| |
| |||||||
Log-Analyse und Auswertung: Bin ich Teil eines Botnetzwerks?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.01.2016, 22:11
| #1 |
| |  Bin ich Teil eines Botnetzwerks? Guten Abend Nach mehreren Versuchen herauszufinden was meinen Laptop infiziert hat, wende ich mich nun an euch und bitte um Hilfe. Zu meinem Problem: Seit 2-3 Wochen habe ich mit extremen Performance Einbrüchen auf meinem Laptop zu kämpfen. Bereits kurz nach Restart (auch nach dem ich diesen neu aufgesetzt habe) geht die Arbeitsspeicher Belastung bereits hoch auf 4Gb + Resourcenmonitor: hxxp://puu.sh/my7KC/694cda66f1.png Daten Laptop: Windows 7 Bit Defender (lizensierte Version) 12 GB RAM IntelCore i7-2670QM Nvidia Geforce 570M Ein bekannter hat mich dann darauf gebracht, dass mein Laptop warscheinlich infiziert ist. Sein Verdacht: Bot in einem größeren Botnetz. Ich habe daraufhin die Verbindungen in CMD über netstat -a geprüft. Aktuelles Ergebnis: Code:
ATTFilter Aktive Verbindungen
Proto Lokale Adresse Remoteadresse Status
TCP 0.0.0.0:80 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:135 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:443 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:445 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:49168 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:49169 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:49170 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:49227 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:49228 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:49229 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:50000 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:51585 Marc-PC:0 ABHÖREN
TCP 0.0.0.0:64423 Marc-PC:0 ABHÖREN
TCP 127.0.0.1:3939 Marc-PC:0 ABHÖREN
TCP 127.0.0.1:22347 Marc-PC:0 ABHÖREN
TCP 127.0.0.1:22347 Marc-PC:49274 HERGESTELLT
TCP 127.0.0.1:22347 Marc-PC:49277 HERGESTELLT
TCP 127.0.0.1:22347 Marc-PC:49278 HERGESTELLT
TCP 127.0.0.1:22347 Marc-PC:49279 HERGESTELLT
TCP 127.0.0.1:22347 Marc-PC:49307 HERGESTELLT
TCP 127.0.0.1:22347 Marc-PC:49308 HERGESTELLT
TCP 127.0.0.1:22347 Marc-PC:49309 HERGESTELLT
TCP 127.0.0.1:25639 Marc-PC:0 ABHÖREN
TCP 127.0.0.1:49152 Marc-PC:49153 HERGESTELLT
TCP 127.0.0.1:49153 Marc-PC:49152 HERGESTELLT
TCP 127.0.0.1:49154 Marc-PC:49155 HERGESTELLT
TCP 127.0.0.1:49155 Marc-PC:49154 HERGESTELLT
TCP 127.0.0.1:49156 Marc-PC:49157 HERGESTELLT
TCP 127.0.0.1:49157 Marc-PC:49156 HERGESTELLT
TCP 127.0.0.1:49158 Marc-PC:49159 HERGESTELLT
TCP 127.0.0.1:49159 Marc-PC:49158 HERGESTELLT
TCP 127.0.0.1:49230 Marc-PC:49231 HERGESTELLT
TCP 127.0.0.1:49231 Marc-PC:49230 HERGESTELLT
TCP 127.0.0.1:49232 Marc-PC:49233 HERGESTELLT
TCP 127.0.0.1:49233 Marc-PC:49232 HERGESTELLT
TCP 127.0.0.1:49234 Marc-PC:49235 HERGESTELLT
TCP 127.0.0.1:49235 Marc-PC:49234 HERGESTELLT
TCP 127.0.0.1:49236 Marc-PC:49237 HERGESTELLT
TCP 127.0.0.1:49237 Marc-PC:49236 HERGESTELLT
TCP 127.0.0.1:49274 Marc-PC:22347 HERGESTELLT
TCP 127.0.0.1:49277 Marc-PC:22347 HERGESTELLT
TCP 127.0.0.1:49278 Marc-PC:22347 HERGESTELLT
TCP 127.0.0.1:49279 Marc-PC:22347 HERGESTELLT
TCP 127.0.0.1:49307 Marc-PC:22347 HERGESTELLT
TCP 127.0.0.1:49308 Marc-PC:22347 HERGESTELLT
TCP 127.0.0.1:49309 Marc-PC:22347 HERGESTELLT
TCP 127.0.0.1:49318 Marc-PC:49319 HERGESTELLT
TCP 127.0.0.1:49319 Marc-PC:49318 HERGESTELLT
TCP 127.0.0.1:49320 Marc-PC:49321 HERGESTELLT
TCP 127.0.0.1:49321 Marc-PC:49320 HERGESTELLT
TCP 127.0.0.1:49322 Marc-PC:49323 HERGESTELLT
TCP 127.0.0.1:49323 Marc-PC:49322 HERGESTELLT
TCP 127.0.0.1:49324 Marc-PC:49325 HERGESTELLT
TCP 127.0.0.1:49325 Marc-PC:49324 HERGESTELLT
TCP 127.0.0.1:50020 Marc-PC:50021 HERGESTELLT
TCP 127.0.0.1:50021 Marc-PC:50020 HERGESTELLT
TCP 127.0.0.1:50022 Marc-PC:50023 HERGESTELLT
TCP 127.0.0.1:50023 Marc-PC:50022 HERGESTELLT
TCP 127.127.127.127:3939 Marc-PC:0 ABHÖREN
TCP 192.168.1.3:139 Marc-PC:0 ABHÖREN
TCP 192.168.1.3:49305 213.199.179.166:40003 HERGESTELLT
TCP 192.168.1.3:49310 db3msgr6012507:https HERGESTELLT
TCP 192.168.1.3:49335 91.190.216.60:12350 HERGESTELLT
TCP 192.168.1.3:49362 blu405-m:https HERGESTELLT
TCP 192.168.1.3:49406 a104-89-33-193:https SCHLIESSEN_WARTEN
TCP 192.168.1.3:49653 104.208.234.211:https HERGESTELLT
TCP 192.168.1.3:49969 40.127.201.122:50006 HERGESTELLT
TCP 192.168.1.3:50219 fra07s32-in-f24:http WARTEND
TCP 192.168.1.3:50226 fra02s19-in-f25:http WARTEND
TCP 192.168.1.3:50281 eu-gmtdmp:https HERGESTELLT
TCP 192.168.1.3:50316 ec2-52-28-55-127:https WARTEND
TCP 192.168.1.3:50323 tacoda-atwola-prod-adcom-mtc:http WARTEND
TCP 192.168.1.3:50324 tacoda-atwola-prod-adcom-mtc:http WARTEND
TCP 192.168.1.3:50335 46.228.164.11:http WARTEND
TCP 192.168.1.3:50337 ec2-54-213-111-117:http WARTEND
TCP 192.168.1.3:50338 ec2-54-213-111-117:http WARTEND
TCP 192.168.1.3:50340 ec2-52-16-216-45:http WARTEND
TCP 192.168.1.3:50341 ec2-52-16-216-45:http WARTEND
TCP 192.168.1.3:50342 pr-bh:http WARTEND
TCP 192.168.1.3:50343 pr-bh:http WARTEND
TCP 192.168.1.3:50344 pr-bh:http WARTEND
TCP 192.168.1.3:50346 104.244.42.195:https HERGESTELLT
TCP 192.168.1.3:50349 dmppixel-adcom_nwa_blue:http WARTEND
TCP 192.168.1.3:50350 dmppixel-adcom_nwa_blue:http WARTEND
TCP 192.168.1.3:50358 185.86.138.16:http WARTEND
TCP 192.168.1.3:50379 ec2-54-165-242-202:http WARTEND
TCP 192.168.1.3:50384 81.161.59.92:https WARTEND
TCP 192.168.1.3:50388 46.228.164.20:http WARTEND
TCP 192.168.1.3:50390 edge-liverail-shv-01-frt3:http WARTEND
TCP 192.168.1.3:50391 edge-liverail-shv-01-frt3:http WARTEND
TCP 192.168.1.3:50398 40:http WARTEND
TCP 192.168.1.3:50417 69.89.93.5:http WARTEND
TCP 192.168.1.3:50451 81.161.59.92:https WARTEND
TCP 192.168.1.3:50452 81.161.59.92:https WARTEND
TCP 192.168.1.3:50459 192.229.233.25:https HERGESTELLT
TCP 192.168.1.3:50460 104.244.42.200:https HERGESTELLT
TCP 192.168.1.3:50461 104.244.42.8:https HERGESTELLT
TCP 192.168.1.3:50482 185.86.138.16:http WARTEND
TCP 192.168.1.3:50510 fra07s32-in-f26:https HERGESTELLT
TCP 192.168.1.3:50511 fra07s32-in-f26:https HERGESTELLT
TCP 192.168.1.3:50512 fra07s32-in-f26:https HERGESTELLT
TCP 192.168.1.3:50557 115:http WARTEND
TCP 192.168.1.3:50566 46.228.164.11:http WARTEND
TCP 192.168.1.3:50567 46.228.164.11:http WARTEND
TCP 192.168.1.3:50568 46.228.164.11:http WARTEND
TCP 192.168.1.3:50575 104.244.42.200:https HERGESTELLT
TCP 192.168.1.3:50587 pbtng-new-nuggad:http WARTEND
TCP 192.168.1.3:50588 pbtng-new-nuggad:http WARTEND
TCP 192.168.1.3:50628 h2491987:https HERGESTELLT
TCP 192.168.1.3:50629 fra07s32-in-f27:https HERGESTELLT
TCP 192.168.1.3:50633 fra02s21-in-f28:https HERGESTELLT
TCP 192.168.1.3:50674 mybd-push2-hzn:4001 HERGESTELLT
TCP 192.168.1.3:50679 probot1:http WARTEND
TCP 192.168.1.3:50680 probot1:http WARTEND
TCP 192.168.1.3:50681 probot1:http WARTEND
TCP 192.168.1.3:50682 probot1:http WARTEND
TCP 192.168.1.3:50694 185.86.137.17:http WARTEND
TCP 192.168.1.3:50695 185.86.137.17:http WARTEND
TCP 192.168.1.3:50696 185.86.137.17:http WARTEND
TCP 192.168.1.3:50697 185.86.137.17:http WARTEND
TCP 192.168.1.3:50709 edge-star-mini-shv-01-fra3:https HERGESTELLT
TCP 192.168.1.3:50737 115:http WARTEND
TCP 192.168.1.3:50738 115:http WARTEND
TCP 192.168.1.3:50739 46.228.164.11:http WARTEND
TCP 192.168.1.3:50740 46.228.164.11:http WARTEND
TCP 192.168.1.3:50745 185.86.138.32:http WARTEND
TCP 192.168.1.3:50746 185.86.138.32:http WARTEND
TCP 192.168.1.3:50749 40:http WARTEND
TCP 192.168.1.3:50750 40:http WARTEND
TCP 192.168.1.3:50751 157:http WARTEND
TCP 192.168.1.3:50752 157:http WARTEND
TCP 192.168.1.3:50772 h366:http SCHLIESSEN_WARTEN
TCP 192.168.1.3:50778 13.107.4.50:http HERGESTELLT
TCP 192.168.1.3:50780 104.20.46.97:http WARTEND
TCP 192.168.1.3:50781 104.20.46.97:http WARTEND
TCP 192.168.1.3:50786 93.184.220.29:http SYN_GESENDET
TCP 192.168.1.3:50787 93.184.220.29:http SYN_GESENDET
TCP 192.168.1.3:50788 vip1:http SYN_GESENDET
TCP 192.168.1.3:50789 93.184.220.29:http SYN_GESENDET
TCP 192.168.1.3:50790 2.18.213.226:http HERGESTELLT
TCP [::]:135 Marc-PC:0 ABHÖREN
TCP [::]:445 Marc-PC:0 ABHÖREN
TCP [::]:49168 Marc-PC:0 ABHÖREN
TCP [::]:49169 Marc-PC:0 ABHÖREN
TCP [::]:49170 Marc-PC:0 ABHÖREN
TCP [::]:49227 Marc-PC:0 ABHÖREN
TCP [::]:49228 Marc-PC:0 ABHÖREN
TCP [::]:49229 Marc-PC:0 ABHÖREN
UDP 0.0.0.0:443 *:*
UDP 0.0.0.0:500 *:*
UDP 0.0.0.0:1900 *:*
UDP 0.0.0.0:4500 *:*
UDP 0.0.0.0:5355 *:*
UDP 0.0.0.0:49153 *:*
UDP 0.0.0.0:50000 *:*
UDP 0.0.0.0:51585 *:*
UDP 0.0.0.0:56119 *:*
UDP 0.0.0.0:57415 *:*
UDP 0.0.0.0:58057 *:*
UDP 127.0.0.1:1900 *:*
UDP 127.0.0.1:49152 *:*
UDP 127.0.0.1:52765 *:*
UDP 127.0.0.1:56037 *:*
UDP 127.0.0.1:56038 *:*
UDP 127.0.0.1:56118 *:*
UDP 192.168.1.3:137 *:*
UDP 192.168.1.3:138 *:*
UDP 192.168.1.3:1900 *:*
UDP 192.168.1.3:1900 *:*
UDP 192.168.1.3:52764 *:*
UDP [::]:500 *:*
UDP [::]:4500 *:*
UDP [::]:5355 *:*
UDP [::]:57415 *:*
UDP [::1]:1900 *:*
UDP [::1]:52763 *:*
UDP [fe80::e1e0:940d:3fb7:ecd7%13]:1900 *:*
UDP [fe80::e1e0:940d:3fb7:ecd7%13]:52762 *:*
C:\Users\Marc>
Ebenfalls habe ich über einen USB Stick das Kaspersky Resuce Programm durchlaufen lassen. Der PC wurde 2 mal neu aufgesezt. Ich habe auf dem Laptop eine SSD + 1 HDD Festplatte zur Verfügung. Ebenfalls besteht von Werk ein "Recovery" Laufwerk. Addition Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von Marc (2016-01-16 21:38:47)
Gestartet von C:\Users\Marc\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2016-01-16 11:17:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-295894372-1878866498-4187087832-500 - Administrator - Disabled)
Gast (S-1-5-21-295894372-1878866498-4187087832-501 - Limited - Disabled)
Marc (S-1-5-21-295894372-1878866498-4187087832-1000 - Administrator - Enabled) => C:\Users\Marc
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Bitdefender Internet Security 2015 (HKLM\...\Bitdefender) (Version: 19.4.0.239 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1305_34270 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2023 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3419a - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3419a - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3510.52 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1108 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.4 - Dolby Laboratories Inc)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Glary Utilities 2.56.0.1822 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.57 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Java(TM) 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60831.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Graphics Driver 268.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.90 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.103 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.14.0 - Synaptics Incorporated)
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.1104.M007.02 - Micro-Star International Co., Ltd.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3D3BAFAF-A66D-4C1C-A35C-ACD95A66700B} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2011-11-08] (CyberLink Corp.)
Task: {3FB39ADA-1C17-43D8-BB87-EE1713797822} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-01-05] (CyberLink)
Task: {532DCE2C-18B6-445F-AA62-8587D102B749} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\Windows\SYSTEM32\OOBE\SETUPSQM.EXE [2009-07-14] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6C6E299A-7334-4B0A-9D38-11274FE7A07B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-16] (Google Inc.)
Task: {72984A82-D14C-49EF-92F4-9F26BEE637A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {8531A5C3-A1CF-417C-964C-6D1E61B5A3EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-16] (Google Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {FC582B0B-1111-4258-BE71-682B4D0750FD} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-01-16 12:41 - 2015-11-04 14:06 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2016-01-16 12:41 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2016-01-16 12:41 - 2015-11-13 17:46 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2016-01-16 12:41 - 2012-10-29 14:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2016-01-16 12:49 - 2016-01-16 12:49 - 00876888 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01351_002\ashttpbr.mdl
2016-01-16 12:49 - 2016-01-16 12:49 - 00742976 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01351_002\ashttpdsp.mdl
2016-01-16 12:49 - 2016-01-16 12:49 - 02803536 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01351_002\ashttpph.mdl
2016-01-16 12:49 - 2016-01-16 12:49 - 01415584 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01351_002\ashttprbl.mdl
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-12-13 11:25 - 2010-08-19 17:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-01-10 14:41 - 2016-01-16 20:49 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2015-11-16 17:55 - 2015-11-16 17:55 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00175080 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-10-22 12:21 - 2015-10-22 12:21 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2015-10-22 12:21 - 2015-10-22 12:21 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-10-22 12:22 - 2015-10-22 12:22 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-01-16 12:41 - 2015-11-04 14:17 - 00472080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdidntconp.dll
2016-01-16 12:41 - 2015-11-13 17:46 - 00189440 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\ui\bdidntconp.ui
2016-01-16 21:31 - 2016-01-16 21:31 - 00380416 _____ () C:\Users\Marc\Downloads\Gmer-19357.exe
2015-12-21 13:52 - 2015-12-21 13:52 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-12-13 09:27 - 2011-12-13 09:27 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b3c4d80fd43bfdb8167e50da0986af15\IsdiInterop.ni.dll
2011-12-13 09:27 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-01-16 12:16 - 2011-06-08 19:34 - 03649592 _____ () C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\pdf.dll
2016-01-16 12:16 - 2011-06-08 19:34 - 00329272 _____ () C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\ppGoogleNaClPluginChrome.dll
2016-01-16 12:16 - 2011-06-08 19:33 - 01846344 _____ () C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\avcodec-52.dll
2016-01-16 12:16 - 2011-06-08 19:33 - 00104520 _____ () C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\avutil-50.dll
2016-01-16 12:16 - 2011-06-08 19:33 - 00203848 _____ () C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\avformat-52.dll
2016-01-16 12:16 - 2011-06-08 19:33 - 00496184 _____ () C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\libglesv2.dll
2016-01-16 12:16 - 2011-06-08 19:33 - 00106552 _____ () C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Marc\Desktop\rescue2usb.exe:BDU
AlternateDataStreams: C:\Users\Marc\Downloads\avira-eu-cleaner_de.exe:BDU
AlternateDataStreams: C:\Users\Marc\Downloads\BootkitRemoval_x64.exe:BDU
AlternateDataStreams: C:\Users\Marc\Downloads\FRST64.exe:BDU
AlternateDataStreams: C:\Users\Marc\Downloads\Gmer-19357.exe:BDU
AlternateDataStreams: C:\Users\Marc\Downloads\rescue2usb.exe:BDU
AlternateDataStreams: C:\Users\Marc\Downloads\SkypeSetup.exe:BDU
AlternateDataStreams: C:\Users\Marc\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe:BDU
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-295894372-1878866498-4187087832-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{85832019-5E10-4687-9BE8-ECC6260C4DFB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3F0CB73A-4640-4B7B-A0AC-524E66E23823}] => (Allow) LPort=2869
FirewallRules: [{D63C74F5-9DCE-4F49-A501-D838905BB8A3}] => (Allow) LPort=1900
FirewallRules: [{CB2332EA-77AC-41DE-AD54-8B1B22BDC0F9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C0B4056E-B896-435C-BBE5-FF8029F17959}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{32E210E7-E79A-4E78-A2E2-3DF826A535D1}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6650F4B1-8F17-4E56-B6C9-2A9AA107E637}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{7B254EBE-5781-4BBE-A486-7474F442A783}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{75BF6E61-B238-4A35-B0A7-CD20F299C850}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{C07C1B1A-FD17-4A4D-983B-DE27AE30F671}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{E07C1A6C-5E5C-4E25-BA5B-20ED9512B2D6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{FC33298D-A92B-42A9-927E-1B1146AEA950}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{52E12796-DF78-45D7-808F-5F59D21FF8B1}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{59BBD7C6-577E-42D9-A54B-8809A5C50963}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{FD69613E-E486-40E5-B1E3-B156D3E938C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
16-01-2016 20:48:15 Installed puush
16-01-2016 21:00:25 COMPUTERBILD Vorteil-Center wird entfernt
16-01-2016 21:00:59 Removed watchmi.
16-01-2016 21:26:20 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: BCM20702A0
Description: BCM20702A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Logitech Gaming Virtual Bus Enumerator
Description: Logitech Gaming Virtual Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: LGBusEnum
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB-Audiogerät
Description: USB-Audiogerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/16/2016 09:31:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008d93e
ID des fehlerhaften Prozesses: 0x18d8
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Error: (01/16/2016 09:27:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8CF427FD790C3AD166068DE81E57EFBB932272D4.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (01/16/2016 09:27:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8CF427FD790C3AD166068DE81E57EFBB932272D4.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (01/16/2016 09:27:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8CF427FD790C3AD166068DE81E57EFBB932272D4.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (01/16/2016 09:27:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/8CF427FD790C3AD166068DE81E57EFBB932272D4.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (01/16/2016 09:27:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/47BEABC922EAE80E78783462A79F45C254FDE68B.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (01/16/2016 09:27:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/47BEABC922EAE80E78783462A79F45C254FDE68B.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (01/16/2016 09:27:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/47BEABC922EAE80E78783462A79F45C254FDE68B.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (01/16/2016 09:27:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/47BEABC922EAE80E78783462A79F45C254FDE68B.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (01/16/2016 09:24:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/F18B538D1BE903B6A6F056435B171589CAF36BF2.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Systemfehler:
=============
Error: (01/16/2016 09:27:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Logitech CPU Core Tempurature" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577
Error: (01/16/2016 09:02:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.
Error: (01/16/2016 09:02:15 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.
Error: (01/16/2016 07:12:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (01/16/2016 12:51:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
CodeIntegrity:
===================================
Date: 2016-01-16 21:27:12.113
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-01-16 21:27:12.054
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-01-16 21:27:08.915
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-01-16 21:27:08.911
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-01-16 21:01:31.217
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-01-16 21:01:31.082
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-01-16 21:01:26.390
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-01-16 21:01:26.218
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 12265.49 MB
Verfügbarer physikalischer RAM: 7292.18 MB
Summe virtueller Speicher: 24529.17 MB
Verfügbarer virtueller Speicher: 18998.72 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:73.43 GB) (Free:15.85 GB) NTFS
Drive d: (Data) (Fixed) (Total:648 GB) (Free:602.85 GB) NTFS
Drive e: (Recover) (Fixed) (Total:50.63 GB) (Free:27.66 GB) NTFS
Drive f: (GAME_OF_THRONES_S1_DISC2) (CDROM) (Total:6.19 GB) (Free:0 GB) UDF
Drive g: (Seagate Expansion Drive) (Fixed) (Total:3726.02 GB) (Free:1870.58 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: A4B54AFD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A4B54AE7)
Partition 1: (Not Active) - (Size=648 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=50.6 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von Marc (Administrator) auf MARC-PC (16-01-2016 21:38:26)
Gestartet von C:\Users\Marc\Downloads
Geladene Profile: Marc (Verfügbare Profile: Marc)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\puush\puush.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LU_1\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LU_1\LogitechUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\seccenter.exe
() C:\Users\Marc\Downloads\Gmer-19357.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-05-17] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2328360 2010-09-16] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544 2015-11-04] (Bitdefender)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2482176 2010-11-04] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)
HKLM\...\RunOnce: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKU\S-1-5-21-295894372-1878866498-4187087832-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-295894372-1878866498-4187087832-1000\...\Run: [Bitdefender-Geldb?rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-11-04] (Bitdefender)
HKU\S-1-5-21-295894372-1878866498-4187087832-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50603136 2016-01-11] (Skype Technologies S.A.)
HKU\S-1-5-21-295894372-1878866498-4187087832-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2016-01-16] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4FD062CB-AC24-4D8F-9F99-06C02190C704}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-295894372-1878866498-4187087832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
HKU\S-1-5-21-295894372-1878866498-4187087832-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-11-11] (Bitdefender)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-14] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-11-11] (Bitdefender)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-14] (Sun Microsystems, Inc.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-11-11] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-11-11] (Bitdefender)
Toolbar: HKU\S-1-5-21-295894372-1878866498-4187087832-1000 -> Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-11-11] (Bitdefender)
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-14] (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-14] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll [2011-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-11-13] [ist nicht signiert]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-11-13] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
Chrome:
=======
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2015-11-04] (Bitdefender)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [Datei ist nicht signiert]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [Datei ist nicht signiert]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [Datei ist nicht signiert]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [100816 2015-11-04] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1561344 2015-11-09] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2015-10-28] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [282000 2015-09-17] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-09-17] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2014-12-15] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
U3 pwldypog; \??\C:\Users\Marc\AppData\Local\Temp\pwldypog.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-16 21:38 - 2016-01-16 21:38 - 02370560 _____ (Farbar) C:\Users\Marc\Downloads\FRST64.exe
2016-01-16 21:38 - 2016-01-16 21:38 - 00017269 _____ C:\Users\Marc\Downloads\FRST.txt
2016-01-16 21:38 - 2016-01-16 21:38 - 00000000 ____D C:\FRST
2016-01-16 21:31 - 2016-01-16 21:31 - 00380416 _____ C:\Users\Marc\Downloads\Gmer-19357.exe
2016-01-16 21:27 - 2016-01-16 21:27 - 00000000 ____D C:\Users\Marc\AppData\Local\Logitech
2016-01-16 21:27 - 2016-01-16 21:27 - 00000000 ____D C:\ProgramData\LogiShrd
2016-01-16 21:26 - 2016-01-16 21:27 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2016-01-16 21:26 - 2016-01-16 21:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-16 21:26 - 2016-01-16 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-01-16 21:23 - 2016-01-16 21:23 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Logitech
2016-01-16 21:23 - 2016-01-16 21:23 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Logishrd
2016-01-16 21:22 - 2016-01-16 21:22 - 00001033 _____ C:\Users\Marc\Videos - Verknüpfung.lnk
2016-01-16 21:22 - 2016-01-16 21:22 - 00000000 ____D C:\Users\Marc\Downloads\LGS878
2016-01-16 21:03 - 2016-01-16 21:05 - 190765133 _____ C:\Users\Marc\Downloads\LGS878.zip
2016-01-16 20:52 - 2016-01-16 20:52 - 00007630 _____ C:\Users\Marc\AppData\Local\Resmon.ResmonCfg
2016-01-16 20:48 - 2016-01-16 20:49 - 00000000 ____D C:\Program Files (x86)\puush
2016-01-16 20:48 - 2016-01-16 20:48 - 01085440 _____ C:\Users\Marc\Downloads\puush.msi
2016-01-16 20:48 - 2016-01-16 20:48 - 00000000 ____D C:\Users\Marc\AppData\Roaming\puush
2016-01-16 20:48 - 2016-01-16 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2016-01-16 20:47 - 2016-01-16 20:47 - 02209056 _____ C:\Users\Marc\Downloads\avira-eu-cleaner_de.exe
2016-01-16 20:45 - 2016-01-16 20:45 - 11427128 _____ (Bitdefender LLC) C:\Users\Marc\Downloads\BootkitRemoval_x64.exe
2016-01-16 19:16 - 2016-01-16 19:16 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2016-01-16 19:15 - 2016-01-16 19:15 - 00000000 ____D C:\Program Files\rescue2usb
2016-01-16 19:12 - 2016-01-16 19:22 - 280977408 _____ C:\Users\Marc\Desktop\kav_rescue_10.iso
2016-01-16 19:12 - 2016-01-16 19:12 - 00387584 _____ C:\Users\Marc\Downloads\rescue2usb.exe
2016-01-16 19:12 - 2016-01-16 19:12 - 00387584 _____ C:\Users\Marc\Desktop\rescue2usb.exe
2016-01-16 19:09 - 2016-01-16 19:11 - 00000000 ____D C:\ProgramData\HitmanPro
2016-01-16 19:09 - 2016-01-16 19:09 - 13928419 _____ C:\Users\Marc\Downloads\HitmanPro_3.7.10.251.zip
2016-01-16 19:01 - 2016-01-16 21:29 - 00000000 ____D C:\Users\Marc\AppData\Roaming\TS3Client
2016-01-16 19:01 - 2016-01-16 19:01 - 00000971 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-01-16 19:01 - 2016-01-16 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-01-16 19:01 - 2016-01-16 19:01 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-01-16 18:54 - 2016-01-16 18:54 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\Marc\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe
2016-01-16 18:52 - 2016-01-16 21:20 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype
2016-01-16 18:52 - 2016-01-16 18:52 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-16 18:52 - 2016-01-16 18:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-16 18:52 - 2016-01-16 18:52 - 00000000 ____D C:\Users\Marc\Tracing
2016-01-16 18:52 - 2016-01-16 18:52 - 00000000 ____D C:\ProgramData\Skype
2016-01-16 18:52 - 2016-01-16 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-16 18:51 - 2016-01-16 18:51 - 01504376 _____ (Skype Technologies S.A.) C:\Users\Marc\Downloads\SkypeSetup.exe
2016-01-16 13:11 - 2016-01-16 21:18 - 00003383 _____ C:\bdlog.txt
2016-01-16 12:42 - 2016-01-16 12:42 - 00491089 _____ C:\ProgramData\1452944370.bdinstall.bin
2016-01-16 12:42 - 2016-01-16 12:42 - 00000385 _____ C:\Users\Marc\AppData\Roaminguser_gensett.xml
2016-01-16 12:41 - 2016-01-16 12:41 - 00002126 _____ C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk
2016-01-16 12:41 - 2016-01-16 12:41 - 00000684 ____H C:\bdr-cf01
2016-01-16 12:41 - 2016-01-16 12:41 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2016-01-16 12:41 - 2016-01-16 12:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2016-01-16 12:41 - 2016-01-16 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2016-01-16 12:41 - 2016-01-16 12:41 - 00000000 ____D C:\ProgramData\BDLogging
2016-01-16 12:41 - 2015-10-28 13:01 - 01600512 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2016-01-16 12:41 - 2015-09-17 22:24 - 00282000 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2016-01-16 12:41 - 2015-09-17 22:23 - 00775424 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2016-01-16 12:41 - 2014-12-15 18:04 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2016-01-16 12:41 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2016-01-16 12:40 - 2016-01-16 12:47 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Bitdefender
2016-01-16 12:40 - 2016-01-16 12:41 - 00253404 ____H C:\bdr-ld01
2016-01-16 12:40 - 2016-01-16 12:41 - 00009216 ____H C:\bdr-ld01.mbr
2016-01-16 12:40 - 2015-07-15 17:13 - 49737193 ____H C:\bdr-im01.gz
2016-01-16 12:40 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2016-01-16 12:39 - 2016-01-16 12:41 - 00000000 ____D C:\ProgramData\Bitdefender
2016-01-16 12:39 - 2016-01-16 12:39 - 00000000 ____D C:\Users\Marc\AppData\Roaming\QuickScan
2016-01-16 12:39 - 2016-01-16 12:39 - 00000000 ____D C:\Program Files\Bitdefender
2016-01-16 12:39 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-01-16 12:39 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2016-01-16 12:37 - 2016-01-16 12:37 - 00000000 ____D C:\Users\Marc\AppData\Roaming\GlarySoft
2016-01-16 12:36 - 2016-01-16 21:19 - 00000324 _____ C:\Windows\Tasks\GlaryInitialize.job
2016-01-16 12:36 - 2016-01-16 12:36 - 06685392 _____ (Glarysoft Ltd ) C:\Users\Marc\Downloads\gusetup_slim_2.56.exe
2016-01-16 12:36 - 2016-01-16 12:36 - 00002600 _____ C:\Windows\System32\Tasks\GlaryInitialize
2016-01-16 12:36 - 2016-01-16 12:36 - 00001070 _____ C:\Users\Marc\Desktop\Glary Utilities.lnk
2016-01-16 12:36 - 2016-01-16 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2016-01-16 12:36 - 2016-01-16 12:36 - 00000000 ____D C:\Program Files (x86)\Glary Utilities
2016-01-16 12:33 - 2016-01-16 12:33 - 00000000 ____D C:\KVRT_Data
2016-01-16 12:31 - 2016-01-16 12:33 - 93484384 _____ (Kaspersky Lab ZAO) C:\Users\Marc\Downloads\KVRT.exe
2016-01-16 12:30 - 2016-01-16 12:30 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Adobe
2016-01-16 12:28 - 2016-01-16 12:28 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-01-16 12:28 - 2016-01-16 12:28 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-16 12:28 - 2016-01-16 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-16 12:28 - 2016-01-16 12:28 - 00000000 ____D C:\Program Files\CCleaner
2016-01-16 12:27 - 2016-01-16 12:27 - 05565384 _____ (Piriform Ltd) C:\Users\Marc\Downloads\ccsetup512_slim.exe
2016-01-16 12:25 - 2016-01-16 21:02 - 00000000 ____D C:\Users\Marc\AppData\Local\Google
2016-01-16 12:22 - 2016-01-16 12:39 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-01-16 12:19 - 2016-01-16 21:20 - 00000000 ____D C:\Users\Marc\Documents\Youcam
2016-01-16 12:19 - 2016-01-16 12:19 - 00000000 ____D C:\Users\Marc\AppData\Local\CyberLink
2016-01-16 12:18 - 2016-01-16 12:18 - 00065448 _____ C:\Users\Marc\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-16 12:18 - 2016-01-16 12:18 - 00001443 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-16 12:18 - 2016-01-16 12:18 - 00001409 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-01-16 12:18 - 2016-01-16 12:18 - 00000000 ___HD C:\ProgramData\Medion Reminder
2016-01-16 12:18 - 2016-01-16 12:18 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Intel Corporation
2016-01-16 12:18 - 2016-01-16 12:18 - 00000000 ____D C:\Users\Marc\AppData\Local\Power2Go
2016-01-16 12:17 - 2016-01-16 21:22 - 00000000 ____D C:\Users\Marc
2016-01-16 12:17 - 2016-01-16 12:17 - 00000020 ___SH C:\Users\Marc\ntuser.ini
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Vorlagen
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Startmenü
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Netzwerkumgebung
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Lokale Einstellungen
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Eigene Dateien
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Druckumgebung
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Documents\Eigene Videos
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Documents\Eigene Musik
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Documents\Eigene Bilder
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\AppData\Local\Verlauf
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\AppData\Local\Anwendungsdaten
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 _SHDL C:\Users\Marc\Anwendungsdaten
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Intel
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 ____D C:\Users\Marc\AppData\Local\VirtualStore
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 ____D C:\ProgramData\Kaspersky Rescue Disk 10
2016-01-16 12:17 - 2016-01-16 12:17 - 00000000 ____D C:\Program Files (x86)\Memeo
2016-01-16 12:17 - 2011-10-14 12:27 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Macromedia
2016-01-16 12:17 - 2011-07-18 22:23 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover
2016-01-16 12:17 - 2011-04-12 09:28 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Media Center Programs
2016-01-16 12:16 - 2016-01-16 21:29 - 00002139 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-16 12:16 - 2016-01-16 21:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-16 12:16 - 2016-01-16 21:19 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-16 12:16 - 2016-01-16 21:19 - 00000000 ____D C:\ProgramData\Partner
2016-01-16 12:16 - 2016-01-16 21:19 - 00000000 ____D C:\Program Files\Google
2016-01-16 12:16 - 2016-01-16 21:02 - 00000000 ____D C:\ProgramData\TvdPersonal
2016-01-16 12:16 - 2016-01-16 21:02 - 00000000 ____D C:\ProgramData\Google
2016-01-16 12:16 - 2016-01-16 21:02 - 00000000 ____D C:\Program Files (x86)\watchmi
2016-01-16 12:16 - 2016-01-16 19:22 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-16 12:16 - 2016-01-16 19:22 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-16 12:16 - 2016-01-16 12:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Versandhelfer
2016-01-16 12:16 - 2016-01-16 12:16 - 00000000 ____D C:\Program Files\PlayReady
2016-01-16 12:16 - 2016-01-16 12:16 - 00000000 ____D C:\Program Files (x86)\Versandhelfer
2016-01-16 12:16 - 2011-06-03 14:28 - 00002360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-16 12:15 - 2016-01-16 21:19 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-16 12:15 - 2016-01-16 12:15 - 00000000 _SHDL C:\Documents and Settings
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-16 21:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-16 21:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-16 21:26 - 2009-07-14 05:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-16 21:26 - 2009-07-14 05:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-16 21:25 - 2011-05-16 16:16 - 00610202 _____ C:\Windows\system32\perfh01F.dat
2016-01-16 21:25 - 2011-05-16 16:16 - 00121526 _____ C:\Windows\system32\perfc01F.dat
2016-01-16 21:25 - 2011-05-16 16:03 - 00679342 _____ C:\Windows\system32\prfh0816.dat
2016-01-16 21:25 - 2011-05-16 16:03 - 00133752 _____ C:\Windows\system32\prfc0816.dat
2016-01-16 21:25 - 2011-05-16 15:55 - 00689726 _____ C:\Windows\system32\perfh015.dat
2016-01-16 21:25 - 2011-05-16 15:55 - 00134840 _____ C:\Windows\system32\perfc015.dat
2016-01-16 21:25 - 2011-05-16 15:47 - 00691192 _____ C:\Windows\system32\perfh013.dat
2016-01-16 21:25 - 2011-05-16 15:47 - 00132940 _____ C:\Windows\system32\perfc013.dat
2016-01-16 21:25 - 2011-05-16 15:39 - 00689108 _____ C:\Windows\system32\perfh010.dat
2016-01-16 21:25 - 2011-05-16 15:39 - 00127144 _____ C:\Windows\system32\perfc010.dat
2016-01-16 21:25 - 2011-05-16 15:31 - 00632180 _____ C:\Windows\system32\perfh00E.dat
2016-01-16 21:25 - 2011-05-16 15:31 - 00148310 _____ C:\Windows\system32\perfc00E.dat
2016-01-16 21:25 - 2011-05-16 15:25 - 00694430 _____ C:\Windows\system32\perfh00C.dat
2016-01-16 21:25 - 2011-05-16 15:25 - 00130140 _____ C:\Windows\system32\perfc00C.dat
2016-01-16 21:25 - 2011-05-16 15:17 - 00693454 _____ C:\Windows\system32\perfh00A.dat
2016-01-16 21:25 - 2011-05-16 15:17 - 00137062 _____ C:\Windows\system32\perfc00A.dat
2016-01-16 21:25 - 2011-05-16 15:11 - 00551770 _____ C:\Windows\system32\perfh008.dat
2016-01-16 21:25 - 2011-05-16 15:11 - 00089436 _____ C:\Windows\system32\perfc008.dat
2016-01-16 21:25 - 2011-05-16 15:04 - 00654166 _____ C:\Windows\system32\perfh007.dat
2016-01-16 21:25 - 2011-05-16 15:04 - 00130006 _____ C:\Windows\system32\perfc007.dat
2016-01-16 21:25 - 2011-05-16 14:58 - 00462172 _____ C:\Windows\system32\perfh006.dat
2016-01-16 21:25 - 2011-05-16 14:58 - 00079804 _____ C:\Windows\system32\perfc006.dat
2016-01-16 21:25 - 2009-07-14 06:13 - 09110786 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-16 21:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-16 21:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-16 18:46 - 2011-12-13 11:20 - 00000000 ____D C:\ProgramData\CyberLink
2016-01-16 12:28 - 2011-07-18 21:54 - 00000000 ____D C:\Windows\Panther
2016-01-16 12:15 - 2009-07-14 05:45 - 00292120 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-16 12:12 - 2009-07-14 06:32 - 00032768 _____ C:\Windows\system32\config\BCD-Template
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-16 20:52 - 2016-01-16 20:52 - 0007630 _____ () C:\Users\Marc\AppData\Local\Resmon.ResmonCfg
2016-01-16 12:42 - 2016-01-16 12:42 - 0491089 _____ () C:\ProgramData\1452944370.bdinstall.bin
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2011-07-18 21:01
==================== Ende von FRST.txt ============================
Grüße Marc |
|
18.01.2016, 17:15
| #2 |
| /// TB-Ausbilder   | Bin ich Teil eines Botnetzwerks? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
18.01.2016, 17:22
| #3 |
| | Bin ich Teil eines Botnetzwerks? Gesagt, getan. Vielen Dank für deine Hilfe
__________________Code:
ATTFilter 17:19:33.0153 0x1b60 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:19:39.0494 0x1b60 ============================================================
17:19:39.0494 0x1b60 Current date / time: 2016/01/18 17:19:39.0494
17:19:39.0494 0x1b60 SystemInfo:
17:19:39.0494 0x1b60
17:19:39.0494 0x1b60 OS Version: 6.1.7601 ServicePack: 1.0
17:19:39.0494 0x1b60 Product type: Workstation
17:19:39.0494 0x1b60 ComputerName: MARC-PC
17:19:39.0494 0x1b60 UserName: Marc
17:19:39.0494 0x1b60 Windows directory: C:\Windows
17:19:39.0494 0x1b60 System windows directory: C:\Windows
17:19:39.0494 0x1b60 Running under WOW64
17:19:39.0494 0x1b60 Processor architecture: Intel x64
17:19:39.0495 0x1b60 Number of processors: 8
17:19:39.0495 0x1b60 Page size: 0x1000
17:19:39.0495 0x1b60 Boot type: Normal boot
17:19:39.0495 0x1b60 ============================================================
17:19:39.0578 0x1b60 KLMD registered as C:\Windows\system32\drivers\05164828.sys
17:19:39.0808 0x1b60 System UUID: {70D20797-11E0-FF7F-E253-FC11378523B5}
17:19:40.0148 0x1b60 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:19:40.0242 0x1b60 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:19:40.0254 0x1b60 Drive \Device\Harddisk2\DR2 - Size: 0x3A3817D5000 ( 3726.02 Gb ), SectorSize: 0x1000, Cylinders: 0xED80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:19:48.0800 0x1b60 ============================================================
17:19:48.0800 0x1b60 \Device\Harddisk0\DR0:
17:19:48.0801 0x1b60 MBR partitions:
17:19:48.0801 0x1b60 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:19:48.0801 0x1b60 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x92DB800
17:19:48.0801 0x1b60 \Device\Harddisk1\DR1:
17:19:48.0840 0x1b60 MBR partitions:
17:19:48.0840 0x1b60 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x51000000
17:19:48.0840 0x1b60 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x51000800, BlocksNum 0x6545000
17:19:48.0840 0x1b60 \Device\Harddisk2\DR2:
17:19:48.0840 0x1b60 MBR partitions:
17:19:48.0840 0x1b60 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A380FD2
17:19:48.0840 0x1b60 ============================================================
17:19:48.0842 0x1b60 C: <-> \Device\Harddisk0\DR0\Partition2
17:19:48.0855 0x1b60 D: <-> \Device\Harddisk1\DR1\Partition1
17:19:48.0893 0x1b60 E: <-> \Device\Harddisk1\DR1\Partition2
17:19:48.0949 0x1b60 G: <-> \Device\Harddisk2\DR2\Partition1
17:19:48.0949 0x1b60 ============================================================
17:19:48.0949 0x1b60 Initialize success
17:19:48.0949 0x1b60 ============================================================
17:20:20.0298 0x1644 ============================================================
17:20:20.0298 0x1644 Scan started
17:20:20.0298 0x1644 Mode: Manual; SigCheck; TDLFS;
17:20:20.0298 0x1644 ============================================================
17:20:20.0298 0x1644 KSN ping started
17:20:22.0701 0x1644 KSN ping finished: true
17:20:23.0852 0x1644 ================ Scan system memory ========================
17:20:23.0852 0x1644 System memory - ok
17:20:23.0853 0x1644 ================ Scan services =============================
17:20:23.0882 0x1644 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:20:23.0934 0x1644 1394ohci - ok
17:20:23.0954 0x1644 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:20:23.0972 0x1644 ACPI - ok
17:20:23.0975 0x1644 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:20:24.0000 0x1644 AcpiPmi - ok
17:20:24.0006 0x1644 [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:20:24.0015 0x1644 AdobeARMservice - ok
17:20:24.0030 0x1644 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:20:24.0051 0x1644 adp94xx - ok
17:20:24.0063 0x1644 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:20:24.0080 0x1644 adpahci - ok
17:20:24.0087 0x1644 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:20:24.0102 0x1644 adpu320 - ok
17:20:24.0108 0x1644 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:20:24.0168 0x1644 AeLookupSvc - ok
17:20:24.0184 0x1644 [ D5B031C308A409A0A576BFF4CF083D30, 081FCB53C65BC48093AEA5B067757F04C5C92F920D32A4DF01DD1DFF6B2FB20D ] AFD C:\Windows\system32\drivers\afd.sys
17:20:24.0213 0x1644 AFD - ok
17:20:24.0217 0x1644 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:20:24.0228 0x1644 agp440 - ok
17:20:24.0234 0x1644 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:20:24.0254 0x1644 ALG - ok
17:20:24.0257 0x1644 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:20:24.0267 0x1644 aliide - ok
17:20:24.0270 0x1644 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:20:24.0279 0x1644 amdide - ok
17:20:24.0284 0x1644 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:20:24.0299 0x1644 AmdK8 - ok
17:20:24.0303 0x1644 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:20:24.0317 0x1644 AmdPPM - ok
17:20:24.0322 0x1644 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:20:24.0334 0x1644 amdsata - ok
17:20:24.0342 0x1644 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:20:24.0356 0x1644 amdsbs - ok
17:20:24.0360 0x1644 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:20:24.0370 0x1644 amdxata - ok
17:20:24.0374 0x1644 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:20:24.0439 0x1644 AppID - ok
17:20:24.0442 0x1644 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:20:24.0472 0x1644 AppIDSvc - ok
17:20:24.0477 0x1644 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
17:20:24.0507 0x1644 Appinfo - ok
17:20:24.0512 0x1644 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:20:24.0523 0x1644 arc - ok
17:20:24.0530 0x1644 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:20:24.0541 0x1644 arcsas - ok
17:20:24.0545 0x1644 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:20:24.0576 0x1644 AsyncMac - ok
17:20:24.0580 0x1644 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:20:24.0588 0x1644 atapi - ok
17:20:24.0607 0x1644 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:20:24.0657 0x1644 AudioEndpointBuilder - ok
17:20:24.0676 0x1644 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:20:24.0722 0x1644 AudioSrv - ok
17:20:24.0763 0x1644 [ CCF9DED019BAD2701F39A140FC4D6C44, 15D37FF46C1C318FB3DB24B63FF944D0066510EF35753554F274841A7AC91BCC ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
17:20:24.0827 0x1644 avc3 - ok
17:20:24.0840 0x1644 [ 3FC014DABD685F8958C89EAA35D77368, 3AF839E799E84D827FF841FFEEB9EBCE39E1491F47C4E37BE3F2BF30EAD05A48 ] avchv C:\Windows\system32\DRIVERS\avchv.sys
17:20:24.0860 0x1644 avchv - ok
17:20:24.0881 0x1644 [ 4D3ADB9A6B623D332F0D0ED39613BB04, 38EB4D920BB6C43A88C67BE750D0525033F8378DFF1EE542E33CDC0000568D59 ] avckf C:\Windows\system32\DRIVERS\avckf.sys
17:20:24.0908 0x1644 avckf - ok
17:20:24.0914 0x1644 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:20:24.0943 0x1644 AxInstSV - ok
17:20:24.0958 0x1644 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:20:24.0984 0x1644 b06bdrv - ok
17:20:24.0994 0x1644 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:20:25.0014 0x1644 b57nd60a - ok
17:20:25.0031 0x1644 [ FA312E63A13E47722BE97C2A5ACFF3B2, B5198A1AF0C02691F250BEEE5CCEBE1A59079C65F944D77C7E0389EA7E131BEB ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
17:20:25.0047 0x1644 BdDesktopParental - ok
17:20:25.0054 0x1644 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:20:25.0069 0x1644 BDESVC - ok
17:20:25.0075 0x1644 [ 9A9A632AA25D4B33BFA9D3202DEA0E87, 438FFDD092197BAFE86609D545E9218103F1BE25A49BF30C62E546BE3360C2CA ] BdfNdisf c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys
17:20:25.0089 0x1644 BdfNdisf - ok
17:20:25.0093 0x1644 [ EC80614A72BC7039D2B22E3DD6C15895, 932260AB126523428B884034162E3619E1B7FA13720F830783B592AAE825AC86 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
17:20:25.0107 0x1644 bdfwfpf - ok
17:20:25.0113 0x1644 [ C0247341C1BCD7FF2742821D0AD7AFBC, EC2B246F3233302DB540394AC0F11F294CA16FB9E44110126CC9807BAC20EA35 ] bdfwfpf_pc C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys
17:20:25.0129 0x1644 bdfwfpf_pc - ok
17:20:25.0132 0x1644 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:20:25.0163 0x1644 Beep - ok
17:20:25.0185 0x1644 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:20:25.0218 0x1644 BFE - ok
17:20:25.0241 0x1644 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:20:25.0296 0x1644 BITS - ok
17:20:25.0300 0x1644 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:20:25.0314 0x1644 blbdrive - ok
17:20:25.0344 0x1644 [ 093B1B419EF25B15D3A1CA6953F41AFB, 52B7AD47CE65BEA723ED361E67781E237EE85D71D8233BF965F69B1C6353ADE4 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:20:25.0858 0x1644 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic ( 1 )
17:20:28.0262 0x1644 Detect skipped due to KSN trusted
17:20:28.0262 0x1644 Bluetooth Device Monitor - ok
17:20:28.0295 0x1644 [ 03A7341E94ACD92E0831336D4F3ACE92, B7BF8B549F2E1508E13568A735C20E799751143DE7D58728100E0EB527D39AC6 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
17:20:28.0664 0x1644 Bluetooth Media Service - detected UnsignedFile.Multi.Generic ( 1 )
17:20:31.0088 0x1644 Detect skipped due to KSN trusted
17:20:31.0088 0x1644 Bluetooth Media Service - ok
17:20:31.0114 0x1644 [ A2EBF384ED105FED7D05C5465500EF2E, 07D38237B295D87FB3E2A3744B6AA9F8D0529FC0DE64B39A6B7ACC63803BB401 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:20:31.0447 0x1644 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic ( 1 )
17:20:33.0868 0x1644 Detect skipped due to KSN trusted
17:20:33.0868 0x1644 Bluetooth OBEX Service - ok
17:20:33.0873 0x1644 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:20:33.0889 0x1644 bowser - ok
17:20:33.0893 0x1644 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:20:33.0908 0x1644 BrFiltLo - ok
17:20:33.0912 0x1644 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:20:33.0929 0x1644 BrFiltUp - ok
17:20:33.0935 0x1644 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser C:\Windows\System32\browser.dll
17:20:33.0974 0x1644 Browser - ok
17:20:33.0985 0x1644 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:20:34.0008 0x1644 Brserid - ok
17:20:34.0012 0x1644 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:20:34.0028 0x1644 BrSerWdm - ok
17:20:34.0031 0x1644 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:20:34.0044 0x1644 BrUsbMdm - ok
17:20:34.0048 0x1644 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:20:34.0060 0x1644 BrUsbSer - ok
17:20:34.0064 0x1644 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:20:34.0077 0x1644 BthEnum - ok
17:20:34.0082 0x1644 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:20:34.0100 0x1644 BTHMODEM - ok
17:20:34.0105 0x1644 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:20:34.0130 0x1644 BthPan - ok
17:20:34.0146 0x1644 [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:20:34.0174 0x1644 BTHPORT - ok
17:20:34.0179 0x1644 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:20:34.0211 0x1644 bthserv - ok
17:20:34.0215 0x1644 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:20:34.0230 0x1644 BTHUSB - ok
17:20:34.0234 0x1644 [ 16C1BAC9760C9FA85A30F3FA0FBB1B7A, 0A965D032CF7CCB7297A919D1554433CB57BF3D555B7A002E7A1059BE8AE74A0 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
17:20:34.0248 0x1644 btmaux - ok
17:20:34.0258 0x1644 [ 0C468D8DA95BE16BFDD380BB9DE88259, 954351C4F12C9C8A38A95ABE6315760EE2E833E207A7171E8C627A74D7C78608 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
17:20:34.0282 0x1644 btmhsf - ok
17:20:34.0288 0x1644 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:20:34.0320 0x1644 cdfs - ok
17:20:34.0327 0x1644 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:20:34.0342 0x1644 cdrom - ok
17:20:34.0349 0x1644 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:20:34.0380 0x1644 CertPropSvc - ok
17:20:34.0384 0x1644 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:20:34.0399 0x1644 circlass - ok
17:20:34.0411 0x1644 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:20:34.0428 0x1644 CLFS - ok
17:20:34.0439 0x1644 [ 524DC3807CB1746225F9D26ADD19C319, DC23392E8C542B02860BA1F57F03AD08A58B256D155CC6B81A48691A79D3A3F6 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
17:20:34.0475 0x1644 CLKMSVC10_38F51D56 - ok
17:20:34.0484 0x1644 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:20:34.0494 0x1644 clr_optimization_v2.0.50727_32 - ok
17:20:34.0500 0x1644 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:20:34.0511 0x1644 clr_optimization_v2.0.50727_64 - ok
17:20:34.0520 0x1644 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:20:34.0531 0x1644 clr_optimization_v4.0.30319_32 - ok
17:20:34.0539 0x1644 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:20:34.0550 0x1644 clr_optimization_v4.0.30319_64 - ok
17:20:34.0554 0x1644 [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:20:34.0565 0x1644 clwvd - ok
17:20:34.0568 0x1644 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:20:34.0580 0x1644 CmBatt - ok
17:20:34.0583 0x1644 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:20:34.0593 0x1644 cmdide - ok
17:20:34.0608 0x1644 [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG C:\Windows\system32\Drivers\cng.sys
17:20:34.0633 0x1644 CNG - ok
17:20:34.0637 0x1644 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:20:34.0646 0x1644 Compbatt - ok
17:20:34.0649 0x1644 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:20:34.0664 0x1644 CompositeBus - ok
17:20:34.0667 0x1644 COMSysApp - ok
17:20:34.0671 0x1644 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:20:34.0682 0x1644 crcdisk - ok
17:20:34.0691 0x1644 [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:20:34.0724 0x1644 CryptSvc - ok
17:20:34.0730 0x1644 [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
17:20:34.0748 0x1644 CyberLink PowerDVD 10 MS Monitor Service - ok
17:20:34.0757 0x1644 [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
17:20:34.0778 0x1644 CyberLink PowerDVD 10 MS Service - ok
17:20:34.0795 0x1644 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:20:34.0840 0x1644 DcomLaunch - ok
17:20:34.0850 0x1644 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:20:34.0889 0x1644 defragsvc - ok
17:20:34.0894 0x1644 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:20:34.0925 0x1644 DfsC - ok
17:20:34.0936 0x1644 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:20:34.0974 0x1644 Dhcp - ok
17:20:34.0979 0x1644 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:20:35.0009 0x1644 discache - ok
17:20:35.0014 0x1644 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:20:35.0025 0x1644 Disk - ok
17:20:35.0032 0x1644 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:20:35.0050 0x1644 Dnscache - ok
17:20:35.0061 0x1644 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:20:35.0102 0x1644 dot3svc - ok
17:20:35.0109 0x1644 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:20:35.0144 0x1644 DPS - ok
17:20:35.0148 0x1644 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:20:35.0162 0x1644 drmkaud - ok
17:20:35.0188 0x1644 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:20:35.0217 0x1644 DXGKrnl - ok
17:20:35.0224 0x1644 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:20:35.0254 0x1644 EapHost - ok
17:20:35.0333 0x1644 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:20:35.0445 0x1644 ebdrv - ok
17:20:35.0451 0x1644 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
17:20:35.0464 0x1644 EFS - ok
17:20:35.0485 0x1644 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:20:35.0521 0x1644 ehRecvr - ok
17:20:35.0527 0x1644 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:20:35.0543 0x1644 ehSched - ok
17:20:35.0559 0x1644 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:20:35.0581 0x1644 elxstor - ok
17:20:35.0584 0x1644 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:20:35.0597 0x1644 ErrDev - ok
17:20:35.0612 0x1644 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:20:35.0653 0x1644 EventSystem - ok
17:20:35.0693 0x1644 [ 54FC81B0162478A72A93DBBEAFB35671, 1C0FA242E81105E2BB839ED32119DAF012FA4A3DB5D0E079350449CBB0CBF033 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:20:35.0741 0x1644 EvtEng - ok
17:20:35.0749 0x1644 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:20:35.0784 0x1644 exfat - ok
17:20:35.0792 0x1644 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:20:35.0829 0x1644 fastfat - ok
17:20:35.0850 0x1644 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:20:35.0883 0x1644 Fax - ok
17:20:35.0888 0x1644 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:20:35.0902 0x1644 fdc - ok
17:20:35.0906 0x1644 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:20:35.0940 0x1644 fdPHost - ok
17:20:35.0944 0x1644 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:20:35.0979 0x1644 FDResPub - ok
17:20:35.0984 0x1644 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:20:35.0994 0x1644 FileInfo - ok
17:20:35.0999 0x1644 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:20:36.0029 0x1644 Filetrace - ok
17:20:36.0033 0x1644 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:20:36.0045 0x1644 flpydisk - ok
17:20:36.0055 0x1644 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:20:36.0071 0x1644 FltMgr - ok
17:20:36.0100 0x1644 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
17:20:36.0144 0x1644 FontCache - ok
17:20:36.0150 0x1644 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:20:36.0161 0x1644 FontCache3.0.0.0 - ok
17:20:36.0165 0x1644 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:20:36.0175 0x1644 FsDepends - ok
17:20:36.0179 0x1644 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:20:36.0188 0x1644 Fs_Rec - ok
17:20:36.0196 0x1644 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:20:36.0213 0x1644 fvevol - ok
17:20:36.0218 0x1644 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:20:36.0229 0x1644 gagp30kx - ok
17:20:36.0250 0x1644 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:20:36.0302 0x1644 gpsvc - ok
17:20:36.0309 0x1644 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:36.0320 0x1644 gupdate - ok
17:20:36.0326 0x1644 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:20:36.0336 0x1644 gupdatem - ok
17:20:36.0343 0x1644 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:20:36.0357 0x1644 gusvc - ok
17:20:36.0364 0x1644 [ 06BFA49C4D999E93E214DB4E8044DE0B, 5E339A2A6858AA59F8B0879AB4CB87DBC6622322259CB612594552DDE831ACD0 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
17:20:36.0378 0x1644 gzflt - ok
17:20:36.0382 0x1644 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:20:36.0396 0x1644 hcw85cir - ok
17:20:36.0407 0x1644 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:20:36.0430 0x1644 HdAudAddService - ok
17:20:36.0436 0x1644 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:20:36.0452 0x1644 HDAudBus - ok
17:20:36.0456 0x1644 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:20:36.0469 0x1644 HidBatt - ok
17:20:36.0475 0x1644 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:20:36.0492 0x1644 HidBth - ok
17:20:36.0496 0x1644 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:20:36.0511 0x1644 HidIr - ok
17:20:36.0515 0x1644 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:20:36.0545 0x1644 hidserv - ok
17:20:36.0550 0x1644 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:20:36.0562 0x1644 HidUsb - ok
17:20:36.0566 0x1644 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:20:36.0598 0x1644 hkmsvc - ok
17:20:36.0607 0x1644 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:20:36.0627 0x1644 HomeGroupListener - ok
17:20:36.0634 0x1644 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:20:36.0653 0x1644 HomeGroupProvider - ok
17:20:36.0657 0x1644 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:20:36.0668 0x1644 HpSAMD - ok
17:20:36.0690 0x1644 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:20:36.0742 0x1644 HTTP - ok
17:20:36.0745 0x1644 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:20:36.0754 0x1644 hwpolicy - ok
17:20:36.0760 0x1644 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:20:36.0774 0x1644 i8042prt - ok
17:20:36.0793 0x1644 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:20:36.0811 0x1644 iaStor - ok
17:20:36.0817 0x1644 [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:20:36.0828 0x1644 IAStorDataMgrSvc - ok
17:20:36.0841 0x1644 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:20:36.0860 0x1644 iaStorV - ok
17:20:36.0865 0x1644 [ FC85972037815FA7B413E790B426ACB2, 284B761EBDA0A020995479A7C483067A4EC2E59FB9A0C8F1A9F7DE7EF6B468E4 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
17:20:36.0881 0x1644 iBtFltCoex - ok
17:20:36.0907 0x1644 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:20:36.0941 0x1644 idsvc - ok
17:20:37.0075 0x1644 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:20:37.0260 0x1644 igfx - ok
17:20:37.0270 0x1644 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:20:37.0280 0x1644 iirsp - ok
17:20:37.0303 0x1644 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
17:20:37.0357 0x1644 IKEEXT - ok
17:20:37.0425 0x1644 [ C7124DA48E557D8F88D0D7F1254557F4, 300BC8ACB5CCB15F80ECAEAD27F12925EE94C84FE8110143A3E0F30E19DDA87B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:20:37.0498 0x1644 IntcAzAudAddService - ok
17:20:37.0503 0x1644 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:20:37.0513 0x1644 intelide - ok
17:20:37.0518 0x1644 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
17:20:37.0531 0x1644 intelppm - ok
17:20:37.0536 0x1644 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:20:37.0569 0x1644 IPBusEnum - ok
17:20:37.0574 0x1644 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:20:37.0604 0x1644 IpFilterDriver - ok
17:20:37.0621 0x1644 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:20:37.0667 0x1644 iphlpsvc - ok
17:20:37.0672 0x1644 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:20:37.0687 0x1644 IPMIDRV - ok
17:20:37.0693 0x1644 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:20:37.0727 0x1644 IPNAT - ok
17:20:37.0730 0x1644 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:20:37.0747 0x1644 IRENUM - ok
17:20:37.0750 0x1644 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:20:37.0760 0x1644 isapnp - ok
17:20:37.0770 0x1644 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:20:37.0787 0x1644 iScsiPrt - ok
17:20:37.0791 0x1644 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:20:37.0800 0x1644 kbdclass - ok
17:20:37.0805 0x1644 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:20:37.0817 0x1644 kbdhid - ok
17:20:37.0820 0x1644 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
17:20:37.0833 0x1644 KeyIso - ok
17:20:37.0838 0x1644 [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:20:37.0849 0x1644 KSecDD - ok
17:20:37.0856 0x1644 [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:20:37.0869 0x1644 KSecPkg - ok
17:20:37.0872 0x1644 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:20:37.0902 0x1644 ksthunk - ok
17:20:37.0915 0x1644 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:20:37.0955 0x1644 KtmRm - ok
17:20:37.0968 0x1644 [ CE4347E2D90DB2E5517B6F2BC720A862, C5E1E1BDE4C2375639416B173E1035F709BE710C50812789D8BC75E0F7E2AE75 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
17:20:37.0988 0x1644 LADF_CaptureOnly - ok
17:20:38.0000 0x1644 [ 85A9D21D3AE2EA963E111CB150895877, 3ACB75028E86C0842814FF84D8A31D38B6D8060C86004F9B6410691EE1F0D153 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
17:20:38.0018 0x1644 LADF_RenderOnly - ok
17:20:38.0026 0x1644 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:20:38.0063 0x1644 LanmanServer - ok
17:20:38.0069 0x1644 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:20:38.0102 0x1644 LanmanWorkstation - ok
17:20:38.0108 0x1644 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
17:20:38.0119 0x1644 LGBusEnum - ok
17:20:38.0125 0x1644 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
17:20:38.0149 0x1644 LGJoyXlCore - ok
17:20:38.0153 0x1644 [ 07B1C1927BAE6431D3DFB1816DF05BBA, 9B296F6E801D14CE89F5E3EA9B3962EE99E1D3E22077D075F5B0EE4FE3CAB65E ] lgLowAudio C:\Windows\system32\drivers\lgLowAudio.sys
17:20:38.0168 0x1644 lgLowAudio - ok
17:20:38.0171 0x1644 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
17:20:38.0180 0x1644 LGVirHid - ok
17:20:38.0184 0x1644 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:20:38.0214 0x1644 lltdio - ok
17:20:38.0225 0x1644 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:20:38.0263 0x1644 lltdsvc - ok
17:20:38.0267 0x1644 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:20:38.0297 0x1644 lmhosts - ok
17:20:38.0303 0x1644 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:20:38.0316 0x1644 LSI_FC - ok
17:20:38.0321 0x1644 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:20:38.0332 0x1644 LSI_SAS - ok
17:20:38.0337 0x1644 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:20:38.0348 0x1644 LSI_SAS2 - ok
17:20:38.0353 0x1644 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:20:38.0366 0x1644 LSI_SCSI - ok
17:20:38.0371 0x1644 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:20:38.0404 0x1644 luafv - ok
17:20:38.0515 0x1644 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
17:20:38.0629 0x1644 LVUVC64 - ok
17:20:38.0639 0x1644 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:20:38.0654 0x1644 Mcx2Svc - ok
17:20:38.0658 0x1644 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:20:38.0668 0x1644 megasas - ok
17:20:38.0678 0x1644 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:20:38.0694 0x1644 MegaSR - ok
17:20:38.0699 0x1644 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
17:20:38.0711 0x1644 MEIx64 - ok
17:20:38.0716 0x1644 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
17:20:38.0727 0x1644 MemeoBackgroundService - ok
17:20:38.0734 0x1644 [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM C:\Program Files (x86)\System Control Manager\MSIService.exe
17:20:38.0757 0x1644 Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 )
17:20:41.0152 0x1644 Detect skipped due to KSN trusted
17:20:41.0152 0x1644 Micro Star SCM - ok
17:20:41.0157 0x1644 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:20:41.0190 0x1644 MMCSS - ok
17:20:41.0194 0x1644 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:20:41.0225 0x1644 Modem - ok
17:20:41.0229 0x1644 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:20:41.0242 0x1644 monitor - ok
17:20:41.0247 0x1644 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:20:41.0257 0x1644 mouclass - ok
17:20:41.0260 0x1644 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:20:41.0272 0x1644 mouhid - ok
17:20:41.0277 0x1644 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:20:41.0289 0x1644 mountmgr - ok
17:20:41.0296 0x1644 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:20:41.0309 0x1644 mpio - ok
17:20:41.0315 0x1644 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:20:41.0346 0x1644 mpsdrv - ok
17:20:41.0370 0x1644 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:20:41.0423 0x1644 MpsSvc - ok
17:20:41.0430 0x1644 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:20:41.0450 0x1644 MRxDAV - ok
17:20:41.0457 0x1644 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:20:41.0474 0x1644 mrxsmb - ok
17:20:41.0486 0x1644 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:20:41.0505 0x1644 mrxsmb10 - ok
17:20:41.0511 0x1644 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:20:41.0527 0x1644 mrxsmb20 - ok
17:20:41.0531 0x1644 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:20:41.0541 0x1644 msahci - ok
17:20:41.0547 0x1644 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:20:41.0560 0x1644 msdsm - ok
17:20:41.0567 0x1644 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:20:41.0584 0x1644 MSDTC - ok
17:20:41.0590 0x1644 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:20:41.0619 0x1644 Msfs - ok
17:20:41.0622 0x1644 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:20:41.0651 0x1644 mshidkmdf - ok
17:20:41.0655 0x1644 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:20:41.0664 0x1644 msisadrv - ok
17:20:41.0671 0x1644 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:20:41.0705 0x1644 MSiSCSI - ok
17:20:41.0707 0x1644 msiserver - ok
17:20:41.0711 0x1644 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:20:41.0740 0x1644 MSKSSRV - ok
17:20:41.0744 0x1644 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:20:41.0773 0x1644 MSPCLOCK - ok
17:20:41.0776 0x1644 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:20:41.0805 0x1644 MSPQM - ok
17:20:41.0817 0x1644 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:20:41.0835 0x1644 MsRPC - ok
17:20:41.0840 0x1644 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:20:41.0849 0x1644 mssmbios - ok
17:20:41.0852 0x1644 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:20:41.0884 0x1644 MSTEE - ok
17:20:41.0889 0x1644 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:20:41.0903 0x1644 MTConfig - ok
17:20:41.0907 0x1644 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:20:41.0918 0x1644 Mup - ok
17:20:41.0932 0x1644 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0, 165EE2AB6F989E8D48AA52121B608510E932106835DA43071CC6476630C012FE ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:20:41.0961 0x1644 MyWiFiDHCPDNS - ok
17:20:41.0979 0x1644 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:20:42.0030 0x1644 napagent - ok
17:20:42.0041 0x1644 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:20:42.0071 0x1644 NativeWifiP - ok
17:20:42.0097 0x1644 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:20:42.0132 0x1644 NDIS - ok
17:20:42.0137 0x1644 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:20:42.0169 0x1644 NdisCap - ok
17:20:42.0173 0x1644 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:20:42.0203 0x1644 NdisTapi - ok
17:20:42.0208 0x1644 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:20:42.0239 0x1644 Ndisuio - ok
17:20:42.0247 0x1644 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:20:42.0281 0x1644 NdisWan - ok
17:20:42.0285 0x1644 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:20:42.0315 0x1644 NDProxy - ok
17:20:42.0320 0x1644 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:20:42.0351 0x1644 NetBIOS - ok
17:20:42.0360 0x1644 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:20:42.0395 0x1644 NetBT - ok
17:20:42.0399 0x1644 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
17:20:42.0412 0x1644 Netlogon - ok
17:20:42.0424 0x1644 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:20:42.0465 0x1644 Netman - ok
17:20:42.0480 0x1644 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:20:42.0522 0x1644 netprofm - ok
17:20:42.0527 0x1644 [ 310634856E31D9FBE06BFE20A5DC21F7, 561FE1500351BECC8E0DDB10153526F78F489AFD65A15DD3A11A45A3281A0AC9 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:20:42.0540 0x1644 NetTcpPortSharing - ok
17:20:42.0727 0x1644 [ AC69618DE5BCCE8747C9AB0AAE1003C1, D975963FA338AB58684BE0556633F3A846D5360FAD1A5E11BB7A273474DFB64D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:20:42.0984 0x1644 NETwNs64 - ok
17:20:42.0996 0x1644 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:20:43.0007 0x1644 nfrd960 - ok
17:20:43.0017 0x1644 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:20:43.0054 0x1644 NlaSvc - ok
17:20:43.0059 0x1644 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:20:43.0090 0x1644 Npfs - ok
17:20:43.0094 0x1644 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:20:43.0124 0x1644 nsi - ok
17:20:43.0127 0x1644 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:20:43.0157 0x1644 nsiproxy - ok
17:20:43.0197 0x1644 [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:20:43.0248 0x1644 Ntfs - ok
17:20:43.0252 0x1644 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:20:43.0282 0x1644 Null - ok
17:20:43.0287 0x1644 [ 285ACEC1B13A15BA520AAE06BACB9CFF, A6F576763818D4EAB2CDA3857F2963F61FDA67D7B581C52E1EB1DDB32FD642C3 ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
17:20:43.0300 0x1644 nusb3hub - ok
17:20:43.0308 0x1644 [ F6D625FF7B56BB6EA063F0D3A5BBC996, 830196E96C120367BDA8C0EC9D7B85A642D41E8108189B1A72193299A6C005B1 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
17:20:43.0323 0x1644 nusb3xhc - ok
17:20:43.0336 0x1644 [ A85B4F2EF3A7304A5399EF0526423040, E45854691BA6AE36E53C2922CC93FF13DC2D84CBE7FE13A2F0B1CE1C16D1D158 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
17:20:43.0359 0x1644 NVENETFD - ok
17:20:43.0367 0x1644 [ 960E39A54E525DF58CB29193147DFFA1, E4620FD0E1E76FA9EBE9C641517D22B82458B62998711C74CA4FC60D55678582 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:20:43.0382 0x1644 NVHDA - ok
17:20:43.0667 0x1644 [ 9D0FE265EE77296E072BFCB3A2B99DA5, F5CB5EC410FDAE7E612078F5DCDB928174A194E5AACA55CA544DBE8CEBD694B6 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:20:43.0949 0x1644 nvlddmkm - ok
17:20:43.0969 0x1644 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:20:43.0982 0x1644 nvraid - ok
17:20:43.0989 0x1644 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:20:44.0002 0x1644 nvstor - ok
17:20:44.0028 0x1644 [ 074F4B8E6CA3DA78B75A7BD7344E57EA, 32D91F4817FD9CBB81DCC5761118D8154A6E6C11C9F6C973A194FEF84396FCB4 ] NVSvc C:\Windows\system32\nvvsvc.exe
17:20:44.0063 0x1644 NVSvc - ok
17:20:44.0069 0x1644 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:20:44.0082 0x1644 nv_agp - ok
17:20:44.0086 0x1644 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:20:44.0100 0x1644 ohci1394 - ok
17:20:44.0111 0x1644 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:20:44.0134 0x1644 p2pimsvc - ok
17:20:44.0148 0x1644 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:20:44.0172 0x1644 p2psvc - ok
17:20:44.0178 0x1644 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:20:44.0192 0x1644 Parport - ok
17:20:44.0199 0x1644 [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:20:44.0209 0x1644 partmgr - ok
17:20:44.0221 0x1644 [ 9665402B7FA59302D520AD845DDFC026, 7FFE81F5402005FBD947A7440C12A206C58F3FDAE33F3E96987C334057CDB79E ] Partner Service C:\ProgramData\Partner\Partner.exe
17:20:44.0290 0x1644 Partner Service - ok
17:20:44.0298 0x1644 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:20:44.0320 0x1644 PcaSvc - ok
17:20:44.0328 0x1644 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:20:44.0344 0x1644 pci - ok
17:20:44.0347 0x1644 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:20:44.0356 0x1644 pciide - ok
17:20:44.0364 0x1644 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:20:44.0379 0x1644 pcmcia - ok
17:20:44.0383 0x1644 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:20:44.0394 0x1644 pcw - ok
17:20:44.0412 0x1644 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:20:44.0467 0x1644 PEAUTH - ok
17:20:44.0484 0x1644 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:20:44.0496 0x1644 PerfHost - ok
17:20:44.0534 0x1644 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:20:44.0612 0x1644 pla - ok
17:20:44.0626 0x1644 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:20:44.0653 0x1644 PlugPlay - ok
17:20:44.0657 0x1644 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:20:44.0672 0x1644 PNRPAutoReg - ok
17:20:44.0684 0x1644 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:20:44.0709 0x1644 PNRPsvc - ok
17:20:44.0726 0x1644 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:20:44.0776 0x1644 PolicyAgent - ok
17:20:44.0787 0x1644 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:20:44.0824 0x1644 Power - ok
17:20:44.0830 0x1644 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:20:44.0871 0x1644 PptpMiniport - ok
17:20:44.0876 0x1644 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:20:44.0890 0x1644 Processor - ok
17:20:44.0898 0x1644 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll
17:20:44.0934 0x1644 ProfSvc - ok
17:20:44.0938 0x1644 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:20:44.0951 0x1644 ProtectedStorage - ok
17:20:44.0957 0x1644 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:20:44.0993 0x1644 Psched - ok
17:20:45.0035 0x1644 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:20:45.0083 0x1644 ql2300 - ok
17:20:45.0090 0x1644 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:20:45.0104 0x1644 ql40xx - ok
17:20:45.0113 0x1644 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:20:45.0136 0x1644 QWAVE - ok
17:20:45.0140 0x1644 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:20:45.0157 0x1644 QWAVEdrv - ok
17:20:45.0160 0x1644 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:20:45.0192 0x1644 RasAcd - ok
17:20:45.0198 0x1644 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:20:45.0230 0x1644 RasAgileVpn - ok
17:20:45.0236 0x1644 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:20:45.0272 0x1644 RasAuto - ok
17:20:45.0278 0x1644 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:20:45.0319 0x1644 Rasl2tp - ok
17:20:45.0333 0x1644 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:20:45.0373 0x1644 RasMan - ok
17:20:45.0379 0x1644 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:20:45.0419 0x1644 RasPppoe - ok
17:20:45.0427 0x1644 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:20:45.0464 0x1644 RasSstp - ok
17:20:45.0477 0x1644 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:20:45.0516 0x1644 rdbss - ok
17:20:45.0520 0x1644 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:20:45.0535 0x1644 rdpbus - ok
17:20:45.0538 0x1644 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:20:45.0569 0x1644 RDPCDD - ok
17:20:45.0574 0x1644 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:20:45.0604 0x1644 RDPENCDD - ok
17:20:45.0608 0x1644 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:20:45.0638 0x1644 RDPREFMP - ok
17:20:45.0648 0x1644 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:20:45.0668 0x1644 RDPWD - ok
17:20:45.0676 0x1644 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:20:45.0691 0x1644 rdyboost - ok
17:20:45.0718 0x1644 [ A436F5E7D80BBDBB0826D0F176D5BEA8, 7862CE61F182C7613E34415C01AC1C228F79A45470CFD1D316DF2BD24EE09E3C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:20:45.0752 0x1644 RegSrvc - ok
17:20:45.0759 0x1644 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:20:45.0793 0x1644 RemoteAccess - ok
17:20:45.0801 0x1644 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:20:45.0841 0x1644 RemoteRegistry - ok
17:20:45.0849 0x1644 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:20:45.0870 0x1644 RFCOMM - ok
17:20:45.0884 0x1644 [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
17:20:45.0901 0x1644 RichVideo64 - ok
17:20:45.0907 0x1644 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:20:45.0946 0x1644 RpcEptMapper - ok
17:20:45.0951 0x1644 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:20:45.0966 0x1644 RpcLocator - ok
17:20:45.0982 0x1644 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:20:46.0022 0x1644 RpcSs - ok
17:20:46.0027 0x1644 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:20:46.0059 0x1644 rspndr - ok
17:20:46.0070 0x1644 [ E54A5586A28D0630A79A68BBAB84BFCF, F6FBF1E4C64351CEB205DDCD17C35EA26439E98F3528F96AE326959A7C26B488 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
17:20:46.0085 0x1644 RSUSBVSTOR - ok
17:20:46.0096 0x1644 [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:20:46.0115 0x1644 RTL8167 - ok
17:20:46.0137 0x1644 [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
17:20:46.0172 0x1644 RTL8192su - ok
17:20:46.0176 0x1644 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
17:20:46.0189 0x1644 SamSs - ok
17:20:46.0195 0x1644 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:20:46.0207 0x1644 sbp2port - ok
17:20:46.0215 0x1644 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:20:46.0253 0x1644 SCardSvr - ok
17:20:46.0258 0x1644 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:20:46.0291 0x1644 scfilter - ok
17:20:46.0322 0x1644 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:20:46.0390 0x1644 Schedule - ok
17:20:46.0396 0x1644 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:20:46.0425 0x1644 SCPolicySvc - ok
17:20:46.0433 0x1644 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:20:46.0451 0x1644 SDRSVC - ok
17:20:46.0455 0x1644 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:20:46.0487 0x1644 secdrv - ok
17:20:46.0491 0x1644 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:20:46.0521 0x1644 seclogon - ok
17:20:46.0526 0x1644 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:20:46.0559 0x1644 SENS - ok
17:20:46.0563 0x1644 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:20:46.0578 0x1644 SensrSvc - ok
17:20:46.0581 0x1644 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:20:46.0594 0x1644 Serenum - ok
17:20:46.0599 0x1644 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
17:20:46.0614 0x1644 Serial - ok
17:20:46.0618 0x1644 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:20:46.0630 0x1644 sermouse - ok
17:20:46.0639 0x1644 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:20:46.0672 0x1644 SessionEnv - ok
17:20:46.0676 0x1644 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:20:46.0690 0x1644 sffdisk - ok
17:20:46.0693 0x1644 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:20:46.0707 0x1644 sffp_mmc - ok
17:20:46.0710 0x1644 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:20:46.0725 0x1644 sffp_sd - ok
17:20:46.0729 0x1644 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:20:46.0741 0x1644 sfloppy - ok
17:20:46.0752 0x1644 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:20:46.0795 0x1644 SharedAccess - ok
17:20:46.0808 0x1644 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:20:46.0853 0x1644 ShellHWDetection - ok
17:20:46.0858 0x1644 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:20:46.0868 0x1644 SiSRaid2 - ok
17:20:46.0873 0x1644 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:20:46.0885 0x1644 SiSRaid4 - ok
17:20:46.0895 0x1644 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:20:46.0916 0x1644 SkypeUpdate - ok
17:20:46.0922 0x1644 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:20:46.0956 0x1644 Smb - ok
17:20:46.0963 0x1644 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:20:46.0977 0x1644 SNMPTRAP - ok
17:20:46.0982 0x1644 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:20:46.0991 0x1644 spldr - ok
17:20:47.0009 0x1644 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
17:20:47.0052 0x1644 Spooler - ok
17:20:47.0133 0x1644 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:20:47.0260 0x1644 sppsvc - ok
17:20:47.0269 0x1644 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:20:47.0301 0x1644 sppuinotify - ok
17:20:47.0318 0x1644 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:20:47.0343 0x1644 srv - ok
17:20:47.0356 0x1644 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:20:47.0379 0x1644 srv2 - ok
17:20:47.0387 0x1644 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:20:47.0404 0x1644 srvnet - ok
17:20:47.0412 0x1644 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:20:47.0448 0x1644 SSDPSRV - ok
17:20:47.0453 0x1644 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:20:47.0487 0x1644 SstpSvc - ok
17:20:47.0491 0x1644 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:20:47.0501 0x1644 stexstor - ok
17:20:47.0519 0x1644 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:20:47.0554 0x1644 stisvc - ok
17:20:47.0558 0x1644 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
17:20:47.0567 0x1644 swenum - ok
17:20:47.0583 0x1644 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:20:47.0629 0x1644 swprv - ok
17:20:47.0666 0x1644 [ F4DB1D9E6A42D491F0F8E21854301C0B, 7B038121D85D7C147C2FA8D5D34BF44B8792E7CD6E468C9884A109A0B6C9E84A ] SynTP C:\Windows\system32\drivers\SynTP.sys
17:20:47.0709 0x1644 SynTP - ok
17:20:47.0752 0x1644 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:20:47.0820 0x1644 SysMain - ok
17:20:47.0826 0x1644 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:20:47.0845 0x1644 TabletInputService - ok
17:20:47.0855 0x1644 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:20:47.0893 0x1644 TapiSrv - ok
17:20:47.0898 0x1644 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:20:47.0931 0x1644 TBS - ok
17:20:47.0979 0x1644 [ FC62769E7BFF2896035AEED399108162, 82170042482E6D843F96D52AF6920F172B1D46D03456EF2E66C1D919EE0E3B46 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:20:48.0039 0x1644 Tcpip - ok
17:20:48.0087 0x1644 [ FC62769E7BFF2896035AEED399108162, 82170042482E6D843F96D52AF6920F172B1D46D03456EF2E66C1D919EE0E3B46 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:20:48.0138 0x1644 TCPIP6 - ok
17:20:48.0144 0x1644 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:20:48.0175 0x1644 tcpipreg - ok
17:20:48.0179 0x1644 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:20:48.0192 0x1644 TDPIPE - ok
17:20:48.0197 0x1644 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:20:48.0208 0x1644 TDTCP - ok
17:20:48.0213 0x1644 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:20:48.0245 0x1644 tdx - ok
17:20:48.0250 0x1644 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
17:20:48.0260 0x1644 TermDD - ok
17:20:48.0279 0x1644 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
17:20:48.0329 0x1644 TermService - ok
17:20:48.0334 0x1644 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:20:48.0352 0x1644 Themes - ok
17:20:48.0356 0x1644 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:20:48.0386 0x1644 THREADORDER - ok
17:20:48.0392 0x1644 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:20:48.0425 0x1644 TrkWks - ok
17:20:48.0441 0x1644 [ FE3D70DE933A481284FCE7D5DB5DCE50, A2A1C6AEED6417FCEE5990CD766B2A78D9037583B57617418242D98C031617F2 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
17:20:48.0463 0x1644 trufos - ok
17:20:48.0471 0x1644 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:20:48.0505 0x1644 TrustedInstaller - ok
17:20:48.0511 0x1644 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:20:48.0540 0x1644 tssecsrv - ok
17:20:48.0544 0x1644 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:20:48.0558 0x1644 TsUsbFlt - ok
17:20:48.0562 0x1644 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:20:48.0574 0x1644 TsUsbGD - ok
17:20:48.0580 0x1644 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:20:48.0611 0x1644 tunnel - ok
17:20:48.0616 0x1644 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:20:48.0627 0x1644 uagp35 - ok
17:20:48.0638 0x1644 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:20:48.0676 0x1644 udfs - ok
17:20:48.0684 0x1644 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:20:48.0698 0x1644 UI0Detect - ok
17:20:48.0702 0x1644 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:20:48.0713 0x1644 uliagpkx - ok
17:20:48.0717 0x1644 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:20:48.0730 0x1644 umbus - ok
17:20:48.0734 0x1644 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:20:48.0745 0x1644 UmPass - ok
17:20:48.0760 0x1644 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:20:48.0797 0x1644 UMVPFSrv - ok
17:20:48.0812 0x1644 [ 2B196F965F60E1DFC44DEE902B2883F1, E5C95928EE2FE821E66A84E98DACE3C8D1075BF30451661CDC27245BF30B3282 ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
17:20:48.0824 0x1644 UPDATESRV - ok
17:20:48.0836 0x1644 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:20:48.0878 0x1644 upnphost - ok
17:20:48.0885 0x1644 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:20:48.0903 0x1644 usbaudio - ok
17:20:48.0908 0x1644 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:20:48.0925 0x1644 usbccgp - ok
17:20:48.0931 0x1644 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:20:48.0948 0x1644 usbcir - ok
17:20:48.0953 0x1644 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:20:48.0967 0x1644 usbehci - ok
17:20:48.0979 0x1644 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:20:49.0000 0x1644 usbhub - ok
17:20:49.0003 0x1644 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:20:49.0014 0x1644 usbohci - ok
17:20:49.0019 0x1644 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:20:49.0033 0x1644 usbprint - ok
17:20:49.0038 0x1644 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:20:49.0054 0x1644 USBSTOR - ok
17:20:49.0057 0x1644 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:20:49.0069 0x1644 usbuhci - ok
17:20:49.0077 0x1644 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:20:49.0095 0x1644 usbvideo - ok
17:20:49.0099 0x1644 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:20:49.0129 0x1644 UxSms - ok
17:20:49.0133 0x1644 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
17:20:49.0145 0x1644 VaultSvc - ok
17:20:49.0150 0x1644 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:20:49.0159 0x1644 vdrvroot - ok
17:20:49.0175 0x1644 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:20:49.0223 0x1644 vds - ok
17:20:49.0228 0x1644 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:20:49.0242 0x1644 vga - ok
17:20:49.0246 0x1644 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:20:49.0276 0x1644 VgaSave - ok
17:20:49.0286 0x1644 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:20:49.0300 0x1644 vhdmp - ok
17:20:49.0304 0x1644 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:20:49.0316 0x1644 viaide - ok
17:20:49.0321 0x1644 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:20:49.0332 0x1644 volmgr - ok
17:20:49.0346 0x1644 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:20:49.0365 0x1644 volmgrx - ok
17:20:49.0376 0x1644 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:20:49.0391 0x1644 volsnap - ok
17:20:49.0398 0x1644 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:20:49.0414 0x1644 vsmraid - ok
17:20:49.0454 0x1644 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:20:49.0531 0x1644 VSS - ok
17:20:49.0572 0x1644 [ D898DB4EC3CA87E1A6A68E34E441184D, 82A77011299334AFA0279E8D5E8B86AD46608FB450C0848A0CE55D2FB153A369 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
17:20:49.0629 0x1644 VSSERV - ok
17:20:49.0636 0x1644 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:20:49.0651 0x1644 vwifibus - ok
17:20:49.0655 0x1644 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:20:49.0672 0x1644 vwififlt - ok
17:20:49.0676 0x1644 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:20:49.0690 0x1644 vwifimp - ok
17:20:49.0702 0x1644 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:20:49.0742 0x1644 W32Time - ok
17:20:49.0747 0x1644 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:20:49.0761 0x1644 WacomPen - ok
17:20:49.0767 0x1644 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:20:49.0808 0x1644 WANARP - ok
17:20:49.0812 0x1644 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:20:49.0847 0x1644 Wanarpv6 - ok
17:20:49.0888 0x1644 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:20:49.0946 0x1644 wbengine - ok
17:20:49.0957 0x1644 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:20:49.0979 0x1644 WbioSrvc - ok
17:20:49.0991 0x1644 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:20:50.0023 0x1644 wcncsvc - ok
17:20:50.0027 0x1644 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:20:50.0043 0x1644 WcsPlugInService - ok
17:20:50.0047 0x1644 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:20:50.0058 0x1644 Wd - ok
17:20:50.0078 0x1644 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:20:50.0108 0x1644 Wdf01000 - ok
17:20:50.0113 0x1644 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:20:50.0146 0x1644 WdiServiceHost - ok
17:20:50.0151 0x1644 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:20:50.0171 0x1644 WdiSystemHost - ok
17:20:50.0180 0x1644 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
17:20:50.0207 0x1644 WebClient - ok
17:20:50.0217 0x1644 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:20:50.0256 0x1644 Wecsvc - ok
17:20:50.0261 0x1644 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:20:50.0293 0x1644 wercplsupport - ok
17:20:50.0299 0x1644 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:20:50.0330 0x1644 WerSvc - ok
17:20:50.0335 0x1644 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:20:50.0366 0x1644 WfpLwf - ok
17:20:50.0370 0x1644 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:20:50.0380 0x1644 WIMMount - ok
17:20:50.0383 0x1644 WinDefend - ok
17:20:50.0387 0x1644 WinHttpAutoProxySvc - ok
17:20:50.0399 0x1644 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:20:50.0434 0x1644 Winmgmt - ok
17:20:50.0481 0x1644 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:20:50.0574 0x1644 WinRM - ok
17:20:50.0602 0x1644 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:20:50.0644 0x1644 Wlansvc - ok
17:20:50.0650 0x1644 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:20:50.0664 0x1644 wlcrasvc - ok
17:20:50.0721 0x1644 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:20:50.0783 0x1644 wlidsvc - ok
17:20:50.0790 0x1644 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:20:50.0802 0x1644 WmiAcpi - ok
17:20:50.0811 0x1644 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:20:50.0830 0x1644 wmiApSrv - ok
17:20:50.0832 0x1644 WMPNetworkSvc - ok
17:20:50.0836 0x1644 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:20:50.0852 0x1644 WPCSvc - ok
17:20:50.0859 0x1644 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:20:50.0882 0x1644 WPDBusEnum - ok
17:20:50.0887 0x1644 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:20:50.0919 0x1644 ws2ifsl - ok
17:20:50.0925 0x1644 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:20:50.0952 0x1644 wscsvc - ok
17:20:50.0960 0x1644 WSearch - ok
17:20:50.0973 0x1644 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
17:20:50.0995 0x1644 wsvd - ok
17:20:51.0055 0x1644 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
17:20:51.0131 0x1644 wuauserv - ok
17:20:51.0138 0x1644 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:20:51.0172 0x1644 WudfPf - ok
17:20:51.0180 0x1644 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:20:51.0214 0x1644 WUDFRd - ok
17:20:51.0220 0x1644 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:20:51.0253 0x1644 wudfsvc - ok
17:20:51.0261 0x1644 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:20:51.0286 0x1644 WwanSvc - ok
17:20:51.0292 0x1644 ================ Scan global ===============================
17:20:51.0296 0x1644 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:20:51.0305 0x1644 [ 72CC564BBC70DE268784BCE91EB8A28F, 73C7734DB8264C0A6051553D7B5CF404EB14FB409F30CF58EB3837AD70807A6F ] C:\Windows\system32\winsrv.dll
17:20:51.0319 0x1644 [ 72CC564BBC70DE268784BCE91EB8A28F, 73C7734DB8264C0A6051553D7B5CF404EB14FB409F30CF58EB3837AD70807A6F ] C:\Windows\system32\winsrv.dll
17:20:51.0326 0x1644 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:20:51.0340 0x1644 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:20:51.0349 0x1644 [ Global ] - ok
17:20:51.0349 0x1644 ================ Scan MBR ==================================
17:20:51.0351 0x1644 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
17:20:53.0394 0x1644 \Device\Harddisk0\DR0 - ok
17:20:53.0682 0x1644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:20:53.0809 0x1644 \Device\Harddisk1\DR1 - ok
17:20:53.0974 0x1644 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
17:20:54.0116 0x1644 \Device\Harddisk2\DR2 - ok
17:20:54.0116 0x1644 ================ Scan VBR ==================================
17:20:54.0118 0x1644 [ 2673A87C261D68DD464F20D00C741AAE ] \Device\Harddisk0\DR0\Partition1
17:20:54.0120 0x1644 \Device\Harddisk0\DR0\Partition1 - ok
17:20:54.0122 0x1644 [ C36920D41C187F82CDA9DA501C6C0E4A ] \Device\Harddisk0\DR0\Partition2
17:20:54.0124 0x1644 \Device\Harddisk0\DR0\Partition2 - ok
17:20:54.0216 0x1644 [ 9B7738B3FBB50A9B4C2B6CBD69BDEBBE ] \Device\Harddisk1\DR1\Partition1
17:20:54.0255 0x1644 \Device\Harddisk1\DR1\Partition1 - ok
17:20:54.0257 0x1644 [ 0292AC8D84682FC4E7D0063E1BF1AD99 ] \Device\Harddisk1\DR1\Partition2
17:20:54.0259 0x1644 \Device\Harddisk1\DR1\Partition2 - ok
17:20:54.0261 0x1644 [ 06FCA6CE53EC93E8B21CC64659084E37 ] \Device\Harddisk2\DR2\Partition1
17:20:54.0265 0x1644 \Device\Harddisk2\DR2\Partition1 - ok
17:20:54.0266 0x1644 ================ Scan generic autorun ======================
17:20:54.0528 0x1644 [ 7180CC6A80918BB5F9A50F6FFF51AC33, 5D1FF27BB2AE0F3A722F396D4E0E4E7EBCEF806B49533D2292AFB8C7529CBBC6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:20:54.0835 0x1644 RtHDVCpl - ok
17:20:54.0895 0x1644 [ 36EDD4D517496598491EB5609908E7BC, 77E3CAFD7B8CB099BA90DA7435E596B87B80D940EA166D11789A4345BC695913 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:20:54.0963 0x1644 RtHDVBg - ok
17:20:55.0015 0x1644 [ 6A94CD69E9C2BD1864096AB0B16660E6, E22F3C432F104AD25512D1F97526D772D50BE0FC7910FFF12335F4ECC0EEE184 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
17:20:55.0075 0x1644 IntelPAN - ok
17:20:55.0077 0x1644 SynTPEnh - ok
17:20:55.0080 0x1644 BTMTrayAgent - ok
17:20:55.0093 0x1644 [ 7E25F1EFFDF50F702DE3D9E8F6B8CC47, F1857D2966D2A31DD067A7E8015842FC2757E4BFFEC961726D3C14947824C5C9 ] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
17:20:55.0126 0x1644 MedionReminder - ok
17:20:55.0165 0x1644 [ F2B8C14D7B368F034D17D23483F8A9CA, 907440F2A2A275FB9685E1D6A6B224A3CAB7C8ACCB8063905F513A2CDEB78BB5 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
17:20:55.0212 0x1644 Bdagent - ok
17:20:55.0411 0x1644 [ 7F155DDD7941BA414431D18A20AB96F2, B62430259486CAC970656C4EC7465CE5DEE410ACF3F396E553A4CB94E6124FD8 ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:20:55.0610 0x1644 Launch LCore - ok
17:20:55.0628 0x1644 [ 7E25F1EFFDF50F702DE3D9E8F6B8CC47, F1857D2966D2A31DD067A7E8015842FC2757E4BFFEC961726D3C14947824C5C9 ] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
17:20:55.0657 0x1644 MedionReminder - ok
17:20:55.0681 0x1644 [ 47C1DE0A890613FFCFF1D67648EEDF90, 5821567D7DD99623257AEA794023EF4200E6E17FD09656B40D97C44A35C701BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:20:55.0712 0x1644 Adobe ARM - ok
17:20:55.0723 0x1644 [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
17:20:55.0745 0x1644 IAStorIcon - ok
17:20:55.0760 0x1644 [ 8D2B47285BCDE1943A16166702E3FA95, 621156A7861CA83BCD146D1CCCAC13F72951F2A64866C185796D7954E2EBAEA0 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
17:20:55.0784 0x1644 Dolby Home Theater v4 - ok
17:20:55.0789 0x1644 [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
17:20:55.0884 0x1644 NUSB3MON - ok
17:20:55.0950 0x1644 [ 55D8686A6212A890AAF3E4D3ADA10C51, 953F202829B7D44D417EED64CD324085497CF9F7ABB5CBF51CDC25B201F43DCA ] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
17:20:56.0043 0x1644 MGSysCtrl - detected UnsignedFile.Multi.Generic ( 1 )
17:20:58.0516 0x1644 MGSysCtrl ( UnsignedFile.Multi.Generic ) - warning
17:21:00.0948 0x1644 [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
17:21:00.0965 0x1644 CLMLServer - ok
17:21:00.0970 0x1644 [ 99ECAF298145F950B1326656167FBFDF, 77573FE19E2C16AB6D7DD3B689D5E926A86793491D6915E76999BA19A35265EA ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
17:21:01.0489 0x1644 RemoteControl10 - ok
17:21:01.0494 0x1644 [ 90B142C67907BCC2A5D2CDFDC008BE8E, A18AFBC8FB076C7AD6E7C8D445984A2F77805BB0012DBCAE1CD935BE8CC2D43D ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
17:21:01.0508 0x1644 BDRegion - ok
17:21:01.0537 0x1644 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:21:01.0590 0x1644 Sidebar - ok
17:21:01.0597 0x1644 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:21:01.0616 0x1644 mctadmin - ok
17:21:01.0646 0x1644 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:21:01.0688 0x1644 Sidebar - ok
17:21:01.0693 0x1644 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:21:01.0709 0x1644 mctadmin - ok
17:21:01.0732 0x1644 [ FF6724E41C9C04D56C2CBF3896C4C087, 043A90891C8616E3A6025D0DCB1C9F204CD8F7E6A27743BDE2FE2F65131E17EF ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
17:21:01.0759 0x1644 Bitdefender-Geldbörse-Agent - ok
17:21:01.0995 0x1644 [ 40335C8877B6B84842AF03A40E1BB206, 33433ED8961B1AEEBD30F8DD53A541C711C403D019F1074406FF9C9D1E9F4113 ] C:\Program Files\CCleaner\CCleaner64.exe
17:21:02.0211 0x1644 CCleaner Monitoring - ok
17:21:02.0218 0x1644 Skype - ok
17:21:02.0220 0x1644 Waiting for KSN requests completion. In queue: 9
17:21:03.0221 0x1644 Waiting for KSN requests completion. In queue: 9
17:21:04.0221 0x1644 Waiting for KSN requests completion. In queue: 9
17:21:05.0240 0x1644 AV detected via SS2: Bitdefender Antivirus, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 19.4.0.216 ), 0x41000 ( enabled : updated )
17:21:05.0242 0x1644 FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe ( 19.4.0.216 ), 0x41010 ( enabled )
17:21:07.0641 0x1644 ============================================================
17:21:07.0641 0x1644 Scan finished
17:21:07.0641 0x1644 ============================================================
17:21:07.0648 0x1b9c Detected object count: 1
17:21:07.0648 0x1b9c Actual detected object count: 1
17:21:32.0549 0x1b9c MGSysCtrl ( UnsignedFile.Multi.Generic ) - skipped by user
17:21:32.0549 0x1b9c MGSysCtrl ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
19.01.2016, 16:55
| #4 |
| /// TB-Ausbilder | Bin ich Teil eines Botnetzwerks? Servus, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
19.01.2016, 23:38
| #5 |
| | Bin ich Teil eines Botnetzwerks?Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.01.19.03
rootkit: v2016.01.09.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Marc :: MARC-PC [administrator]
19.01.2016 17:06:24
mbar-log-2016-01-19 (17-06-24).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 333981
Time elapsed: 8 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
20.01.2016, 16:55
| #6 |
| /// TB-Ausbilder | Bin ich Teil eines Botnetzwerks? Servus, bisher kein Anzeichen eines Botnets...  Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
23.01.2016, 13:13
| #7 |
| /// TB-Ausbilder | Bin ich Teil eines Botnetzwerks? Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Bin ich Teil eines Botnetzwerks? |
| antivirus, ccsetup, cpu, desktop, device driver, dnsapi.dll, festplatte, flash player, helper, home, internet, internet explorer, kaspersky, launch, logfile, netstat, problem, registry, rundll, scan, security, server, software, stick, svchost.exe, tcp, udp, usb, viren |
Linear-Darstellung
