390480705DFF607534C15793FE9747F008970321F4C3A290F ] aswHwid C:\Windows\system32\drivers\aswHwid.sys 13:03:50.0639 0x165c aswHwid - ok 13:03:50.0671 0x165c [ D522080F0AD8AEB0D51CEABE4AE71AFB, AA8D2BD9D34C933BDD3E18E3194BF36D49FD1E0EF6F246FBBD11767BC8B27056 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 13:03:50.0695 0x165c aswMonFlt - ok 13:03:50.0727 0x165c [ 1E481F7BDA311259C180EA99B5BD8585, 663733A454E8AD782EDF768C50B0C07BF31E93919FC6E145D320E2CB136C33DA ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys 13:03:50.0766 0x165c aswRdr - ok 13:03:50.0792 0x165c [ F47C251FAFCB1785849A3C54A8EDA56B, 6A8577244C5D134154120A6EE4B313301A384B578EE7FE11713CF29003A3669B ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 13:03:50.0805 0x165c aswRvrt - ok 13:03:50.0860 0x165c [ B9A9BE793A4BFA49120C321A6B0045D9, 4CBB768FE2F604C1ADD4883B299ECB6ECCCD5980C4116554316D389C0261D20E ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 13:03:50.0931 0x165c aswSnx - ok 13:03:50.0964 0x165c [ 67527C8C4041FAFBF4DC51A6DD88B479, BEAB64D76E136EB722F8CA4673E446BAE499D7B9EA24393E9672CFEBD956789A ] aswSP C:\Windows\system32\drivers\aswSP.sys 13:03:50.0986 0x165c aswSP - ok 13:03:51.0014 0x165c [ B9A86D39229010342E434FFAF836AC6C, FAB505E50F744294A40A1F11FCCEAF96299D3858E4E2FA68A03277C6246EC4A9 ] aswStm C:\Windows\system32\drivers\aswStm.sys 13:03:51.0029 0x165c aswStm - ok 13:03:51.0058 0x165c [ 7358232E267C175061775FF258558D67, 65E1DBC05643B4298A6F45F5F0C58EE65303BF61B8A84E85E4F69EA2C1744D4C ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 13:03:51.0079 0x165c aswVmm - ok 13:03:51.0112 0x165c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 13:03:51.0149 0x165c AsyncMac - ok 13:03:51.0187 0x165c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys 13:03:51.0212 0x165c atapi - ok 13:03:51.0255 0x165c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 13:03:51.0282 0x165c AudioEndpointBuilder - ok 13:03:51.0302 0x165c [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll 13:03:51.0331 0x165c Audiosrv - ok 13:03:51.0387 0x165c [ 11120878E5276B367E1A10FF8C9B595B, 7C02EEF3733307C31BAC4DA9975EC017AC40D0893D88228C30FFAA536DAA73FB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 13:03:51.0402 0x165c avast! Antivirus - ok 13:03:51.0402 0x165c Object required for P2P: [ 11120878E5276B367E1A10FF8C9B595B ] avast! Antivirus 13:03:54.0123 0x165c Object send P2P result: true 13:03:54.0324 0x165c [ 5240A6EF7387964F2DA24A60FAAA5FB0, D4FF51880A46EE3034A2C5519A9A504694480503A35491B7CF4227FD9D5575B6 ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe 13:03:54.0441 0x165c AvastVBoxSvc - ok 13:03:54.0501 0x165c [ B8C10FF9369394EB84993F331810CF29, 84D674EF4FB73FD9D1539DFCC52361C2FBAFD5A2DEF1FFF4F1F416721AA80F85 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 13:03:54.0527 0x165c avgntflt - ok 13:03:54.0552 0x165c [ 4189E5AB2CAD6F395D87DAAE73EB090F, 8A98667451F0A9E81204BC9DD34B7BDA147FB867F0969361ED6F9C0CD422E49C ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 13:03:54.0577 0x165c avipbb - ok 13:03:54.0604 0x165c [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 13:03:54.0632 0x165c avkmgr - ok 13:03:54.0673 0x165c [ 444E1CF85DD54019DC6CBB73C0875728, DC0BC6EDE0E81E7F062C173F6D6B22B207504CF5274F88ABEB3FA521E4A51E01 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 13:03:54.0695 0x165c avnetflt - ok 13:03:54.0722 0x165c [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll 13:03:54.0741 0x165c AxInstSV - ok 13:03:54.0780 0x165c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 13:03:54.0835 0x165c b06bdrv - ok 13:03:54.0864 0x165c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 13:03:54.0899 0x165c b57nd60x - ok 13:03:54.0982 0x165c [ B172E759651C4FBD77C009F8E1571EB3, BB10525DB83947B32D7543728F4059BFB26C745953D32BBD49F51474D880A472 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh6.sys 13:03:55.0069 0x165c BCMH43XX - ok 13:03:55.0102 0x165c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll 13:03:55.0118 0x165c BDESVC - ok 13:03:55.0140 0x165c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys 13:03:55.0185 0x165c Beep - ok 13:03:55.0234 0x165c [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll 13:03:55.0269 0x165c BFE - ok 13:03:55.0322 0x165c [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll 13:03:55.0376 0x165c BITS - ok 13:03:55.0405 0x165c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 13:03:55.0429 0x165c blbdrive - ok 13:03:55.0454 0x165c [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 13:03:55.0485 0x165c bowser - ok 13:03:55.0508 0x165c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 13:03:55.0535 0x165c BrFiltLo - ok 13:03:55.0556 0x165c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 13:03:55.0574 0x165c BrFiltUp - ok 13:03:55.0594 0x165c [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 13:03:55.0635 0x165c BridgeMP - ok 13:03:55.0669 0x165c [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll 13:03:55.0690 0x165c Browser - ok 13:03:55.0721 0x165c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys 13:03:55.0752 0x165c Brserid - ok 13:03:55.0765 0x165c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 13:03:55.0783 0x165c BrSerWdm - ok 13:03:55.0799 0x165c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 13:03:55.0816 0x165c BrUsbMdm - ok 13:03:55.0831 0x165c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 13:03:55.0846 0x165c BrUsbSer - ok 13:03:55.0856 0x165c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 13:03:55.0887 0x165c BTHMODEM - ok 13:03:55.0927 0x165c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll 13:03:55.0958 0x165c bthserv - ok 13:03:55.0988 0x165c catchme - ok 13:03:56.0013 0x165c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 13:03:56.0064 0x165c cdfs - ok 13:03:56.0093 0x165c [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 13:03:56.0139 0x165c cdrom - ok 13:03:56.0171 0x165c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll 13:03:56.0197 0x165c CertPropSvc - ok 13:03:56.0223 0x165c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 13:03:56.0251 0x165c circlass - ok 13:03:56.0307 0x165c [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys 13:03:56.0349 0x165c CLFS - ok 13:03:56.0411 0x165c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:03:56.0437 0x165c clr_optimization_v2.0.50727_32 - ok 13:03:56.0469 0x165c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 13:03:56.0487 0x165c clr_optimization_v4.0.30319_32 - ok 13:03:56.0518 0x165c [ 0187042EA17404BD54E903CB3A8B0C10, 8E62E5E282E7F4FB288D6D0787317FF15D08922596D0256F019462D52843EBE8 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 13:03:56.0529 0x165c clwvd - ok 13:03:56.0564 0x165c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 13:03:56.0579 0x165c CmBatt - ok 13:03:56.0601 0x165c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys 13:03:56.0628 0x165c cmdide - ok 13:03:56.0728 0x165c [ 48CA0EF55ECA320EF7862B75B91662FE, 5A3B6EAEC2AA8BF5758FBCFE7D0BA839216215E714966B401C4DE121CE7C738F ] cmuda3 C:\Windows\system32\drivers\cmudax3.sys 13:03:56.0837 0x165c cmuda3 - detected UnsignedFile.Multi.Generic ( 1 ) 13:03:56.0837 0x165c Detect skipped due to KSN trusted 13:03:56.0838 0x165c cmuda3 - ok 13:03:56.0940 0x165c [ F516F1167EFBBC5ABC90687C94497869, AD650D56241533439419EA00236ABE14AB6E50B768620211D1A44047A9FA14EC ] CNG C:\Windows\system32\Drivers\cng.sys 13:03:56.0982 0x165c CNG - ok 13:03:57.0004 0x165c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 13:03:57.0030 0x165c Compbatt - ok 13:03:57.0064 0x165c [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 13:03:57.0091 0x165c CompositeBus - ok 13:03:57.0102 0x165c COMSysApp - ok 13:03:57.0121 0x165c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 13:03:57.0159 0x165c crcdisk - ok 13:03:57.0187 0x165c [ 623E143F2DF17C0106A9988F5D7DC878, 9DA30262FF22FA9F1DB247CB3B4A2892D79730EF0ECC9589D399D24B4F58E565 ] CryptSvc C:\Windows\system32\cryptsvc.dll 13:03:57.0205 0x165c CryptSvc - ok 13:03:57.0254 0x165c [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys 13:03:57.0311 0x165c CSC - ok 13:03:57.0351 0x165c [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll 13:03:57.0393 0x165c CscService - ok 13:03:57.0421 0x165c [ 5E0C1B51629DF668376DEBB70363ED4E, A4F8CC25D57594F69854660A14714364E7975F662F83F001979B481F34402438 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys 13:03:57.0440 0x165c dc3d - ok 13:03:57.0489 0x165c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll 13:03:57.0539 0x165c DcomLaunch - ok 13:03:57.0576 0x165c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll 13:03:57.0613 0x165c defragsvc - ok 13:03:57.0656 0x165c [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 13:03:57.0693 0x165c DfsC - ok 13:03:57.0703 0x165c dgderdrv - ok 13:03:57.0738 0x165c [ 7A5FB3E4E0D77740D56E516EE6B2DC2B, 5B4636EC04903D2E512AC8FB98A484F7CEBE4EE0A081CF897CD13E8491C0D8CC ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 13:03:57.0751 0x165c dg_ssudbus - ok 13:03:57.0793 0x165c [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll 13:03:57.0828 0x165c Dhcp - ok 13:03:57.0854 0x165c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys 13:03:57.0895 0x165c discache - ok 13:03:57.0918 0x165c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys 13:03:57.0942 0x165c Disk - ok 13:03:57.0990 0x165c [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll 13:03:58.0009 0x165c Dnscache - ok 13:03:58.0045 0x165c [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll 13:03:58.0079 0x165c dot3svc - ok 13:03:58.0117 0x165c [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll 13:03:58.0150 0x165c DPS - ok 13:03:58.0178 0x165c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 13:03:58.0202 0x165c drmkaud - ok 13:03:58.0257 0x165c [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 13:03:58.0317 0x165c DXGKrnl - ok 13:03:58.0360 0x165c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll 13:03:58.0390 0x165c EapHost - ok 13:03:58.0544 0x165c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 13:03:58.0703 0x165c ebdrv - ok 13:03:58.0740 0x165c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] EFS C:\Windows\System32\lsass.exe 13:03:58.0761 0x165c EFS - ok 13:03:58.0838 0x165c [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe 13:03:58.0866 0x165c ehRecvr - ok 13:03:58.0902 0x165c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe 13:03:58.0918 0x165c ehSched - ok 13:03:58.0944 0x165c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 13:03:58.0996 0x165c elxstor - ok 13:03:59.0028 0x165c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys 13:03:59.0052 0x165c ErrDev - ok 13:03:59.0096 0x165c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll 13:03:59.0140 0x165c EventSystem - ok 13:03:59.0164 0x165c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys 13:03:59.0210 0x165c exfat - ok 13:03:59.0237 0x165c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys 13:03:59.0284 0x165c fastfat - ok 13:03:59.0329 0x165c [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe 13:03:59.0356 0x165c Fax - ok 13:03:59.0381 0x165c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 13:03:59.0416 0x165c fdc - ok 13:03:59.0433 0x165c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll 13:03:59.0464 0x165c fdPHost - ok 13:03:59.0478 0x165c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll 13:03:59.0508 0x165c FDResPub - ok 13:03:59.0529 0x165c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 13:03:59.0553 0x165c FileInfo - ok 13:03:59.0566 0x165c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 13:03:59.0604 0x165c Filetrace - ok 13:03:59.0625 0x165c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 13:03:59.0649 0x165c flpydisk - ok 13:03:59.0676 0x165c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 13:03:59.0707 0x165c FltMgr - ok 13:03:59.0767 0x165c [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll 13:03:59.0816 0x165c FontCache - ok 13:03:59.0869 0x165c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 13:03:59.0882 0x165c FontCache3.0.0.0 - ok 13:03:59.0893 0x165c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 13:03:59.0917 0x165c FsDepends - ok 13:03:59.0942 0x165c [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 13:03:59.0979 0x165c Fs_Rec - ok 13:04:00.0009 0x165c [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 13:04:00.0050 0x165c fvevol - ok 13:04:00.0071 0x165c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 13:04:00.0095 0x165c gagp30kx - ok 13:04:00.0139 0x165c [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll 13:04:00.0182 0x165c gpsvc - ok 13:04:00.0259 0x165c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 13:04:00.0273 0x165c gupdate - ok 13:04:00.0284 0x165c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 13:04:00.0299 0x165c gupdatem - ok 13:04:00.0309 0x165c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 13:04:00.0334 0x165c hcw85cir - ok 13:04:00.0376 0x165c [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 13:04:00.0413 0x165c HdAudAddService - ok 13:04:00.0447 0x165c [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 13:04:00.0481 0x165c HDAudBus - ok 13:04:00.0493 0x165c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 13:04:00.0517 0x165c HidBatt - ok 13:04:00.0529 0x165c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 13:04:00.0566 0x165c HidBth - ok 13:04:00.0577 0x165c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 13:04:00.0607 0x165c HidIr - ok 13:04:00.0638 0x165c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll 13:04:00.0668 0x165c hidserv - ok 13:04:00.0694 0x165c [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 13:04:00.0721 0x165c HidUsb - ok 13:04:00.0755 0x165c [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll 13:04:00.0783 0x165c hkmsvc - ok 13:04:00.0823 0x165c [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 13:04:00.0846 0x165c HomeGroupListener - ok 13:04:00.0883 0x165c [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 13:04:00.0904 0x165c HomeGroupProvider - ok 13:04:00.0928 0x165c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 13:04:00.0952 0x165c HpSAMD - ok 13:04:01.0014 0x165c [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys 13:04:01.0062 0x165c HTTP - ok 13:04:01.0091 0x165c [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 13:04:01.0113 0x165c hwpolicy - ok 13:04:01.0144 0x165c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 13:04:01.0170 0x165c i8042prt - ok 13:04:01.0202 0x165c [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 13:04:01.0239 0x165c iaStorV - ok 13:04:01.0307 0x165c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 13:04:01.0312 0x165c IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 13:04:01.0312 0x165c Detect skipped due to KSN trusted 13:04:01.0312 0x165c IDriverT - ok 13:04:01.0391 0x165c [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 13:04:01.0424 0x165c idsvc - ok 13:04:01.0436 0x165c IEEtwCollectorService - ok 13:04:01.0468 0x165c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 13:04:01.0497 0x165c iirsp - ok 13:04:01.0554 0x165c [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll 13:04:01.0587 0x165c IKEEXT - ok 13:04:01.0626 0x165c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys 13:04:01.0648 0x165c intelide - ok 13:04:01.0664 0x165c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 13:04:01.0701 0x165c intelppm - ok 13:04:01.0736 0x165c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 13:04:01.0779 0x165c IPBusEnum - ok 13:04:01.0790 0x165c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 13:04:01.0832 0x165c IpFilterDriver - ok 13:04:01.0883 0x165c [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 13:04:01.0912 0x165c iphlpsvc - ok 13:04:01.0932 0x165c [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 13:04:01.0959 0x165c IPMIDRV - ok 13:04:01.0983 0x165c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 13:04:02.0024 0x165c IPNAT - ok 13:04:02.0050 0x165c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys 13:04:02.0078 0x165c IRENUM - ok 13:04:02.0089 0x165c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys 13:04:02.0114 0x165c isapnp - ok 13:04:02.0152 0x165c [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 13:04:02.0195 0x165c iScsiPrt - ok 13:04:02.0236 0x165c [ C4C95805B85BCE1EB9D20F4A02FC5F9B, 0ED6A3004B0C5020223C2E1F70B7590C6772D5B272A0033679BC610E21EAE670 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys 13:04:02.0268 0x165c k57nd60x - ok 13:04:02.0298 0x165c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 13:04:02.0330 0x165c kbdclass - ok 13:04:02.0347 0x165c [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 13:04:02.0383 0x165c kbdhid - ok 13:04:02.0404 0x165c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] KeyIso C:\Windows\system32\lsass.exe 13:04:02.0421 0x165c KeyIso - ok 13:04:02.0442 0x165c [ EF88BAC2B489D9C46F4E41ACF0219CD0, BF0FAF51BB6D0E588E53E483EF48D8D96B33544113892CC723CDEFAE7E5FB97A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 13:04:02.0484 0x165c KSecDD - ok 13:04:02.0517 0x165c [ 49D70660EE8266988C1F99A0297A1430, D17B7A3118DB42358DEA80D8A21C5F1B0CC33BF74F6570676D4708B36BB91FD4 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 13:04:02.0545 0x165c KSecPkg - ok 13:04:02.0585 0x165c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll 13:04:02.0632 0x165c KtmRm - ok 13:04:02.0667 0x165c [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll 13:04:02.0703 0x165c LanmanServer - ok 13:04:02.0736 0x165c [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 13:04:02.0770 0x165c LanmanWorkstation - ok 13:04:02.0800 0x165c [ E2F1DCF4A68CC6CF694FBFBA1842F4CD, E0BB3DBBBDDC7613003389FDD94F295F5D7BE10F9B1F3E62CA59A764E26E6C3B ] libusb0 C:\Windows\system32\drivers\libusb0.sys 13:04:02.0805 0x165c libusb0 - detected UnsignedFile.Multi.Generic ( 1 ) 13:04:02.0805 0x165c Detect skipped due to KSN trusted 13:04:02.0805 0x165c libusb0 - ok 13:04:02.0836 0x165c [ 8B4B572753419FE601220526205F9455, F83D5E790017D1E7E9F48C0EDC04F051AE96C043C23A51A5F7ECDE8318598065 ] libusbd C:\Windows\system32\libusbd-nt.exe 13:04:02.0843 0x165c libusbd - detected UnsignedFile.Multi.Generic ( 1 ) 13:04:02.0843 0x165c Detect skipped due to KSN trusted 13:04:02.0843 0x165c libusbd - ok 13:04:02.0865 0x165c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 13:04:02.0916 0x165c lltdio - ok 13:04:02.0957 0x165c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll 13:04:03.0006 0x165c lltdsvc - ok 13:04:03.0018 0x165c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll 13:04:03.0055 0x165c lmhosts - ok 13:04:03.0090 0x165c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 13:04:03.0117 0x165c LSI_FC - ok 13:04:03.0130 0x165c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 13:04:03.0156 0x165c LSI_SAS - ok 13:04:03.0176 0x165c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 13:04:03.0200 0x165c LSI_SAS2 - ok 13:04:03.0213 0x165c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 13:04:03.0244 0x165c LSI_SCSI - ok 13:04:03.0271 0x165c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys 13:04:03.0312 0x165c luafv - ok 13:04:03.0345 0x165c [ 40C7F4B63337414F967AC53E0520B06B, 1E42F17F17B8BF748EFB15112EDA2DBD76761A011673B654020084AEC02089F1 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 13:04:03.0366 0x165c MBAMProtector - ok 13:04:03.0486 0x165c [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe 13:04:03.0522 0x165c MBAMService - ok 13:04:03.0561 0x165c [ 63254775FE0F974F5316B4EC3F163038, 05C83C2A8C29075C25E506AA4554906096320DF5517EE550724A1DE35A7A5206 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 13:04:03.0583 0x165c MBAMWebAccessControl - ok 13:04:03.0618 0x165c [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 13:04:03.0638 0x165c Mcx2Svc - ok 13:04:03.0669 0x165c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 13:04:03.0691 0x165c megasas - ok 13:04:03.0708 0x165c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 13:04:03.0742 0x165c MegaSR - ok 13:04:03.0753 0x165c MEMSWEEP2 - ok 13:04:03.0779 0x165c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll 13:04:03.0809 0x165c MMCSS - ok 13:04:03.0820 0x165c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys 13:04:03.0857 0x165c Modem - ok 13:04:03.0873 0x165c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 13:04:03.0901 0x165c monitor - ok 13:04:03.0924 0x165c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 13:04:03.0947 0x165c mouclass - ok 13:04:03.0964 0x165c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 13:04:03.0998 0x165c mouhid - ok 13:04:04.0019 0x165c [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 13:04:04.0043 0x165c mountmgr - ok 13:04:04.0067 0x165c [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys 13:04:04.0096 0x165c mpio - ok 13:04:04.0121 0x165c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 13:04:04.0157 0x165c mpsdrv - ok 13:04:04.0205 0x165c [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll 13:04:04.0249 0x165c MpsSvc - ok 13:04:04.0277 0x165c [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 13:04:04.0304 0x165c MRxDAV - ok 13:04:04.0332 0x165c [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 13:04:04.0365 0x165c mrxsmb - ok 13:04:04.0395 0x165c [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 13:04:04.0432 0x165c mrxsmb10 - ok 13:04:04.0447 0x165c [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 13:04:04.0486 0x165c mrxsmb20 - ok 13:04:04.0513 0x165c [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys 13:04:04.0537 0x165c msahci - ok 13:04:04.0559 0x165c [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys 13:04:04.0585 0x165c msdsm - ok 13:04:04.0608 0x165c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe 13:04:04.0628 0x165c MSDTC - ok 13:04:04.0663 0x165c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys 13:04:04.0717 0x165c Msfs - ok 13:04:04.0740 0x165c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 13:04:04.0770 0x165c mshidkmdf - ok 13:04:04.0800 0x165c [ 956741C67ABAA78B19AADC5474936842, 8D0B04E0E03CFF5A004500C8587BDD3C4E7FFACA552CC90C193CAE16F36A96E3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys 13:04:04.0823 0x165c MSHUSBVideo - ok 13:04:04.0844 0x165c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 13:04:04.0877 0x165c msisadrv - ok 13:04:05.0013 0x165c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll 13:04:05.0049 0x165c MSiSCSI - ok 13:04:05.0059 0x165c msiserver - ok 13:04:05.0080 0x165c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 13:04:05.0110 0x165c MSKSSRV - ok 13:04:05.0139 0x165c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 13:04:05.0166 0x165c MSPCLOCK - ok 13:04:05.0182 0x165c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 13:04:05.0210 0x165c MSPQM - ok 13:04:05.0249 0x165c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 13:04:05.0278 0x165c MsRPC - ok 13:04:05.0317 0x165c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 13:04:05.0340 0x165c mssmbios - ok 13:04:05.0371 0x165c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 13:04:05.0400 0x165c MSTEE - ok 13:04:05.0425 0x165c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 13:04:05.0461 0x165c MTConfig - ok 13:04:05.0494 0x165c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys 13:04:05.0518 0x165c Mup - ok 13:04:05.0559 0x165c [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll 13:04:05.0605 0x165c napagent - ok 13:04:05.0642 0x165c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 13:04:05.0679 0x165c NativeWifiP - ok 13:04:05.0740 0x165c [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS C:\Windows\system32\drivers\ndis.sys 13:04:05.0795 0x165c NDIS - ok 13:04:05.0808 0x165c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 13:04:05.0848 0x165c NdisCap - ok 13:04:05.0864 0x165c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 13:04:05.0909 0x165c NdisTapi - ok 13:04:05.0930 0x165c [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 13:04:05.0977 0x165c Ndisuio - ok 13:04:06.0005 0x165c [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 13:04:06.0043 0x165c NdisWan - ok 13:04:06.0082 0x165c [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 13:04:06.0129 0x165c NDProxy - ok 13:04:06.0160 0x165c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 13:04:06.0207 0x165c NetBIOS - ok 13:04:06.0247 0x165c [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 13:04:06.0289 0x165c NetBT - ok 13:04:06.0311 0x165c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] Netlogon C:\Windows\system32\lsass.exe 13:04:06.0328 0x165c Netlogon - ok 13:04:06.0360 0x165c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll 13:04:06.0397 0x165c Netman - ok 13:04:06.0427 0x165c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 13:04:06.0445 0x165c NetMsmqActivator - ok 13:04:06.0459 0x165c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 13:04:06.0477 0x165c NetPipeActivator - ok 13:04:06.0510 0x165c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll 13:04:06.0560 0x165c netprofm - ok 13:04:06.0575 0x165c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 13:04:06.0603 0x165c NetTcpActivator - ok 13:04:06.0617 0x165c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 13:04:06.0635 0x165c NetTcpPortSharing - ok 13:04:06.0667 0x165c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 13:04:06.0690 0x165c nfrd960 - ok 13:04:06.0719 0x165c [ B06110733A2CCD49A3A5AFB6624F299E, 264AE7743D80B337ABCA785A7A7C69ADC84F4D0D6A5F5441FBF79AC9687A01C1 ] ngvss C:\Windows\system32\drivers\ngvss.sys 13:04:06.0748 0x165c ngvss - ok 13:04:06.0782 0x165c [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll 13:04:06.0804 0x165c NlaSvc - ok 13:04:06.0840 0x165c [ B9730495E0CF674680121E34BD95A73B, 1A3DD943B0EEA19A676175825CB135825ECF41404B59349AC9B1E6D137FA9B46 ] NPF C:\Windows\system32\DRIVERS\npf.sys 13:04:06.0861 0x165c NPF - ok 13:04:06.0882 0x165c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys 13:04:06.0927 0x165c Npfs - ok 13:04:06.0959 0x165c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll 13:04:06.0992 0x165c nsi - ok 13:04:07.0012 0x165c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 13:04:07.0060 0x165c nsiproxy - ok 13:04:07.0153 0x165c [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 13:04:07.0229 0x165c Ntfs - ok 13:04:07.0252 0x165c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys 13:04:07.0289 0x165c Null - ok 13:04:07.0327 0x165c [ FBEC0FD36ED61EFEE1E3063281EAB984, AE4BC81897FDDE6EBEE7A9A3C9252A8E454B80831A853F9D1DCC0C2F8FA7DAAC ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys 13:04:07.0356 0x165c NVHDA - ok 13:04:07.0789 0x165c [ 8E3BD4ED84EEF035B1AF3F90141D13D1, 764C700D9C08548225B1F0CD978265976B9CE65F20931970B69B2953CD00B611 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 13:04:08.0080 0x165c nvlddmkm - ok 13:04:08.0222 0x165c [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe 13:04:08.0284 0x165c NvNetworkService - ok 13:04:08.0315 0x165c [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys 13:04:08.0342 0x165c nvraid - ok 13:04:08.0364 0x165c [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 13:04:08.0393 0x165c nvstor - ok 13:04:09.0154 0x165c [ DA09A1DAEBD38226C0CB22BA8D967F63, 55654C3D4D96185E5754DE63C08D40FA6CB46FAECBAACA6CEAB0F48E643C392C ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 13:04:09.0555 0x165c NvStreamSvc - ok 13:04:09.0650 0x165c [ 7A50B5448C45C0BEBFCF0E6481ABD73F, 6890320DD8DC9A58F845D6C6E058858F4651067B62E25AEED9F94436F10A4EA1 ] nvsvc C:\Windows\system32\nvvsvc.exe 13:04:09.0685 0x165c nvsvc - ok 13:04:09.0733 0x165c [ D230D757C084FB8D7BC4936E3D6334B8, 28F6416C2C8B174F388B42F7951E2D35B42EA5443DC9A89A016FCDE8A3D57F4A ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys 13:04:09.0767 0x165c nvvad_WaveExtensible - ok 13:04:09.0797 0x165c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 13:04:09.0825 0x165c nv_agp - ok 13:04:09.0845 0x165c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 13:04:09.0861 0x165c ohci1394 - ok 13:04:09.0920 0x165c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 13:04:09.0935 0x165c ose - ok 13:04:09.0985 0x165c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 13:04:10.0013 0x165c p2pimsvc - ok 13:04:10.0056 0x165c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll 13:04:10.0092 0x165c p2psvc - ok 13:04:10.0128 0x165c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys 13:04:10.0158 0x165c Parport - ok 13:04:10.0190 0x165c [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys 13:04:10.0213 0x165c partmgr - ok 13:04:10.0234 0x165c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 13:04:10.0261 0x165c Parvdm - ok 13:04:10.0306 0x165c [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll 13:04:10.0330 0x165c PcaSvc - ok 13:04:10.0354 0x165c [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys 13:04:10.0391 0x165c pci - ok 13:04:10.0419 0x165c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys 13:04:10.0441 0x165c pciide - ok 13:04:10.0470 0x165c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 13:04:10.0516 0x165c pcmcia - ok 13:04:10.0528 0x165c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys 13:04:10.0552 0x165c pcw - ok 13:04:10.0600 0x165c [ 344D1FA0438A967F1A2BAA42C86D6E19, E9CB31CBD9075B84BA771CF82A4C3AB5BF57ADEA3E76ABE8FE36FEACFD681D89 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 13:04:10.0659 0x165c PEAUTH - ok 13:04:10.0722 0x165c [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 13:04:10.0767 0x165c PeerDistSvc - ok 13:04:10.0907 0x165c [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll 13:04:10.0970 0x165c pla - ok 13:04:11.0034 0x165c [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll 13:04:11.0059 0x165c PlugPlay - ok 13:04:11.0087 0x165c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 13:04:11.0106 0x165c PNRPAutoReg - ok 13:04:11.0143 0x165c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 13:04:11.0168 0x165c PNRPsvc - ok 13:04:11.0196 0x165c [ E1BDA4A545CB54889CC24DF72A024E75, D7A005CAE89485ED3FE805A84F6A578BFFE6483D30B9C8E1732C5F41832D48CA ] Point32 C:\Windows\system32\DRIVERS\point32.sys 13:04:11.0221 0x165c Point32 - ok 13:04:11.0252 0x165c [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 13:04:11.0300 0x165c PolicyAgent - ok 13:04:11.0345 0x165c [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll 13:04:11.0386 0x165c Power - ok 13:04:11.0433 0x165c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 13:04:11.0484 0x165c PptpMiniport - ok 13:04:11.0514 0x165c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys 13:04:11.0545 0x165c Processor - ok 13:04:11.0603 0x165c [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll 13:04:11.0624 0x165c ProfSvc - ok 13:04:11.0657 0x165c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] ProtectedStorage C:\Windows\system32\lsass.exe 13:04:11.0674 0x165c ProtectedStorage - ok 13:04:11.0692 0x165c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 13:04:11.0732 0x165c Psched - ok 13:04:11.0743 0x165c PxHelp20 - ok 13:04:11.0829 0x165c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 13:04:11.0905 0x165c ql2300 - ok 13:04:11.0923 0x165c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 13:04:11.0956 0x165c ql40xx - ok 13:04:11.0994 0x165c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll 13:04:12.0022 0x165c QWAVE - ok 13:04:12.0040 0x165c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 13:04:12.0085 0x165c QWAVEdrv - ok 13:04:12.0107 0x165c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 13:04:12.0147 0x165c RasAcd - ok 13:04:12.0194 0x165c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 13:04:12.0229 0x165c RasAgileVpn - ok 13:04:12.0251 0x165c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll 13:04:12.0283 0x165c RasAuto - ok 13:04:12.0301 0x165c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 13:04:12.0339 0x165c Rasl2tp - ok 13:04:12.0385 0x165c [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll 13:04:12.0431 0x165c RasMan - ok 13:04:12.0458 0x165c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 13:04:12.0504 0x165c RasPppoe - ok 13:04:12.0547 0x165c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 13:04:12.0586 0x165c RasSstp - ok 13:04:12.0630 0x165c [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 13:04:12.0673 0x165c rdbss - ok 13:04:12.0697 0x165c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 13:04:12.0722 0x165c rdpbus - ok 13:04:12.0758 0x165c [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 13:04:12.0791 0x165c RDPCDD - ok 13:04:12.0829 0x165c [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 13:04:12.0858 0x165c RDPDR - ok 13:04:12.0867 0x165c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 13:04:12.0911 0x165c RDPENCDD - ok 13:04:12.0930 0x165c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 13:04:12.0968 0x165c RDPREFMP - ok 13:04:13.0017 0x165c [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 13:04:13.0041 0x165c RdpVideoMiniport - ok 13:04:13.0077 0x165c [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 13:04:13.0109 0x165c RDPWD - ok 13:04:13.0143 0x165c [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 13:04:13.0174 0x165c rdyboost - ok 13:04:13.0211 0x165c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll 13:04:13.0240 0x165c RemoteAccess - ok 13:04:13.0280 0x165c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll 13:04:13.0314 0x165c RemoteRegistry - ok 13:04:13.0349 0x165c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 13:04:13.0380 0x165c RpcEptMapper - ok 13:04:13.0410 0x165c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe 13:04:13.0427 0x165c RpcLocator - ok 13:04:13.0460 0x165c [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll 13:04:13.0499 0x165c RpcSs - ok 13:04:13.0536 0x165c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 13:04:13.0574 0x165c rspndr - ok 13:04:13.0611 0x165c [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys 13:04:13.0635 0x165c s3cap - ok 13:04:13.0658 0x165c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] SamSs C:\Windows\system32\lsass.exe 13:04:13.0679 0x165c SamSs - ok 13:04:13.0718 0x165c [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 13:04:13.0744 0x165c sbp2port - ok 13:04:13.0787 0x165c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll 13:04:13.0831 0x165c SCardSvr - ok 13:04:13.0857 0x165c [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 13:04:13.0906 0x165c scfilter - ok 13:04:13.0976 0x165c [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule C:\Windows\system32\schedsvc.dll 13:04:14.0022 0x165c Schedule - ok 13:04:14.0051 0x165c [ 46FB343BA8538009D5A24B110E8C7724, E0336D0DD72EA7728917FD7C788BF49C9E8675544E87DF9CACC5B30D988404CA ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys 13:04:14.0075 0x165c SCMNdisP - ok 13:04:14.0103 0x165c [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll 13:04:14.0131 0x165c SCPolicySvc - ok 13:04:14.0166 0x165c [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll 13:04:14.0187 0x165c SDRSVC - ok 13:04:14.0220 0x165c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys 13:04:14.0244 0x165c secdrv - ok 13:04:14.0286 0x165c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll 13:04:14.0318 0x165c seclogon - ok 13:04:14.0337 0x165c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll 13:04:14.0368 0x165c SENS - ok 13:04:14.0412 0x165c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll 13:04:14.0434 0x165c SensrSvc - ok 13:04:14.0456 0x165c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 13:04:14.0496 0x165c Serenum - ok 13:04:14.0524 0x165c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys 13:04:14.0550 0x165c Serial - ok 13:04:14.0580 0x165c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 13:04:14.0605 0x165c sermouse - ok 13:04:14.0664 0x165c [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll 13:04:14.0700 0x165c SessionEnv - ok 13:04:14.0736 0x165c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 13:04:14.0769 0x165c sffdisk - ok 13:04:14.0797 0x165c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 13:04:14.0824 0x165c sffp_mmc - ok 13:04:14.0848 0x165c [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 13:04:14.0885 0x165c sffp_sd - ok 13:04:14.0916 0x165c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 13:04:14.0944 0x165c sfloppy - ok 13:04:14.0982 0x165c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll 13:04:15.0033 0x165c SharedAccess - ok 13:04:15.0083 0x165c [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 13:04:15.0120 0x165c ShellHWDetection - ok 13:04:15.0154 0x165c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys 13:04:15.0184 0x165c sisagp - ok 13:04:15.0199 0x165c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 13:04:15.0223 0x165c SiSRaid2 - ok 13:04:15.0237 0x165c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 13:04:15.0279 0x165c SiSRaid4 - ok 13:04:15.0295 0x165c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys 13:04:15.0334 0x165c Smb - ok 13:04:15.0379 0x165c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 13:04:15.0397 0x165c SNMPTRAP - ok 13:04:15.0427 0x165c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys 13:04:15.0449 0x165c spldr - ok 13:04:15.0511 0x165c [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe 13:04:15.0536 0x165c Spooler - ok 13:04:15.0698 0x165c [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe 13:04:15.0815 0x165c sppsvc - ok 13:04:15.0849 0x165c [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll 13:04:15.0883 0x165c sppuinotify - ok 13:04:15.0930 0x165c [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys 13:04:15.0966 0x165c srv - ok 13:04:16.0003 0x165c [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 13:04:16.0046 0x165c srv2 - ok 13:04:16.0083 0x165c [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 13:04:16.0111 0x165c srvnet - ok 13:04:16.0149 0x165c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 13:04:16.0182 0x165c SSDPSRV - ok 13:04:16.0219 0x165c [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 13:04:16.0230 0x165c ssmdrv - ok 13:04:16.0256 0x165c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll 13:04:16.0292 0x165c SstpSvc - ok 13:04:16.0328 0x165c [ 5EE6503C932CB79B493E4B4D8E23D219, 51DC712611E21F5CF3ED2322A146E167769D082E826B82601471CF782090E8B5 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 13:04:16.0348 0x165c ssudmdm - ok 13:04:16.0450 0x165c [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe 13:04:16.0478 0x165c ss_conn_service - ok 13:04:16.0538 0x165c [ CDA9313E34887A111B8309B55BCDCD82, AC070AA093B7013E4D1B29F4FAF9B469C3C261E4D3D1512B4F77CC609CBD1484 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 13:04:16.0576 0x165c Stereo Service - ok 13:04:16.0604 0x165c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 13:04:16.0627 0x165c stexstor - ok 13:04:16.0674 0x165c [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll 13:04:16.0714 0x165c StiSvc - ok 13:04:16.0733 0x165c [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys 13:04:16.0750 0x165c storflt - ok 13:04:16.0789 0x165c [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll 13:04:16.0808 0x165c StorSvc - ok 13:04:16.0835 0x165c [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys 13:04:16.0857 0x165c storvsc - ok 13:04:16.0889 0x165c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys 13:04:16.0902 0x165c swenum - ok 13:04:16.0942 0x165c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll 13:04:16.0980 0x165c swprv - ok 13:04:17.0050 0x165c [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll 13:04:17.0100 0x165c SysMain - ok 13:04:17.0124 0x165c [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll 13:04:17.0147 0x165c TabletInputService - ok 13:04:17.0174 0x165c [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 13:04:17.0188 0x165c tap0901 - ok 13:04:17.0229 0x165c [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll 13:04:17.0266 0x165c TapiSrv - ok 13:04:17.0304 0x165c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll 13:04:17.0338 0x165c TBS - ok 13:04:17.0433 0x165c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 13:04:17.0510 0x165c Tcpip - ok 13:04:17.0582 0x165c [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 13:04:17.0660 0x165c TCPIP6 - ok 13:04:17.0708 0x165c [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 13:04:17.0732 0x165c tcpipreg - ok 13:04:17.0772 0x165c [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 13:04:17.0796 0x165c TDPIPE - ok 13:04:17.0820 0x165c [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 13:04:17.0848 0x165c TDTCP - ok 13:04:17.0874 0x165c [ BB8817D0508DD5EA69C770C8DEF5AB67, C55671524EEF6E16BBCC92556E83FD1D6457E707EA9330FC1CDD28FB11D99B77 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 13:04:17.0899 0x165c tdx - ok 13:04:17.0931 0x165c [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys 13:04:17.0954 0x165c TermDD - ok 13:04:18.0000 0x165c [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll 13:04:18.0033 0x165c TermService - ok 13:04:18.0069 0x165c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll 13:04:18.0093 0x165c Themes - ok 13:04:18.0113 0x165c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll 13:04:18.0143 0x165c THREADORDER - ok 13:04:18.0177 0x165c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll 13:04:18.0212 0x165c TrkWks - ok 13:04:18.0263 0x165c [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 13:04:18.0293 0x165c TrustedInstaller - ok 13:04:18.0329 0x165c [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 13:04:18.0355 0x165c tssecsrv - ok 13:04:18.0383 0x165c [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 13:04:18.0412 0x165c TsUsbFlt - ok 13:04:18.0443 0x165c [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 13:04:18.0483 0x165c tunnel - ok 13:04:18.0516 0x165c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 13:04:18.0541 0x165c uagp35 - ok 13:04:18.0573 0x165c [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 13:04:18.0619 0x165c udfs - ok 13:04:18.0669 0x165c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe 13:04:18.0689 0x165c UI0Detect - ok 13:04:18.0708 0x165c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 13:04:18.0736 0x165c uliagpkx - ok 13:04:18.0770 0x165c [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 13:04:18.0796 0x165c umbus - ok 13:04:18.0825 0x165c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 13:04:18.0851 0x165c UmPass - ok 13:04:18.0894 0x165c [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll 13:04:18.0917 0x165c UmRdpService - ok 13:04:18.0969 0x165c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll 13:04:19.0006 0x165c upnphost - ok 13:04:19.0047 0x165c [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 13:04:19.0064 0x165c usbaudio - ok 13:04:19.0107 0x165c [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 13:04:19.0143 0x165c usbccgp - ok 13:04:19.0171 0x165c [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys 13:04:19.0200 0x165c usbcir - ok 13:04:19.0224 0x165c [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 13:04:19.0248 0x165c usbehci - ok 13:04:19.0281 0x165c [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 13:04:19.0320 0x165c usbhub - ok 13:04:19.0345 0x165c [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys 13:04:19.0368 0x165c usbohci - ok 13:04:19.0393 0x165c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 13:04:19.0422 0x165c usbprint - ok 13:04:19.0459 0x165c [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 13:04:19.0483 0x165c usbscan - ok 13:04:19.0526 0x165c [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 13:04:19.0552 0x165c USBSTOR - ok 13:04:19.0589 0x165c [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 13:04:19.0623 0x165c usbuhci - ok 13:04:19.0678 0x165c [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 13:04:19.0695 0x165c usbvideo - ok 13:04:19.0728 0x165c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll 13:04:19.0759 0x165c UxSms - ok 13:04:19.0808 0x165c [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] VaultSvc C:\Windows\system32\lsass.exe 13:04:19.0846 0x165c VaultSvc - ok 13:04:19.0968 0x165c [ FC27A8404D680F2E89F7E2EA68D097FB, 5D137C8BE0F45E7F23B2DD90AA95634CA351254AF9676D161E550656354194B4 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys 13:04:19.0999 0x165c VBoxAswDrv - ok 13:04:20.0032 0x165c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 13:04:20.0057 0x165c vdrvroot - ok 13:04:20.0103 0x165c [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe 13:04:20.0143 0x165c vds - ok 13:04:20.0180 0x165c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 13:04:20.0206 0x165c vga - ok 13:04:20.0226 0x165c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys 13:04:20.0264 0x165c VgaSave - ok 13:04:20.0293 0x165c [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 13:04:20.0322 0x165c vhdmp - ok 13:04:20.0344 0x165c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys 13:04:20.0368 0x165c viaagp - ok 13:04:20.0396 0x165c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 13:04:20.0424 0x165c ViaC7 - ok 13:04:20.0452 0x165c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys 13:04:20.0475 0x165c viaide - ok 13:04:20.0506 0x165c [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys 13:04:20.0524 0x165c vmbus - ok 13:04:20.0558 0x165c [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys 13:04:20.0572 0x165c VMBusHID - ok 13:04:20.0600 0x165c [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys 13:04:20.0624 0x165c volmgr - ok 13:04:20.0665 0x165c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 13:04:20.0702 0x165c volmgrx - ok 13:04:20.0731 0x165c [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys 13:04:20.0764 0x165c volsnap - ok 13:04:20.0789 0x165c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 13:04:20.0828 0x165c vsmraid - ok 13:04:20.0894 0x165c [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe 13:04:20.0956 0x165c VSS - ok 13:04:20.0983 0x165c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 13:04:21.0010 0x165c vwifibus - ok 13:04:21.0058 0x165c [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 13:04:21.0088 0x165c vwififlt - ok 13:04:21.0130 0x165c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll 13:04:21.0178 0x165c W32Time - ok 13:04:21.0219 0x165c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 13:04:21.0244 0x165c WacomPen - ok 13:04:21.0273 0x165c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 13:04:21.0321 0x165c WANARP - ok 13:04:21.0335 0x165c [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 13:04:21.0376 0x165c Wanarpv6 - ok 13:04:21.0441 0x165c [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe 13:04:21.0514 0x165c wbengine - ok 13:04:21.0582 0x165c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 13:04:21.0609 0x165c WbioSrvc - ok 13:04:21.0644 0x165c [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll 13:04:21.0674 0x165c wcncsvc - ok 13:04:21.0697 0x165c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 13:04:21.0729 0x165c WcsPlugInService - ok 13:04:21.0764 0x165c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys 13:04:21.0791 0x165c Wd - ok 13:04:21.0856 0x165c [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys 13:04:21.0889 0x165c WDC_SAM - ok 13:04:21.0935 0x165c [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 13:04:21.0978 0x165c Wdf01000 - ok 13:04:22.0014 0x165c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll 13:04:22.0051 0x165c WdiServiceHost - ok 13:04:22.0062 0x165c [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll 13:04:22.0089 0x165c WdiSystemHost - ok 13:04:22.0139 0x165c [ 55C70654420DBF429604FD567E6F3CD3, 22191B049BCA76EF13AEDF8078E452E6B35E998A75AD63F14C542B541EA9F67D ] WebClient C:\Windows\System32\webclnt.dll 13:04:22.0176 0x165c WebClient - ok 13:04:22.0207 0x165c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll 13:04:22.0244 0x165c Wecsvc - ok 13:04:22.0263 0x165c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll 13:04:22.0298 0x165c wercplsupport - ok 13:04:22.0320 0x165c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll 13:04:22.0354 0x165c WerSvc - ok 13:04:22.0382 0x165c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 13:04:22.0417 0x165c WfpLwf - ok 13:04:22.0441 0x165c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys 13:04:22.0467 0x165c WIMMount - ok 13:04:22.0540 0x165c [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 13:04:22.0575 0x165c WinDefend - ok 13:04:22.0616 0x165c WinHttpAutoProxySvc - ok 13:04:22.0682 0x165c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 13:04:22.0715 0x165c Winmgmt - ok 13:04:22.0807 0x165c [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll 13:04:22.0900 0x165c WinRM - ok 13:04:22.0963 0x165c [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 13:04:22.0984 0x165c WinUsb - ok 13:04:23.0072 0x165c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll 13:04:23.0132 0x165c Wlansvc - ok 13:04:23.0167 0x165c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 13:04:23.0190 0x165c WmiAcpi - ok 13:04:23.0233 0x165c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 13:04:23.0258 0x165c wmiApSrv - ok 13:04:23.0348 0x165c [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 13:04:23.0414 0x165c WMPNetworkSvc - ok 13:04:23.0445 0x165c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll 13:04:23.0473 0x165c WPCSvc - ok 13:04:23.0503 0x165c [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 13:04:23.0542 0x165c WPDBusEnum - ok 13:04:23.0575 0x165c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 13:04:23.0623 0x165c ws2ifsl - ok 13:04:23.0678 0x165c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll 13:04:23.0705 0x165c wscsvc - ok 13:04:23.0725 0x165c WSearch - ok 13:04:23.0805 0x165c [ E7C84A8A763C460FE182F4DCBC17B9DC, 5DDBBC88E34056ED8BD6E6C6B05B02593AB780C4FCC53D8A4AB919C226F23376 ] WSWNA3100 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe 13:04:23.0823 0x165c WSWNA3100 - ok 13:04:23.0948 0x165c [ 8F145DC71B87BB4D6829FF6ECC9FB8CE, 7841671FAF9EEF326B6A5F2E63C65DB2F54D15357527EBAD2ADDA1BB1FE0479E ] wuauserv C:\Windows\system32\wuaueng.dll 13:04:24.0084 0x165c wuauserv - ok 13:04:24.0114 0x165c [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 13:04:24.0206 0x165c WudfPf - ok 13:04:24.0260 0x165c [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 13:04:24.0294 0x165c WUDFRd - ok 13:04:24.0318 0x165c [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll 13:04:24.0340 0x165c wudfsvc - ok 13:04:24.0374 0x165c [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll 13:04:24.0412 0x165c WwanSvc - ok 13:04:24.0459 0x165c XDva405 - ok 13:04:24.0496 0x165c ================ Scan global =============================== 13:04:24.0564 0x165c [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll 13:04:24.0592 0x165c [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll 13:04:24.0609 0x165c [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll 13:04:24.0634 0x165c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll 13:04:24.0665 0x165c [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe 13:04:24.0675 0x165c [ Global ] - ok 13:04:24.0675 0x165c ================ Scan MBR ================================== 13:04:24.0687 0x165c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 13:04:24.0949 0x165c \Device\Harddisk1\DR1 - ok 13:04:24.0955 0x165c [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0 13:04:24.0978 0x165c \Device\Harddisk0\DR0 - ok 13:04:24.0982 0x165c ================ Scan VBR ================================== 13:04:24.0985 0x165c [ 6B7860F0943D82785C92F90324348F9B ] \Device\Harddisk1\DR1\Partition1 13:04:24.0987 0x165c \Device\Harddisk1\DR1\Partition1 - ok 13:04:24.0993 0x165c [ FD4EE4FE80987EEEDDACF180DC836825 ] \Device\Harddisk1\DR1\Partition2 13:04:24.0994 0x165c \Device\Harddisk1\DR1\Partition2 - ok 13:04:25.0001 0x165c [ 0D4B9C84CCC3D649900D38A2DC735208 ] \Device\Harddisk0\DR0\Partition1 13:04:25.0002 0x165c \Device\Harddisk0\DR0\Partition1 - ok 13:04:25.0005 0x165c ================ Scan generic autorun ====================== 13:04:25.0275 0x165c [ 6FCCCAA9144312CD4AA1B38834DD9857, 8BF6926699B5A4408244FE1C2A8CBA10DE7263B7788B5F13212DAC4DA91C5E0F ] C:\Program Files\AVAST Software\Avast\AvastUI.exe 13:04:25.0562 0x165c AvastUI.exe - ok 13:04:25.0670 0x165c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe 13:04:25.0781 0x165c Sidebar - ok 13:04:25.0828 0x165c Waiting for KSN requests completion. In queue: 54 13:04:26.0828 0x165c Waiting for KSN requests completion. In queue: 54 13:04:27.0828 0x165c Waiting for KSN requests completion. In queue: 54 13:04:28.0832 0x165c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.4.2233.1299 ), 0x41000 ( enabled : updated ) 13:04:28.0834 0x165c FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.4.2233.1299 ), 0x40010 ( disabled ) 13:04:28.0836 0x165c Win FW state via NFP2: enabled ( trusted ) 13:04:31.0483 0x165c ============================================================ 13:04:31.0483 0x165c Scan finished 13:04:31.0483 0x165c ============================================================ 13:04:31.0493 0x08c8 Detected object count: 0 13:04:31.0493 0x08c8 Actual detected object count: 0 |
|
10.01.2016, 15:16
| #9 |
| /// Malwareteam | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, meine Vermutung ist kaputtoptimierung mit Tuneup. Boote doch mal in den abgesicherten Modus und schau, ob das Problem dort auch besteht. |
|
10.01.2016, 15:44
| #10 |
| | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, von welchem Problem sprichst du? Also bisher kam nur die Fehlermeldung das der Media Player ein DLL Problem hat. Angeblich soll ich den neu installieren. Ansonsten fährt er deutlich schneller runter, als hoch. Beim Bootvorgang braucht der PC immer noch so lang wie vorher. Es kann sein das die Registry im Eimer ist, vielleicht hast du gar nicht so unrecht. Immerhin kam ein Fehler als ich das Windows Repair Tool nutze. (Ist ne weile her). Würde CHKDSK etwas bringen? Ansonsten läuft die Kiste eigentlich. Ok, die Graka ist wirklich im Eimer, die hab ich auch so übernommen. Hab den früher mal als "Gamingkiste" genutzt. Wenns zu heiß wurde, schmierte die ab. Jedoch is das auch n 0815 billig Teil.. |
|
10.01.2016, 20:28
| #11 |
| /// Malwareteam | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, ich mein, dass er so lahm ist und permanent Fehlermeldungen kommen. Einen zerschossenen PC reparieren geht nicht immer, aber hier mal 2 Links dazu: Windows reparieren - so geht's - Anleitungen Inplace Upgrade - Windows reparieren - Anleitungen |
|
10.01.2016, 20:36
| #12 | |
| | Rechner total infiziert, zerschossen, hinüber, keine Ahnung.Zitat:
ich glaub wir verstehen uns falsch bzw ich hab mich nicht richtig ausgedrückt. Permanent kommen keine Fehlermeldungen, nicht mehr. Bisher kam nur die einzige das der Media Player nicht mehr funktioniert. N Screen kann ich morgen zeigen, komme heute dazu nicht mehr. Das FF Problem konnte ich durch zurücksetzen sowie einer kompletten Neuinstallation selbst lösen. Die Graka muss ausgetauscht werden, wodurch auch das Problem verschwindet. Sonst sind mir keine bekannt. |
|
10.01.2016, 21:23
| #13 |
| /// Malwareteam | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, ich bin jetzt verwirrt  Wozu genau hast du hier einen Thread eröffnet, bzw was willst du von mir? |
|
10.01.2016, 21:42
| #14 |
| | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, jetzt bin ich gerade selbst verwirrt. Also nochmal zurück zum Anfang .In letzter Zeit hatte ich die eine oder andere Fehlermeldung am PC, sowie einen extrem langen Start. (5 Minuten ca) Gerne wollte ich diesen PC mal überprüfen lassen, da ich mit meinem Latein am Ende bin. ADW Cleaner, ESET und TDSS Killer haben Erfolge erzielt, wodurch letzteres beim zweiten Suchlauf nichts gefunden hat. Gelöscht hab ich den Eintrag auch nicht, stand so in der Anleitung. Ein klein Tick schneller startet er schon, dennoch würde ich den Rechner mal komplett bereinigen und alle möglichen PUP's entfernen wollen. Zweitens ich würde gerne den Media Player aufspielen. Bekomme ich nicht hin. Screen zeige ich morgen mit der Fehlermeldung .Die Fehler die ich zuerst angesprochen habe ware im nachinein doch nicht so viel. Bisher nur FF und Media Player |
|
12.01.2016, 10:42
| #15 |
| /// Malwareteam | Rechner total infiziert, zerschossen, hinüber, keine Ahnung. Hi, in den Logs seh ich eigentlich ausser einer Kleinigkeit nix mehr. Das fix ich dir aber jetzt weg. Ansonsten ist da keine Adware/PUPs sonstiges drauf. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
|
|
| Themen zu Rechner total infiziert, zerschossen, hinüber, keine Ahnung. |
| ahnung, anderen, besitzer, bewusst, daten, fehler, google, heute, illegal, infiziert, installation, jahre, nicht mehr, probleme, rechner, recht, seite, sichere, thread, total, unbekannte, woche, wochen, überhaupt, zugang, zusammen |
Linear-Darstellung
