| |
| |||||||
Log-Analyse und Auswertung: Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter TreiberWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
30.07.2016, 12:54
| #1 |
 |  Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Seid ca. einer Woche erhalte ich beim AviraScan immer wieder folgenden Hinweis: Der Suchlauf nach versteckten Objekten wird begonnen. Versteckter Treiber [HINWEIS] Eine Speicherveränderung wurde entdeckt, die möglicherweise zur versteckten Dateizugriffen missbraucht werden könnte. Ich habe gestern MBAN laufen lassen: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 29.07.2016 Suchlaufzeit: 13:22 Protokolldatei: Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.07.29.05 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Frank Suchlauftyp: Benutzerdefinierter Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 644330 Abgelaufene Zeit: 2 Std., 56 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Antivirus Pro
Erstellungsdatum der Reportdatei: Dienstag, 26. Juli 2016 19:12
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : XXX
Seriennummer : XXX
Plattform : Windows 7 Professional
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : Frank
Computername : FRANK-PC
Versionsinformationen:
build.dat : 15.0.18.354 92460 Bytes 18.07.2016 16:23:00
AVSCAN.EXE : 15.0.18.351 1273416 Bytes 26.07.2016 15:18:09
AVSCANRC.DLL : 15.0.18.303 66256 Bytes 26.07.2016 15:18:09
LUKE.DLL : 15.0.18.341 70376 Bytes 26.07.2016 15:18:32
AVSCPLR.DLL : 15.0.18.351 134272 Bytes 26.07.2016 15:18:10
REPAIR.DLL : 15.0.18.342 672480 Bytes 26.07.2016 15:18:07
repair.rdf : 1.0.18.90 1705783 Bytes 21.07.2016 16:16:33
AVREG.DLL : 15.0.18.351 352656 Bytes 26.07.2016 15:18:07
avlode.dll : 15.0.18.351 734280 Bytes 26.07.2016 15:18:05
avlode.rdf : 14.0.5.44 101841 Bytes 18.07.2016 09:13:31
XBV00012.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00013.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00014.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00015.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00016.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00017.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00018.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00019.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00020.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00021.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00022.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00023.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00024.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00025.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00026.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00027.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00028.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00029.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00030.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00031.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00032.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00033.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00034.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00035.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00036.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00037.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00038.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00039.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00040.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00041.VDF : 8.12.37.66 2048 Bytes 17.12.2015 15:07:35
XBV00100.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00101.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00102.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00103.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00104.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00105.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00106.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00107.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:57
XBV00108.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00109.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00110.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00111.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00112.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00113.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00114.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00115.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00116.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00117.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00118.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00119.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00120.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00121.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00122.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00123.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00124.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:58
XBV00125.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00126.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00127.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00128.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00129.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00130.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00131.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00132.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00133.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00134.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00135.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00136.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00137.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00138.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00139.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00140.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00141.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:14:59
XBV00142.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00143.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00144.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00145.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00146.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00147.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00148.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00149.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00150.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00151.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00152.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00153.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00154.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00155.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00156.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00157.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:00
XBV00158.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00159.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00160.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00161.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00162.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00163.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00164.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00165.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00166.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00167.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00168.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00169.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00170.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00171.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00172.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00173.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00174.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:01
XBV00175.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00176.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00177.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00178.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00179.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00180.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00181.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00182.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00183.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00184.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00185.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00186.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00187.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00188.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00189.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00190.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00191.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:02
XBV00192.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00193.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00194.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00195.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00196.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00197.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00198.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00199.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00200.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00201.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00202.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00203.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00204.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00205.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00206.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00207.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:03
XBV00208.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00209.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00210.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00211.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00212.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00213.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00214.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00215.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00216.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00217.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00218.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00219.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00220.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00221.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00222.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00223.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00224.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:04
XBV00225.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00226.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00227.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00228.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00229.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00230.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00231.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00232.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00233.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00234.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00235.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00236.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00237.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00238.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00239.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00240.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00241.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:05
XBV00242.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00243.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00244.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00245.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00246.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00247.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00248.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00249.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00250.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00251.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00252.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00253.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00254.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00255.VDF : 8.12.105.206 2048 Bytes 19.07.2016 21:15:06
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 15:07:35
XBV00001.VDF : 7.11.237.0 48041984 Bytes 02.06.2015 15:07:35
XBV00002.VDF : 7.12.37.36 16452096 Bytes 17.12.2015 15:07:35
XBV00003.VDF : 8.12.44.142 3948032 Bytes 09.01.2016 15:07:35
XBV00004.VDF : 8.12.52.208 4036096 Bytes 02.02.2016 15:07:35
XBV00005.VDF : 8.12.62.184 2779136 Bytes 26.02.2016 15:07:35
XBV00006.VDF : 8.12.71.186 2191360 Bytes 19.03.2016 15:07:35
XBV00007.VDF : 8.12.80.192 3617280 Bytes 13.04.2016 14:04:57
XBV00008.VDF : 8.12.88.34 4358144 Bytes 06.05.2016 18:18:35
XBV00009.VDF : 8.12.95.102 4861952 Bytes 28.05.2016 08:08:33
XBV00010.VDF : 8.12.100.102 3856384 Bytes 22.06.2016 07:46:25
XBV00011.VDF : 8.12.105.206 3731456 Bytes 19.07.2016 21:14:53
XBV00042.VDF : 8.12.105.218 13824 Bytes 19.07.2016 09:17:50
XBV00043.VDF : 8.12.105.230 13824 Bytes 19.07.2016 09:17:50
XBV00044.VDF : 8.12.105.234 43520 Bytes 20.07.2016 09:17:50
XBV00045.VDF : 8.12.105.236 7680 Bytes 20.07.2016 09:17:50
XBV00046.VDF : 8.12.105.238 16896 Bytes 20.07.2016 09:17:50
XBV00047.VDF : 8.12.105.240 34816 Bytes 20.07.2016 09:17:50
XBV00048.VDF : 8.12.105.242 8704 Bytes 20.07.2016 09:17:50
XBV00049.VDF : 8.12.105.248 47104 Bytes 20.07.2016 21:17:47
XBV00050.VDF : 8.12.105.250 2048 Bytes 20.07.2016 21:17:47
XBV00051.VDF : 8.12.105.252 15360 Bytes 20.07.2016 21:17:47
XBV00052.VDF : 8.12.105.254 2048 Bytes 20.07.2016 21:17:47
XBV00053.VDF : 8.12.106.0 2048 Bytes 20.07.2016 21:17:47
XBV00054.VDF : 8.12.106.2 25088 Bytes 20.07.2016 08:32:30
XBV00055.VDF : 8.12.106.4 15360 Bytes 20.07.2016 08:32:30
XBV00056.VDF : 8.12.106.10 46592 Bytes 21.07.2016 09:33:19
XBV00057.VDF : 8.12.106.12 7680 Bytes 21.07.2016 09:33:20
XBV00058.VDF : 8.12.106.14 2048 Bytes 21.07.2016 09:33:20
XBV00059.VDF : 8.12.106.16 23552 Bytes 21.07.2016 09:33:20
XBV00060.VDF : 8.12.106.18 11264 Bytes 21.07.2016 10:18:49
XBV00061.VDF : 8.12.106.24 46592 Bytes 21.07.2016 16:16:21
XBV00062.VDF : 8.12.106.26 31744 Bytes 21.07.2016 19:17:18
XBV00063.VDF : 8.12.106.28 10752 Bytes 21.07.2016 19:17:18
XBV00064.VDF : 8.12.106.30 13312 Bytes 21.07.2016 20:07:08
XBV00065.VDF : 8.12.106.32 8192 Bytes 21.07.2016 09:11:47
XBV00066.VDF : 8.12.106.46 54784 Bytes 22.07.2016 09:11:47
XBV00067.VDF : 8.12.106.58 10752 Bytes 22.07.2016 09:11:47
XBV00068.VDF : 8.12.106.70 32256 Bytes 22.07.2016 10:12:00
XBV00069.VDF : 8.12.106.84 4096 Bytes 22.07.2016 10:12:00
XBV00070.VDF : 8.12.106.96 19968 Bytes 22.07.2016 20:20:07
XBV00071.VDF : 8.12.106.98 2048 Bytes 22.07.2016 20:20:07
XBV00072.VDF : 8.12.106.102 65024 Bytes 22.07.2016 20:20:08
XBV00073.VDF : 8.12.106.104 2048 Bytes 22.07.2016 20:20:08
XBV00074.VDF : 8.12.106.106 2048 Bytes 22.07.2016 20:20:08
XBV00075.VDF : 8.12.106.108 15872 Bytes 22.07.2016 20:52:40
XBV00076.VDF : 8.12.106.110 8704 Bytes 22.07.2016 09:20:30
XBV00077.VDF : 8.12.106.114 71680 Bytes 23.07.2016 10:52:20
XBV00078.VDF : 8.12.106.116 31744 Bytes 23.07.2016 13:33:41
XBV00079.VDF : 8.12.106.118 7680 Bytes 23.07.2016 15:40:08
XBV00080.VDF : 8.12.106.122 84480 Bytes 24.07.2016 09:00:42
XBV00081.VDF : 8.12.106.124 12288 Bytes 24.07.2016 10:00:55
XBV00082.VDF : 8.12.106.126 12288 Bytes 24.07.2016 13:14:54
XBV00083.VDF : 8.12.106.138 14336 Bytes 24.07.2016 15:41:26
XBV00084.VDF : 8.12.106.150 74752 Bytes 25.07.2016 09:12:11
XBV00085.VDF : 8.12.106.162 8704 Bytes 25.07.2016 09:12:11
XBV00086.VDF : 8.12.106.172 7680 Bytes 25.07.2016 10:49:43
XBV00087.VDF : 8.12.106.174 13312 Bytes 25.07.2016 10:49:43
XBV00088.VDF : 8.12.106.178 56320 Bytes 25.07.2016 19:13:03
XBV00089.VDF : 8.12.106.180 2048 Bytes 25.07.2016 19:13:03
XBV00090.VDF : 8.12.106.182 2048 Bytes 25.07.2016 19:13:03
XBV00091.VDF : 8.12.106.184 19456 Bytes 25.07.2016 19:13:03
XBV00092.VDF : 8.12.106.186 9728 Bytes 25.07.2016 20:43:11
XBV00093.VDF : 8.12.106.188 13312 Bytes 25.07.2016 08:18:35
XBV00094.VDF : 8.12.106.192 44544 Bytes 26.07.2016 08:18:35
XBV00095.VDF : 8.12.106.194 27136 Bytes 26.07.2016 08:18:35
XBV00096.VDF : 8.12.106.196 9216 Bytes 26.07.2016 08:18:35
XBV00097.VDF : 8.12.106.198 12288 Bytes 26.07.2016 09:50:43
XBV00098.VDF : 8.12.106.202 43008 Bytes 26.07.2016 15:18:37
XBV00099.VDF : 8.12.106.204 7680 Bytes 26.07.2016 17:08:19
LOCAL000.VDF : 8.12.106.204 167883776 Bytes 26.07.2016 17:08:59
Engineversion : 8.3.40.102
AEBB.DLL : 8.1.3.0 59296 Bytes 04.04.2016 15:07:22
AECORE.DLL : 8.3.12.4 247720 Bytes 04.04.2016 15:07:22
AECRYPTO.DLL : 8.2.0.2 128936 Bytes 24.05.2016 18:17:59
AEDROID.DLL : 8.4.3.364 2717608 Bytes 30.06.2016 16:26:38
AEEMU.DLL : 8.1.3.8 404328 Bytes 04.04.2016 15:07:22
AEEXP.DLL : 8.4.2.194 306032 Bytes 06.07.2016 13:41:49
AEGEN.DLL : 8.1.8.130 551792 Bytes 30.06.2016 16:26:30
AEHELP.DLL : 8.3.2.10 284584 Bytes 04.04.2016 15:07:22
AEHEUR.DLL : 8.1.4.2404 10409896 Bytes 21.07.2016 13:12:47
AELIBINF.DLL : 8.2.1.4 68464 Bytes 24.05.2016 18:18:00
AEMOBILE.DLL : 8.1.8.10 301936 Bytes 04.04.2016 15:07:22
AEOFFICE.DLL : 8.3.5.12 490352 Bytes 25.07.2016 11:12:15
AEPACK.DLL : 8.4.2.18 804776 Bytes 04.07.2016 14:00:44
AERDL.DLL : 8.2.1.44 812960 Bytes 30.06.2016 16:26:36
AESBX.DLL : 8.2.22.4 1633128 Bytes 20.06.2016 13:40:34
AESCN.DLL : 8.3.4.6 141216 Bytes 24.05.2016 18:17:58
AESCRIPT.DLL : 8.3.0.200 640936 Bytes 25.07.2016 11:12:15
AEVDF.DLL : 8.3.3.4 142184 Bytes 04.04.2016 15:07:22
AVWINLL.DLL : 15.0.18.303 27680 Bytes 26.07.2016 15:18:01
AVPREF.DLL : 15.0.18.303 53944 Bytes 26.07.2016 15:18:06
AVREP.DLL : 15.0.18.303 224912 Bytes 26.07.2016 15:18:07
AVARKT.DLL : 15.0.18.303 231592 Bytes 26.07.2016 15:18:01
SQLITE3.DLL : 15.0.18.303 461264 Bytes 26.07.2016 15:18:36
AVSMTP.DLL : 15.0.18.303 81712 Bytes 26.07.2016 15:18:10
NETNT.DLL : 15.0.18.303 16880 Bytes 26.07.2016 15:18:32
CommonImageRc.dll: 15.0.18.328 4306296 Bytes 26.07.2016 15:18:01
CommonTextRc.dll: 15.0.18.303 69888 Bytes 26.07.2016 15:18:01
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Prüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\Antivirus\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Ignorieren
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:, F:, G:, H:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Auszulassende Dateien.................: 5.18, g:\adwcleaner_5.118(1).exe,
Abweichende Gefahrenkategorien........: +APPL,+SPR,
Beginn des Suchlaufs: Dienstag, 26. Juli 2016 19:12
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, E:, F:, G:)'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'HDD1(D:, H:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Versteckter Treiber
[HINWEIS] Eine Speicherveränderung wurde entdeckt, die möglicherweise zur versteckten Dateizugriffen missbraucht werden könnte.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'hmpalert.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'SbieSvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'hmpalert.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '221' Modul(e) wurden durchsucht
Durchsuche Prozess 'SASCORE64.EXE' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'Fuel.Service.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '141' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'Everything.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'IGDCTRL.EXE' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'McSACore.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'plays_service.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'vds.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'oodiag.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc7.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'vdsldr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'BCUSched.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPSupportSolutionsFrameworkService.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdateChecker.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'StCenter.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'thunderbird.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '32' Modul(e) wurden durchsucht
Ende des Suchlaufs: Dienstag, 26. Juli 2016 19:36
Benötigte Zeit: 23:31 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
4509 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
4509 Dateien ohne Befall
2 Archive wurden durchsucht
0 Warnungen
1 Hinweise
1293506 Objekte wurden beim Rootkitscan durchsucht
1 Versteckte Objekte wurden gefunden
buju
Beiträge: 398
Registriert: Do 4. Sep 2014, 19:56
Wohnort: Rheinland
Betriebssystem: win7prof.64bit
Virenscanner: Avira Antivirus Pro
Nach oben
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
durchgeführt von Frank (Administrator) auf FRANK-PC (30-07-2016 13:14:47)
Gestartet von G:\
Geladene Profile: Frank & (Verfügbare Profile: Frank)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(AVAST Software) C:\Users\Frank\AppData\Roaming\AVAST Software\Browser Cleanup\bcusched.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831064 2016-07-26] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [695808 2014-09-10] (FileHippo.com)
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\...\MountPoints2: I - I:\wubi.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\...\MountPoints2: J - J:\CheckID.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\...\MountPoints2: {c0b3c385-af1b-11e5-970f-00248c5d616e} - K:\AutoRun.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\...\MountPoints2: {fab6be2b-8d34-11df-a149-806e6f6e6963} - J:\BlueBirds.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [695808 2014-09-10] (FileHippo.com)
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: I - I:\wubi.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: J - J:\CheckID.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c0b3c385-af1b-11e5-970f-00248c5d616e} - K:\AutoRun.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fab6be2b-8d34-11df-a149-806e6f6e6963} - J:\BlueBirds.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [695808 2014-09-10] (FileHippo.com)
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: I - I:\wubi.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: J - J:\CheckID.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {c0b3c385-af1b-11e5-970f-00248c5d616e} - K:\AutoRun.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {fab6be2b-8d34-11df-a149-806e6f6e6963} - J:\BlueBirds.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [695808 2014-09-10] (FileHippo.com)
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: I - I:\wubi.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: J - J:\CheckID.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {c0b3c385-af1b-11e5-970f-00248c5d616e} - K:\AutoRun.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {fab6be2b-8d34-11df-a149-806e6f6e6963} - J:\BlueBirds.exe
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2014-12-10] (O&O Software GmbH)
Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Startcenter.lnk [2016-02-15]
ShortcutTarget: FRITZ!DSL Startcenter.lnk -> C:\Program Files\FRITZ!DSL\StCenter.exe (AVM Berlin)
GroupPolicyScripts: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472 2009-07-28] (AVM Berlin)
Winsock: Catalog5-x64 07 C:\Program Files\FRITZ!DSL\\sarah.dll [34104 2009-07-28] (AVM Berlin)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6909EDB7-AFA7-4AD1-8552-36F0F8E19866}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{7845BEFB-AE93-4BFC-9838-8BE727E59F75}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{F53BD241-BD11-477D-AA45-2FD4479C065E}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001 -> DefaultScope {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001 -> {4516DFA7-B9DA-46F8-A1B2-626401F309AF} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001 -> {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {4516DFA7-B9DA-46F8-A1B2-626401F309AF} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {4516DFA7-B9DA-46F8-A1B2-626401F309AF} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> DefaultScope {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {4516DFA7-B9DA-46F8-A1B2-626401F309AF} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {F3071064-D2A6-4216-8FBF-8E88D3EBF4E6} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C010DE0D20151203&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-06] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-06] (Microsoft Corporation)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - Keine Datei
Handler: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Keine Datei
Handler: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Keine Datei
Handler: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Keine Datei
Handler: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Keine Datei
Handler: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Keine Datei
Handler: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Keine Datei
Handler: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-06] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-11] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default
FF DefaultSearchEngine: Bing®
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Bing®
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=mcafee&type=C110DE91020D20130927&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-07-14] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll [2010-01-04] (Logitech Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-07-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-05]
FF Extension: WOT - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\adblockpopups@jessehakanen.net.xpi [2016-04-27]
FF Extension: Dictionary (EN/DE) - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\dictlookup@arnhold.com.xpi [2016-04-27]
FF Extension: Google Translator for Firefox - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: Adblock Plus Filter Uploader - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\uploader@adblockfilters.mozdev.org.xpi [2016-04-27]
FF Extension: Disconnect - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\2.0@disconnect.me.xpi [2016-04-27]
FF Extension: BetterPrivacy - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-05-04]
FF Extension: SafeInCloud Password Manager - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\info@safe-in-cloud.com.xpi [2016-05-05]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF Extension: ImTranslator - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2016-07-19]
FF Extension: HTTPS-Everywhere - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\https-everywhere@eff.org [2016-07-21]
FF Extension: NoScript - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-07-26]
FF Extension: FRITZ!Box AddOn - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\extensions\fb_add_on@avm.de [2015-04-05] [ist nicht signiert]
FF Extension: Another Restart - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\@anotherrestart.xpi [2016-04-27]
FF Extension: Autofill Forms - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\autofillForms@blueimp.net.xpi [2016-07-06]
FF Extension: Add-on Compatibility Reporter - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-07-28]
FF Extension: cyscon Security Shield - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\cyscon-phishing-protection@patugo.com.xpi [2015-11-23]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\elemhidehelper@adblockplus.org.xpi [2016-05-03]
FF Extension: SimilarWeb - Site Traffic Sources and Ranking - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\FirefoxAddon@similarWeb.com.xpi [2016-04-17]
FF Extension: SSL Version Control - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\jid1-ZM3BerwS6FsQAg@jetpack.xpi [2015-04-25]
FF Extension: Open With - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\openwith@darktrojan.net.xpi [2016-06-18]
FF Extension: Personas Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\personas@christopher.beard.xpi [2016-07-28]
FF Extension: Turn Off the Lights - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\stefanvandamme@stefanvd.net.xpi [2016-04-30]
FF Extension: PDF Viewer - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\uriloader@pdf.js.xpi [2016-04-27]
FF Extension: YouTube to MP3 - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\youtube2mp3@mondayx.de.xpi [2016-04-27]
FF Extension: Flagfox - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-07-21]
FF Extension: FlashGot - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-03-28]
FF Extension: Show File Size - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{1aE2D8ED-8CDc-5811-8eA1-89F53739A750}.xpi [2011-04-12] [ist nicht signiert]
FF Extension: AniWeather - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-27]
FF Extension: FoxyTunes - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374} [2012-03-02] [ist nicht signiert]
FF Extension: Cookie Cutter - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{4d14a68e-9a97-4358-8603-ed67b332cef1}.xpi [2016-04-27]
FF Extension: ReloadEvery - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2016-03-28]
FF Extension: Password Exporter - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2016-05-05]
FF Extension: Fasterfox - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-04-27]
FF Extension: Heartbleed-Ext - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{CB454AEB-2F60-4441-ADEB-2CB43BB33B20}.xpi [2016-04-27]
FF Extension: Adblock Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: Download Statusbar - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2016-04-27]
FF Extension: Tab Mix Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-06-04]
FF Extension: DownThemAll! - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-04-14]
FF Extension: Torbutton - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi [2012-10-11] [ist nicht signiert]
FF Extension: Download Manager Tweak - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ojd1pbgf.default\Extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}.xpi [2016-03-29]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-10-27] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-06-28]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C210DE0D20151203&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-22]
CHR Extension: (Google Docs) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-22]
CHR Extension: (Google Drive) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-22]
CHR Extension: (YouTube) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-22]
CHR Extension: (Google Tabellen) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-22]
CHR Extension: (SiteAdvisor) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-04-22]
CHR Extension: (Google Docs Offline) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-22]
CHR Extension: (Google Mail) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-28]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-28]
Opera:
=======
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe
StartMenuInternet: (HKLM) OperaNext - C:\Program Files\Opera Next x64\Opera.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [472112 2016-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [472112 2016-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1453696 2016-07-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384 2016-07-11] (Avira Operations GmbH & Co. KG)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4764304 2016-07-26] (SurfRight B.V.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Users\Frank\AppData\Local\Temp\7zS5093\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-07-11] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7704312 2014-12-10] (O&O Software GmbH)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2011-02-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2011-02-05] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-24] (Avira Operations GmbH & Co. KG)
R1 Beep; C:\Windows\SysWow64\Drivers\Beep.sys [6656 2014-12-11] (Microsoft Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [245288 2016-07-26] (SurfRight B.V.)
R3 hmpnet; C:\Windows\system32\drivers\hmpnet.sys [82864 2016-07-26] (SurfRight B.V.)
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2016-07-30] (Malwarebytes)
S3 MEMSWEEP2; C:\Windows\system32\9030.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2014-12-10] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2014-12-10] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2014-12-10] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2014-12-10] (O&O Software GmbH)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
S3 SIVDRIVER; C:\Windows\system32\Drivers\SIVX64.sys [87616 2010-09-14] (Ray Hinchliffe)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1235968 2010-07-13] (VIA Technologies, Inc.) [Datei ist nicht signiert]
R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2012-04-26] (Acronis)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X]
U3 JavaQuickStarterService; kein ImagePath
S3 PROCEXP151; \??\C:\Windows\system32\Drivers\PROCEXP151.SYS [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011a\WNt500x64\Sandra.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-30 13:14 - 2016-07-30 13:14 - 00000000 ____D C:\FRST
2016-07-27 16:34 - 2016-07-27 16:35 - 00000600 _____ C:\Users\Frank\AppData\Local\PUTTY.RND
2016-07-27 16:28 - 2016-07-27 21:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-22 15:45 - 2016-06-10 20:51 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-07-22 15:45 - 2016-06-10 20:51 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-07-22 15:45 - 2016-06-10 20:46 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-07-22 15:45 - 2016-06-10 20:46 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-07-22 15:45 - 2016-06-10 17:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-07-22 15:45 - 2016-06-10 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-07-22 15:45 - 2016-06-10 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-07-22 15:45 - 2016-06-10 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-07-22 15:45 - 2016-06-10 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-07-22 15:45 - 2016-06-10 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-07-22 15:45 - 2016-06-10 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-07-22 15:45 - 2016-06-10 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-07-22 15:45 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-07-22 15:45 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-07-22 15:45 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-07-22 15:45 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-07-22 15:45 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-07-22 15:45 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-07-22 15:45 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-07-22 15:45 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-07-21 12:33 - 2016-07-27 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autorun Organizer
2016-07-21 12:33 - 2016-07-27 11:18 - 00000000 ____D C:\Program Files (x86)\Autorun Organizer
2016-07-20 11:27 - 2016-07-20 11:27 - 00001836 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-07-19 19:45 - 2016-07-19 19:45 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Steganos
2016-07-18 23:00 - 2016-07-18 23:00 - 00001781 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-07-18 23:00 - 2016-07-18 23:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-07-18 23:00 - 2016-07-18 23:00 - 00000000 ____D C:\Program Files\iTunes
2016-07-18 23:00 - 2016-07-18 23:00 - 00000000 ____D C:\Program Files\iPod
2016-07-18 23:00 - 2016-07-18 23:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-07-18 13:53 - 2016-07-18 13:53 - 00016384 _____ C:\Windows\SysWOW64\�s�
2016-07-14 13:05 - 2016-07-14 13:05 - 00016384 _____ C:\Windows\SysWOW64\�ӥ
2016-07-14 10:16 - 2016-07-14 10:16 - 00016384 _____ C:\Windows\SysWOW64\�R�
2016-07-12 22:28 - 2016-07-12 22:30 - 52437728 _____ (Microsoft Corporation) C:\Users\Frank\Downloads\Windows-KB890830-x64-v5.38.exe
2016-07-12 19:08 - 2016-06-11 08:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-12 19:08 - 2016-06-11 06:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-12 19:08 - 2016-06-10 23:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-12 19:08 - 2016-06-10 23:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-12 19:08 - 2016-06-10 23:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-12 19:08 - 2016-06-10 23:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-12 19:08 - 2016-06-10 23:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-12 19:08 - 2016-06-10 23:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-12 19:08 - 2016-06-10 23:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-12 19:08 - 2016-06-10 23:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-12 19:08 - 2016-06-10 23:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-12 19:08 - 2016-06-10 23:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-12 19:08 - 2016-06-10 23:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-12 19:08 - 2016-06-10 23:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-12 19:08 - 2016-06-10 23:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-12 19:08 - 2016-06-10 23:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-12 19:08 - 2016-06-10 23:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-12 19:08 - 2016-06-10 23:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-12 19:08 - 2016-06-10 22:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-12 19:08 - 2016-06-10 22:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-12 19:08 - 2016-06-10 22:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-12 19:08 - 2016-06-10 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-12 19:08 - 2016-06-10 22:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-12 19:08 - 2016-06-10 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-12 19:08 - 2016-06-10 22:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-12 19:08 - 2016-06-10 22:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-12 19:08 - 2016-06-10 22:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-12 19:08 - 2016-06-10 22:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-12 19:08 - 2016-06-10 22:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-12 19:08 - 2016-06-10 22:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-12 19:08 - 2016-06-10 22:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-12 19:08 - 2016-06-10 22:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-12 19:08 - 2016-06-10 21:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-12 19:08 - 2016-06-10 21:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-12 19:08 - 2016-06-10 21:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-12 19:08 - 2016-06-10 21:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-12 19:08 - 2016-06-10 21:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-12 19:08 - 2016-06-10 20:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-12 19:08 - 2016-06-10 20:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-12 19:08 - 2016-06-10 20:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-12 19:08 - 2016-06-10 20:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-12 19:08 - 2016-06-10 20:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-12 19:08 - 2016-06-10 20:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-12 19:08 - 2016-06-10 20:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-12 19:08 - 2016-06-10 20:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-12 19:08 - 2016-06-10 20:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-12 19:08 - 2016-06-10 20:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-12 19:08 - 2016-06-10 20:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-12 19:08 - 2016-06-10 20:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-12 19:08 - 2016-06-10 20:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-12 19:08 - 2016-06-10 20:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-12 19:08 - 2016-06-10 20:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-12 19:08 - 2016-06-10 20:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-12 19:08 - 2016-06-10 20:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-12 19:08 - 2016-06-10 20:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-12 19:08 - 2016-06-10 20:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-12 19:08 - 2016-06-10 20:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-12 19:08 - 2016-06-10 20:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-12 19:08 - 2016-06-10 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-12 19:08 - 2016-06-10 20:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-12 19:08 - 2016-06-10 20:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-12 19:08 - 2016-06-10 20:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-12 19:08 - 2016-06-10 19:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-12 19:08 - 2016-06-10 19:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-12 19:08 - 2016-06-10 19:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-12 19:08 - 2016-06-10 19:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-12 19:07 - 2016-06-26 02:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-12 19:07 - 2016-06-26 02:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-12 19:07 - 2016-06-26 02:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-12 19:07 - 2016-06-26 02:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-12 19:07 - 2016-06-26 02:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-12 19:07 - 2016-06-25 21:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-12 19:07 - 2016-06-25 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-12 19:07 - 2016-06-25 21:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-12 19:07 - 2016-06-25 21:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-12 19:07 - 2016-06-25 21:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-12 19:07 - 2016-06-14 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-06 21:11 - 2016-07-06 21:11 - 00000000 ___RD C:\Users\Frank\Documents\Notes
2016-07-06 15:50 - 2016-07-06 15:50 - 00016384 _____ C:\Windows\SysWOW64\ХQ
2016-07-04 20:11 - 2016-07-04 20:11 - 00016384 _____ C:\Windows\SysWOW64\��{
2016-07-02 12:39 - 2016-07-02 12:39 - 00023552 _____ C:\Users\Frank\Desktop\Kalkulation SGBXII 09.2016.xls
2016-07-01 18:47 - 2016-07-01 18:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-01 15:44 - 2016-07-01 15:44 - 00016384 _____ C:\Windows\SysWOW64\��
2016-07-01 15:43 - 2016-07-01 15:43 - 00016384 _____ C:\Windows\SysWOW64\@��
2016-07-01 11:22 - 2016-07-30 10:57 - 00000000 ____D C:\AdwCleaner
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-30 13:14 - 2009-07-14 06:45 - 00039168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-30 13:14 - 2009-07-14 06:45 - 00039168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-30 13:12 - 2016-05-12 13:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-30 13:05 - 2014-11-22 12:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-30 12:28 - 2015-05-12 16:14 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-30 12:01 - 2010-07-22 12:52 - 00000000 ____D C:\Users\Frank\SecurityScans
2016-07-30 11:10 - 2009-07-14 19:58 - 00712396 _____ C:\Windows\system32\perfh007.dat
2016-07-30 11:10 - 2009-07-14 19:58 - 00155486 _____ C:\Windows\system32\perfc007.dat
2016-07-30 11:10 - 2009-07-14 07:13 - 01651750 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-30 11:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-30 11:05 - 2014-11-22 12:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-30 11:01 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2016-07-30 10:45 - 2013-05-26 11:16 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-30 10:24 - 2015-04-23 21:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-30 09:55 - 2015-04-23 15:02 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-30 09:54 - 2013-01-31 10:01 - 03655339 _____ C:\Users\Frank\DesktopStCenter.txt
2016-07-29 22:48 - 2010-07-13 13:20 - 00000000 ____D C:\Users\Frank\Desktop\Desktop-Verknüpfungen
2016-07-29 22:17 - 2015-07-31 21:19 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Everything
2016-07-29 20:49 - 2010-07-12 00:26 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BF24741-F31D-497E-99B0-81A7BDC04EA7}
2016-07-29 18:23 - 2013-09-01 15:46 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2016-07-29 18:23 - 2011-06-06 12:36 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-07-29 18:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-29 16:35 - 2011-08-26 16:53 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
2016-07-29 16:33 - 2010-07-13 16:58 - 00000000 ____D C:\Users\Frank\Documents\CCleaner
2016-07-29 16:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-29 13:26 - 2011-04-12 14:01 - 00000000 ___RD C:\Users\Frank\Virtual Machines
2016-07-29 12:50 - 2016-01-07 22:00 - 00000000 ____D C:\EEK
2016-07-29 11:00 - 2014-11-22 12:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 11:00 - 2014-11-22 12:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 16:52 - 2012-11-25 10:38 - 00636928 _____ C:\Users\Frank\Documents\Frank.stb
2016-07-28 13:41 - 2016-06-05 19:44 - 00023552 _____ C:\Users\Frank\Desktop\Kalkulation SGBXII 08.2016.xls
2016-07-27 21:21 - 2009-07-14 06:45 - 00439448 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-27 21:00 - 2010-07-11 23:58 - 00113816 _____ C:\Users\Frank\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-27 19:49 - 2015-04-11 13:14 - 00002031 _____ C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2016-07-26 17:38 - 2016-05-19 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-07-26 17:38 - 2012-11-06 20:31 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-26 17:18 - 2016-05-12 15:44 - 00171752 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-07-26 17:18 - 2016-05-12 15:44 - 00145984 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-07-26 15:48 - 2014-03-18 17:15 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2016-07-26 15:46 - 2015-06-02 18:14 - 00082864 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpnet.sys
2016-07-26 15:46 - 2014-03-18 17:15 - 00863888 _____ (SurfRight B.V.) C:\Windows\system32\hmpalert.dll
2016-07-26 15:46 - 2014-03-18 17:15 - 00789136 _____ (SurfRight B.V.) C:\Windows\SysWOW64\hmpalert.dll
2016-07-26 15:46 - 2014-03-18 17:15 - 00245288 _____ (SurfRight B.V.) C:\Windows\system32\Drivers\hmpalert.sys
2016-07-24 20:42 - 2010-11-21 15:39 - 00022528 _____ C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-22 22:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-07-21 12:30 - 2014-11-22 12:03 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-21 12:30 - 2014-11-22 12:03 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-20 21:03 - 2014-04-23 21:31 - 00024576 _____ C:\Users\Frank\Desktop\kWh 2014.2015.xls
2016-07-20 11:28 - 2013-12-19 12:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-07-20 11:27 - 2014-07-31 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-07-19 14:52 - 2013-12-23 16:24 - 00000850 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-19 14:17 - 2012-10-23 09:51 - 00000000 ____D C:\Users\Frank\Desktop\ISS 2014
2016-07-18 23:00 - 2014-01-23 14:31 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-07-15 14:36 - 2010-07-27 10:22 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-07-14 13:03 - 2016-05-12 13:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 13:03 - 2014-08-12 13:18 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2016-07-14 13:03 - 2012-03-28 11:02 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 13:03 - 2011-05-13 12:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-12 22:34 - 2010-07-12 00:21 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-12 12:00 - 2015-05-12 16:14 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-12 11:53 - 2010-09-20 19:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 11:53 - 2010-07-12 17:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 11:52 - 2015-04-09 13:20 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-12 11:51 - 2015-04-09 13:19 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-05 14:05 - 2016-05-04 11:08 - 00023552 _____ C:\Users\Frank\Desktop\Kalkulation SGBXII 07.2016.xls
2016-07-05 14:00 - 2013-10-13 15:51 - 00000000 ____D C:\Program Files (x86)\GetFoldersize
2016-07-05 11:25 - 2010-07-13 14:35 - 00000000 ____D C:\Users\Frank\Documents\@ empfangen ab 230210
2016-07-04 17:51 - 2014-07-08 18:25 - 00003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1373046181
2016-07-04 17:51 - 2010-12-17 17:30 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-04 17:48 - 2015-06-16 19:13 - 00015230 _____ C:\Windows\Q-Dir.ini
2016-07-04 17:47 - 2015-07-20 15:49 - 00001813 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2016-07-04 17:47 - 2015-07-20 15:49 - 00000000 ____D C:\Program Files\Q-Dir
2016-07-02 15:49 - 2012-04-21 19:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-01 20:50 - 2014-12-01 21:25 - 00000000 ____D C:\Users\Frank\Christoph Pie RA
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-09-03 13:19 - 2014-09-03 13:27 - 45936640 _____ () C:\Program Files (x86)\GUTCC0E.tmp
2012-03-03 18:26 - 2012-03-03 18:26 - 0000288 _____ () C:\Users\Frank\AppData\Roaming\.backup.dm
2010-10-05 13:22 - 2010-10-22 19:03 - 0006847 _____ () C:\Users\Frank\AppData\Roaming\.freeciv-client-rc-2.2
2013-01-21 21:01 - 2013-03-10 17:04 - 0000576 _____ () C:\Users\Frank\AppData\Roaming\All CPU MeterV3_Settings.ini
2012-04-02 17:09 - 2012-04-21 20:04 - 0120232 _____ () C:\Users\Frank\AppData\Local\ars.cache
2012-04-02 17:11 - 2012-04-21 20:04 - 0909300 _____ () C:\Users\Frank\AppData\Local\census.cache
2012-02-13 20:50 - 2012-10-26 18:09 - 0000093 _____ () C:\Users\Frank\AppData\Local\CrystalDiskMark30.ini
2010-11-21 15:39 - 2016-07-24 20:42 - 0022528 _____ () C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-02 16:55 - 2012-04-02 16:55 - 0000036 _____ () C:\Users\Frank\AppData\Local\housecall.guid.cache
2016-07-27 16:34 - 2016-07-27 16:35 - 0000600 _____ () C:\Users\Frank\AppData\Local\PUTTY.RND
2010-07-30 11:35 - 2016-06-11 22:02 - 0007600 _____ () C:\Users\Frank\AppData\Local\Resmon.ResmonCfg
2011-08-25 16:08 - 2011-08-25 16:08 - 0000000 _____ () C:\Users\Frank\AppData\Local\{07C96FB1-F2C1-4C4E-A3F5-DFE102A0CBB8}
2011-09-13 21:21 - 2011-09-13 21:21 - 0000000 _____ () C:\Users\Frank\AppData\Local\{3F847566-9ED8-402C-A586-CE01983108D7}
2011-06-05 19:30 - 2011-06-05 19:31 - 0000000 _____ () C:\Users\Frank\AppData\Local\{827AE605-BACD-4DFF-AA30-81073507DB6F}
2011-12-26 22:47 - 2011-12-26 22:47 - 0000000 _____ () C:\Users\Frank\AppData\Local\{B57BB664-2A98-46A9-9DD8-3E2110B63578}
2013-01-23 19:24 - 2013-01-23 19:24 - 0045558 _____ () C:\ProgramData\1358961880.bdinstall.bin
2013-01-23 19:25 - 2013-01-23 19:25 - 0051235 _____ () C:\ProgramData\1358961926.bdinstall.bin
2013-01-23 19:26 - 2013-01-23 19:26 - 0051015 _____ () C:\ProgramData\1358961960.bdinstall.bin
2013-01-23 19:32 - 2013-01-23 19:32 - 0028345 _____ () C:\ProgramData\1358962225.bdinstall.bin
2014-04-28 20:35 - 2014-04-28 21:18 - 0006434 _____ () C:\ProgramData\hpzinstall.log
2010-11-12 17:39 - 2010-11-18 21:18 - 0000064 _____ () C:\ProgramData\sandra.ldb
2010-11-07 14:05 - 2010-11-07 14:05 - 0005222 _____ () C:\ProgramData\xml4F57.tmp
2010-11-07 14:05 - 2010-11-07 14:05 - 0013844 _____ () C:\ProgramData\xml71B6.tmp
2010-11-07 14:05 - 2010-11-07 14:05 - 0001629 _____ () C:\ProgramData\xml72A1.tmp
2010-07-13 14:56 - 2010-08-20 16:48 - 0010390 _____ () C:\ProgramData\xmlB4ED.tmp
2010-07-13 14:56 - 2010-08-20 16:48 - 0014252 _____ () C:\ProgramData\xmlC3BD.tmp
2010-07-13 14:56 - 2010-08-20 16:48 - 0001629 _____ () C:\ProgramData\xmlC69B.tmp
2010-09-14 19:28 - 2010-09-14 19:28 - 0005831 _____ () C:\ProgramData\xmlCD8B.tmp
2010-09-14 19:28 - 2010-09-14 19:28 - 0013613 _____ () C:\ProgramData\xmlE946.tmp
2010-09-14 19:28 - 2010-09-14 19:28 - 0001629 _____ () C:\ProgramData\xmlE9E3.tmp
Einige Dateien in TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-07-17 22:19
==================== Ende von FRST.txt ============================
Falls noch etwas fehlt oder nicht richtig ist bitte melden (ist mein erster Post im Trojaner-Board). Addition. txt bekomme ich hier nicht rein, weil zu gross, selbst teilen hat nich geklappt. Sorry. Bitte um Hilfestellung. Danke! Geändert von buju (30.07.2016 um 13:37 Uhr) |
|
30.07.2016, 13:36
| #2 |
| | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber addition.txt:
__________________FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 27-07-2016
durchgeführt von Frank (2016-07-30 13:15:31)
Gestartet von G:\
Windows 7 Professional Service Pack 1 (X64) (2010-07-11 21:52:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1471997843-1760444896-1991819523-500 - Administrator - Disabled)
BitBox (S-1-5-21-1471997843-1760444896-1991819523-1035 - Limited - Enabled)
Frank (S-1-5-21-1471997843-1760444896-1991819523-1001 - Administrator - Enabled) => C:\Users\Frank
Gast (S-1-5-21-1471997843-1760444896-1991819523-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1471997843-1760444896-1991819523-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\...\Akamai) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Akamai) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Akamai) (Version: - )
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.5 - Sereby Corporation)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD System Monitor (HKLM-x32\...\{718B4425-80EA-4F64-A05C-48285CE63F73}) (Version: 1.0.8 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 2016 v.16.0.0 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.0 - Ashampoo GmbH & Co. KG)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.02 - ASUSTeK Computer Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
Autorun Organizer Version 2.23 (HKLM-x32\...\Autorun Organizer_is1) (Version: 2.23 - ChemTable Software)
Avast Browser Cleanup (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\...\Avast Browser Cleanup) (Version: 10.3.2223.101 - AVAST Software)
Avast Browser Cleanup (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Avast Browser Cleanup) (Version: 10.3.2223.101 - AVAST Software)
Avast Browser Cleanup (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Avast Browser Cleanup) (Version: 10.3.2223.101 - AVAST Software)
Avast Browser Cleanup (HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Avast Browser Cleanup) (Version: 10.3.2223.101 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{92a7fd6b-31e5-472f-862e-79214c5032ef}) (Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.67.18988 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box AddOn (IE) (x64) (HKLM\...\{EC3671D7-98AC-4951-8FFD-5556BE066137}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
BMW M3 Challenge (HKLM-x32\...\{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1) (Version: BMW M3 Challenge v1.0.0.0 - 10TACLE STUDIOS AG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 1.07 - Abelssoft)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D1300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
D1300_Help (x32 Version: 82.0.233.000 - Hewlett-Packard) Hidden
Data Lifeguard Diagnostic for Windows 1.25 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Driving Speed 2.0 (HKLM-x32\...\Driving Speed 2_is1) (Version: - WheelSpin Studios)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
EVEREST Ultimate Edition v4.60 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.60 - Lavalys, Inc.)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Folder Size 3.4.0.0 (HKLM-x32\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
FoxyTunes for Firefox (HKLM-x32\...\FoxyTunesForFirefox) (Version: - )
Freeciv 2.2.1 (GTK+ client) (HKLM-x32\...\Freeciv-2.2.1-gtk2) (Version: - )
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
GetFoldersize 3.1.6 (HKLM-x32\...\GetFoldersize_is1) (Version: 3.1.6 - Michael Thummerer Software Design)
Google Chrome (HKLM-x32\...\{A58EE139-F99A-3991-B9D2-EBB6A6E2F9AE}) (Version: 52.0.2743.82 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HDD Guardian 0.6.2 (HKLM-x32\...\{F67EF53C-11BF-4EC8-B025-EC85CABA50B5}) (Version: - )
HDDlife Pro 4.1 (HKLM-x32\...\{E12E0F6C-2A96-49E1-8618-3E777EB79D30}) (Version: 4.1.203 - BinarySense Inc.)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 3.5.0.546 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet & Photosmart Printer Driver Software 13.0 Rel. A (HKLM\...\{4B97502B-795A-4E12-9A93-E824772156A7}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{3A1CB1B8-8646-41A0-B496-35DC48916904}) (Version: 12.5.26.37 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Logitech Harmony Remote Software (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 1.0.110307 - Logitech)
Logitech SetPoint 6.67 (HKLM\...\SP6) (Version: 6.67.83 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.227 - McAfee, Inc.)
MeinPlatz (HKLM\...\MeinPlatz) (Version: - )
MeinPlatz (HKLM-x32\...\MeinPlatz) (Version: - )
Mercedes CLC Dream Test Drive (HKLM-x32\...\{6F33360D-E0FA-4691-8D67-76CD5061D621}_is1) (Version: - Mercedes-Benz UK)
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft AntiXSS v4.2.1 (HKLM-x32\...\{F7D011B7-EF6B-4FCF-9571-44D60282329A}) (Version: 4.2.1 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{D8D25854-D7F0-45C5-8702-D650A5A23E21}) (Version: 2.3.2208 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office 2000 SR-1 Disc 2 (HKLM-x32\...\{00040407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Office 2000 SR-1 Professional (HKLM-x32\...\{00010407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Office 2000 SR-1 Small Business (HKLM-x32\...\{00030407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Moorhuhn Remake (HKLM-x32\...\{52210D57-0B1F-4681-90DD-8659DF4BCC40}) (Version: 1.00.0000 - )
Mozilla Firefox 47.0.1 (x64 de) (HKLM\...\Mozilla Firefox 47.0.1 (x64 de)) (Version: 47.0.1 - Mozilla)
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyMicroBalance (HKLM-x32\...\{F508CC9F-A477-4C15-A9FE-59BCE258F839}) (Version: 3.0.3 - startzentrum GmbH & Co KG)
MyMicroBalance (HKLM-x32\...\{F9F5A113-2DE7-4B3F-A29B-C07AEEBBC9FE}) (Version: 3.0.1 - startzentrum GmbH & Co KG)
NovaBench 3.0.4 (HKLM-x32\...\{88603FC0-6B3C-442D-981E-E3D49F083548}_is1) (Version: - Novawave Inc.)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.0.223 - O&O Software GmbH)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6729.1014 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenSSL 1.0.1g Light (64-bit) (HKLM\...\OpenSSL Light (64-bit)_is1) (Version: - OpenSSL Win64 Installer Team)
Opera Stable 38.0.2220.41 (HKLM-x32\...\Opera 38.0.2220.41) (Version: 38.0.2220.41 - Opera Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.11.2-r113542-release - Plays.tv, LLC)
Q-Dir (HKLM\...\Q-Dir) (Version: - )
QTranslate 5.7.0.3 (HKLM-x32\...\QTranslate) (Version: 5.7.0.3 - QuestSoft)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeInCloud Password Manager (HKLM-x32\...\{2C3F29B7-6FE5-4808-A2E8-86234C47246D}) (Version: 16.1.1 - Andrey Shcherbakov)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
SF_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
SF_CDA_Software (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Snowball Duel 1.1.0 (HKLM-x32\...\Snowball Duel_is1) (Version: 1.1.0 - Novel Games Limited)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
StarMoney (x32 Version: 2.0 - StarFinanz) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steganos Online-Banking 14 (HKLM-x32\...\{1CD1C1ED-9090-404C-ABC0-146F080CC847}) (Version: 14.0.12 - Steganos Software GmbH)
Super Monopoly (HKLM-x32\...\ST6UNST #1) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1222 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual C++ 2008 x64 Runtime - v9.0.30729.5026 (HKLM-x32\...\{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}.vc_x64runtime_30729_5026) (Version: 9.0.30729.5026 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - v9.0.30729.5026 (HKLM-x32\...\{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026) (Version: 9.0.30729.5026 - Microsoft Corporation)
Volvo - The Game (HKLM-x32\...\Volvo - The Game_is1) (Version: - SimBin)
Wallpapers (HKLM-x32\...\{B4A71CCA-99BA-43CF-81B2-C9572A581586}) (Version: 1.2.0005 - Thin Martian)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 1.0.0.0 - 1&1 Mail & Media GmbH)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01BAB02D-881B-4824-A82B-921FE06A6A22} - System32\Tasks\{E006F381-9D19-4A61-BFA8-5FB730798FBF} => pcalua.exe -a C:\Users\Frank\Downloads\aio-runtimes122.exe -d C:\Users\Frank\Downloads
Task: {1273397B-2DCD-439B-BC0E-73F0CA548524} - System32\Tasks\{E99E0D23-BCEE-4227-80D5-0A212485B604} => C:\DAVILEX\RASER\raser.exe
Task: {1A927722-0788-4970-B6B4-C9759D233CA0} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
Task: {1CD8C53D-FC99-46F5-96E4-FB36DF9DCCA9} - System32\Tasks\{2FD1A4DF-AA97-4D29-925C-05E525C14385} => pcalua.exe -a C:\Users\Frank\Downloads\FRITZBox_starter.exe -d C:\Users\Frank\Downloads
Task: {20A9161E-8C42-4BA5-A9BB-9028CAEA78A1} - System32\Tasks\avast! BCU UpdateS-1-5-21-1471997843-1760444896-1991819523-1001 => C:\Users\Frank\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
Task: {2717336D-58D6-4BB9-AB60-EBF189FE8E00} - System32\Tasks\{A1EAE062-B9AC-4434-8DCC-F4BFFD5942DA} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {27285171-809D-4972-9A39-45CAD5717FB2} - System32\Tasks\{9F04A04E-F1B7-449E-A6A5-01BAC932DF9D} => C:\DAVILEX\RASER\raser.exe
Task: {27B8A95C-EEE1-434C-A22E-C7575CAF5A76} - System32\Tasks\{CD237B8E-C3E8-40F2-A97F-CFAFF19434D8} => pcalua.exe -a "C:\Users\Frank\Downloads\Avira Antirootkit Tool 1.3.0.1\avira_antivir_antirootkit_en.exe" -d "C:\Users\Frank\Downloads\Avira Antirootkit Tool 1.3.0.1"
Task: {2953D30C-FCB1-40C9-89D2-3B48395C111D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {2B7897F5-43C2-4858-B647-DE3273B94F02} - System32\Tasks\{6F401823-FAC7-42E8-B9DF-8C234677DD23} => pcalua.exe -a C:\Users\Frank\Downloads\Shockwave_Installer_Slim.exe -d C:\Users\Frank\Downloads
Task: {35BCBBBD-DAB6-45DE-81FA-E2A4F0559350} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3D01F9B4-01CA-4E8B-A1CE-390BF95ECCC4} - System32\Tasks\{C540B5AC-0CDD-45C7-AEC4-17ED21BC7A49} => I:\ASUSACPI.exe
Task: {4236C1A4-82D4-4BB1-9999-65110646AF4B} - System32\Tasks\{599E4BFB-4F12-45AD-82D3-BDB81D1DEFB1} => C:\DAVILEX\RASER\raser.exe
Task: {4500D82E-B253-41AF-99EE-8465AC2A2E98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {45FDC0C1-AD3E-455C-8E1C-D56EDA7CA269} - System32\Tasks\{4FA4C5B4-E48B-424D-9364-ECC42E215011} => pcalua.exe -a G:\avira_antivir_antirootkit_en.exe -d G:\
Task: {511CBE08-B6B5-4D78-8D17-06CF88647466} - System32\Tasks\{872B1DA6-9FF7-4960-A114-B7E9B80690A7} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\Program Files (x86)\Super Monopoly\ST6UNST.LOG"
Task: {52919E44-DF58-4D37-B7AC-002E76BB14AC} - System32\Tasks\{6393BCBD-ECCF-4157-80A5-C637C88DDAC9} => pcalua.exe -a C:\Users\Frank\Downloads\setupNichtrauchertimer155.exe -d C:\Users\Frank\Downloads
Task: {66CBB9F7-B38F-46DF-9550-08289B486BA5} - System32\Tasks\{A9E79707-2DB4-4152-88DA-3EB7808C0E3A} => pcalua.exe -a G:\Sandboxie42Install.exe -d G:\
Task: {6B46C37B-2B0D-4FA9-803D-51B1C246390D} - System32\Tasks\Moo0 SystemMonitor 1.61 => C:\Program Files (x86)\Moo0\SystemMonitor 1.61\SystemMonitor.exe
Task: {6E4419A3-A80E-4C68-9BBC-D168BABD012C} - System32\Tasks\{0B24CED1-9A99-40C2-9E10-8D6A1180B21D} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {75DAF52C-D825-4712-B91D-8AEF0A8D67F3} - System32\Tasks\{BC44BAD3-78A0-46F4-A5E5-0FC20C25E39C} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {77E832A9-AC9B-4AC4-AA38-F9CB138BE761} - System32\Tasks\{9D0F4926-3986-4369-B42A-AC27CB6A9CD6} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {78E3FFA1-3BB7-48E7-956E-0439BB7EA5E0} - System32\Tasks\{4B443FFE-E762-4389-BE7A-EAE39AB63BAE} => C:\DAVILEX\RASER\raser.exe
Task: {79A9B5F1-96CB-40F9-9E20-027C4E85A7FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {94C4787B-86E5-4B66-AD7A-25CDCB9EE10E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {99D4DB50-7FED-4113-9503-53DC5C8E0DEA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {9E010BA9-4E2C-49E5-B878-7AFB002311DD} - System32\Tasks\{D8B5442A-29F6-4922-AD11-C4316BEA36D2} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {9F7B6C6D-5532-4BD2-A819-3DA8CA916721} - System32\Tasks\{E30F78E7-457A-4592-A991-021B016BEAC0} => pcalua.exe -a G:\Shockwave_Installer_Full.exe -d G:\
Task: {A92A982C-43DE-4BF8-9C55-0ACC9EB61FB4} - System32\Tasks\{6E095647-49DE-4D38-84A3-52FE2AFDBC05} => pcalua.exe -a "C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Task: {B10AB761-C97B-467C-B4F7-5A5541AC873B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B9AB9271-4220-40C3-A293-6B573D83F886} - System32\Tasks\{6722CEFF-ECB5-467F-8F2E-25A08F63173E} => pcalua.exe -a "C:\Program Files (x86)\HWiNFO32\HW32inst.EXE" -d "C:\Program Files (x86)\HWiNFO32"
Task: {BAA93F3A-26E8-430F-A2EC-F16C35DA7568} - System32\Tasks\{F5C5144B-6B76-4841-A4F7-146A764BAFDF} => pcalua.exe -a C:\Users\Frank\Downloads\HiJackThis204.exe -d C:\Users\Frank\Downloads
Task: {BF7ABB9D-0DDE-45F6-99EC-829DEA70935D} - System32\Tasks\{267D757B-2FB0-488E-9236-95E43130EE2C} => pcalua.exe -a C:\Users\Frank\Downloads\irfanview_plugins_427_setup.exe -d C:\Users\Frank\Downloads
Task: {CEBDD1CA-594D-4B35-8C67-734116082B47} - System32\Tasks\{2F5CEDE1-E852-4603-A82C-59709D34F74E} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {CF680099-855E-48B7-9CA6-4B9259B92211} - System32\Tasks\Opera scheduled Autoupdate 1373046181 => C:\Program Files (x86)\Opera\launcher.exe [2016-06-30] (Opera Software)
Task: {D122E03A-9453-42CE-BE6D-DAE268DE6F26} - System32\Tasks\{5B5ABC89-2A45-4761-A767-8BD6F75919F1} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {D5082868-8527-490B-B4FE-7C056CA6345C} - System32\Tasks\{89FEF303-EA30-4C3E-93B9-B1E8F693EA5C} => pcalua.exe -a C:\Users\Frank\Downloads\aio-runtimes124.exe -d C:\Users\Frank\Downloads
Task: {D82FA8EC-68D6-4345-ACF3-1EDD0DCE174B} - System32\Tasks\{FD4CF113-DE77-4336-AB28-6587B7845AA6} => I:\ASUSACPI.exe
Task: {DC557F8D-5F75-4C63-8CA4-641CED33509D} - System32\Tasks\{78708E76-5FDF-4977-8618-96BF649DA9C5} => pcalua.exe -a C:\Users\Frank\Downloads\Shockwave620_Installer_Full.exe -d C:\Users\Frank\Downloads
Task: {DF615E47-C156-4EFA-8FE1-F750BEA29B31} - System32\Tasks\{59E872C4-5662-417A-8D3A-1BBE79BAF489} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {F242FB13-EBA0-4518-AA96-74AEE6BDF1F5} - System32\Tasks\avastBCLS-1-5-21-1471997843-1760444896-1991819523-1001 => C:\Users\Frank\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2016-06-28] (AVAST Software)
Task: {F538AE7F-6D6F-45C2-88BB-65B0AC59DC4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FB8374FD-26FF-47C5-8A0B-31F73D85EE27} - System32\Tasks\{10CE2B86-A5BD-4891-AF2D-A91C578278D9} => C:\Users\Frank\Downloads\wpolis32.exe
Task: {FDCDD740-741F-4A97-8CE7-321A09F2172D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-06-28] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-12-10 18:12 - 2014-12-10 18:12 - 00344824 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-31 21:18 - 2014-08-06 03:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2014-12-10 18:12 - 2014-12-10 18:12 - 00326392 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2013-02-05 15:20 - 2013-02-05 15:20 - 00012520 _____ () C:\Users\Frank\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\CoreTempReader.dll
2013-02-05 15:20 - 2013-02-05 15:20 - 00015080 _____ () C:\Users\Frank\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\GetCoreTempInfoNET.dll
2013-02-05 15:20 - 2013-02-05 15:20 - 00014056 _____ () C:\Users\Frank\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\SystemInfo.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:55B41E6A [127]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-01-22 16:29 - 00444833 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123moviedownload.com
Da befinden sich 15265 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1471997843-1760444896-1991819523-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^Users^Frank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FRITZ!DSL Startcenter.lnk => C:\Windows\pss\FRITZ!DSL Startcenter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Frank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mozilla Firefox.lnk => C:\Windows\pss\Mozilla Firefox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Frank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Mozilla Thunderbird.lnk => C:\Windows\pss\Mozilla Thunderbird.lnk.Startup
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8175D54D-F13A-4956-8E8C-2D01CA5ACBAB}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C599924E-1EA4-4920-B35B-BD55AE16445E}] => (Allow) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
FirewallRules: [{28FEA9A4-CAB4-4E74-BD49-55CC01DDE2CF}] => (Allow) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
FirewallRules: [{C38E276E-8D2D-4990-9368-3AA340E23A44}] => (Allow) C:\Program Files\FRITZ!DSL\FBOXUPD.EXE
FirewallRules: [{60C2EA7C-C27A-42E1-B0D4-F695D9547891}] => (Allow) C:\Program Files\FRITZ!DSL\FBOXUPD.EXE
FirewallRules: [{1470DF88-6AD9-44B2-A33C-EEA5E18828BC}] => (Allow) C:\Program Files\FRITZ!DSL\WebwaIgd.exe
FirewallRules: [{452D245D-BEC5-479E-B0ED-613F5AB2581F}] => (Allow) C:\Program Files\FRITZ!DSL\WebwaIgd.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{2B578580-A9FF-46CC-8FA6-AB1C0C5A01D1}] => (Allow) C:\Users\Frank\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{B72B1E0C-899B-4EA0-965A-B1B8E5E00C57}] => (Allow) C:\Users\Frank\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{34554302-B411-42AE-B156-F93F4D999E7A}] => (Allow) I:\fsetup.exe
FirewallRules: [{E9124F1E-CD87-437E-8F57-3CF0E0D54D21}] => (Allow) I:\fsetup.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F67B7078-5865-4CD4-853F-357FDD0CA875}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{B3C8235F-B481-4C6F-B918-A7037B957921}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{112AD408-A03A-412D-ABF3-7513A2E20E09}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{74007911-46CC-4023-A2F5-36C86EBE2362}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{9C170C67-CC9A-4CC9-BAE5-154F7EA03568}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{32668DE8-5382-42FD-8699-1EAAD03A0A34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{FF51BDAB-A8FC-4097-BC10-863E16F7828A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{61D5F073-74BD-4C82-8417-140E6186719F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{61EC15A9-2CA7-4210-A63B-129072C793C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7A96EFC8-9D19-40D4-B972-A7D417341486}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{596BE668-2763-459F-A7F5-DF637EAA0996}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C5E0243F-BB35-443B-8F57-ECBFE4F55C2B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F461C3EC-2B94-420B-8EF7-D8E33B0915B5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B7B55E4-FFA9-4803-B968-9877F822E202}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19A4D502-A18C-48F2-B57F-437DF5E851F4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{15FADBCE-5852-414D-A67C-FD791C8BCB5E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F2DB8E66-00F5-46F0-9672-2C16535FB258}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1B942325-B4C9-4EBB-A9C1-B120B9368104}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F029CBF6-F3D7-4C25-BD77-90325A2F4EEC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5B24500-6ADA-476A-8688-B307F52A4F65}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E48C4DB2-71FD-4B64-ABCE-F0B0EBC321A9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{27101A0E-1258-4B13-AF6C-F256A327AC28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37D90B8E-87C5-4792-8290-1CFBC027E292}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9CCAD44-E133-44F4-909C-9CCC37FA0F9D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DC8DB092-9D74-4A18-8F7C-6B90D617748E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3BD5EE68-B46C-472B-BFA8-9E9DDFAD3FD8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{6D437CCA-C3D2-4775-A31B-CCC41CC5E788}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{F7C175D5-3171-4636-80AB-C489FA654933}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7AFD0ADC-9657-4D7D-B3D8-9D9907734CD5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{C08A8E7A-BC1B-4164-B0A6-7D94AD06BAFB}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{8164E090-4D0D-4E2D-94DE-934AB67FDDC4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{D8FA4E51-632D-4617-93A0-5675D20305DA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{192A7E20-A57C-4D9B-8550-C1656DD5C64C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
29-07-2016 17:33:28 Windows-Sicherung
29-07-2016 18:10:42 Windows-Sicherung
30-07-2016 11:01:14 Windows Update
30-07-2016 11:07:43 Windows-Sicherung
30-07-2016 12:03:56 Windows-Sicherung
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/30/2016 12:54:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: update.exe_Avira Product Family, Version: 15.0.18.342, Zeitstempel: 0x577d2df1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x03cd7e20
ID des fehlerhaften Prozesses: 0x748
Startzeit der fehlerhaften Anwendung: 0xupdate.exe_Avira Product Family0
Pfad der fehlerhaften Anwendung: update.exe_Avira Product Family1
Pfad des fehlerhaften Moduls: update.exe_Avira Product Family2
Berichtskennung: update.exe_Avira Product Family3
Error: (07/30/2016 11:54:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: update.exe_Avira Product Family, Version: 15.0.18.342, Zeitstempel: 0x577d2df1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x03a77e20
ID des fehlerhaften Prozesses: 0x11fc
Startzeit der fehlerhaften Anwendung: 0xupdate.exe_Avira Product Family0
Pfad der fehlerhaften Anwendung: update.exe_Avira Product Family1
Pfad des fehlerhaften Moduls: update.exe_Avira Product Family2
Berichtskennung: update.exe_Avira Product Family3
Error: (07/30/2016 10:54:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: update.exe_Avira Product Family, Version: 15.0.18.342, Zeitstempel: 0x577d2df1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x03da7e20
ID des fehlerhaften Prozesses: 0x748
Startzeit der fehlerhaften Anwendung: 0xupdate.exe_Avira Product Family0
Pfad der fehlerhaften Anwendung: update.exe_Avira Product Family1
Pfad des fehlerhaften Moduls: update.exe_Avira Product Family2
Berichtskennung: update.exe_Avira Product Family3
Error: (07/30/2016 09:55:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: update.exe_Avira Product Family, Version: 15.0.18.342, Zeitstempel: 0x577d2df1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02f07e20
ID des fehlerhaften Prozesses: 0x84c
Startzeit der fehlerhaften Anwendung: 0xupdate.exe_Avira Product Family0
Pfad der fehlerhaften Anwendung: update.exe_Avira Product Family1
Pfad des fehlerhaften Moduls: update.exe_Avira Product Family2
Berichtskennung: update.exe_Avira Product Family3
Error: (07/29/2016 11:22:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11076
Error: (07/29/2016 11:22:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11076
Error: (07/29/2016 11:22:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/29/2016 11:22:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10077
Error: (07/29/2016 11:22:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10077
Error: (07/29/2016 11:22:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Systemfehler:
=============
Error: (07/29/2016 06:23:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (07/29/2016 06:23:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (07/29/2016 04:48:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (07/29/2016 04:46:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (07/29/2016 04:40:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/29/2016 04:40:41 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (07/29/2016 04:38:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (07/29/2016 04:38:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3 = Das System kann den angegebenen Pfad nicht finden.
Error: (07/29/2016 04:37:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/29/2016 04:37:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-07-29 11:20:00.953
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LMouFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:20:00.906
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LMouFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:55.475
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:55.415
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:55.365
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:55.295
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:55.245
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:55.182
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:52.448
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-07-29 11:19:52.408
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\LHidFilt.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X3 710 Processor
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8191.18 MB
Verfügbarer physikalischer RAM: 4844.09 MB
Summe virtueller Speicher: 16380.54 MB
Verfügbarer virtueller Speicher: 12856.07 MB
==================== Laufwerke ================================
Drive c: (Windows 7 Professional 64bit) (Fixed) (Total:78.12 GB) (Free:18.68 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (secure) (Fixed) (Total:240.76 GB) (Free:121.06 GB) NTFS
Drive e: (fhp) (Fixed) (Total:125 GB) (Free:93.66 GB) NTFS
Drive f: (Windows XP Mode) (Fixed) (Total:100 GB) (Free:83.68 GB) NTFS
Drive g: (download) (Fixed) (Total:162.63 GB) (Free:137.19 GB) NTFS
Drive h: (Auslagerungsdatei) (Fixed) (Total:225 GB) (Free:216.75 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: CF1A1316)
Partition 1: (Active) - (Size=78.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=162.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=125 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: CF1A130F)
Partition 1: (Active) - (Size=240.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=225 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Puh, jetzt habe ich es doch noch geschafft. |
|
31.07.2016, 12:17
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog
__________________Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ |
|
31.07.2016, 12:52
| #4 |
| | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Hi cosinus, Danke, dass Du mich meiner annimmst! Mein Avira ist noch bis 11/2017 bezahlt und es bekommt bei av-test.org wieder beste Bewertungen, das war zwischenzeitlich in der Tat anders. https://www.av-test.org/de/antivirus/privat-windows/windows-10/april-2016/ Da dies der einzige Rechner ist den ich zur Verfügung habe kann ich nicht so ohne weiteres Avira deinstallieren, denn ich möchte auf keinen Fall ohne jeglichen Schutz surfen etc. bzw. Deine Lösungen abarbeiten. Gibt es denn einen Alternativ-Vorschlag/Lösung Deinerseits zu Avira, denn ich sofort nach der Deinstallation von Avira installieren kann? In der Pro-Version gibt es übrigens kein Ask. Besten Dank, buju |
|
31.07.2016, 12:55
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Dann behalt eben Avira. Aber mit dieser unvollständigen Angabe: Zitat:
 Bitte mal ein Log mit TDSS machen: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
31.07.2016, 15:05
| #6 |
| | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Hi cosinus, mir ist auch die von Dir genannte unvollständige Angabe von Avira übel aufgestossen. Selbst nachdem ich in der Avira-Konfiguration 'Bericht' von 'Standard' auf 'Vollständig' umgestellt hatte kam nicht mehr. Da ist Deine Kritik mehr als berechtigt. Code:
ATTFilter 15:45:47.0542 0x1250 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:45:49.0944 0x1250 ============================================================
15:45:49.0944 0x1250 Current date / time: 2016/07/31 15:45:49.0944
15:45:49.0944 0x1250 SystemInfo:
15:45:49.0944 0x1250
15:45:49.0944 0x1250 OS Version: 6.1.7601 ServicePack: 1.0
15:45:49.0944 0x1250 Product type: Workstation
15:45:49.0944 0x1250 ComputerName: FRANK-PC
15:45:49.0944 0x1250 UserName: Frank
15:45:49.0944 0x1250 Windows directory: C:\Windows
15:45:49.0944 0x1250 System windows directory: C:\Windows
15:45:49.0944 0x1250 Running under WOW64
15:45:49.0944 0x1250 Processor architecture: Intel x64
15:45:49.0944 0x1250 Number of processors: 3
15:45:49.0944 0x1250 Page size: 0x1000
15:45:49.0944 0x1250 Boot type: Normal boot
15:45:49.0944 0x1250 ============================================================
15:45:51.0676 0x1250 KLMD registered as C:\Windows\system32\drivers\39672162.sys
15:45:51.0863 0x1250 System UUID: {9DB48689-8346-62E3-46C6-D7896D763A87}
15:45:52.0269 0x1250 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:45:52.0284 0x1250 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:45:52.0300 0x1250 ============================================================
15:45:52.0300 0x1250 \Device\Harddisk0\DR0:
15:45:52.0300 0x1250 MBR partitions:
15:45:52.0300 0x1250 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x9C40000
15:45:52.0300 0x1250 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C40800, BlocksNum 0xC800000
15:45:52.0300 0x1250 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x16440800, BlocksNum 0x14544800
15:45:52.0331 0x1250 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x2A985800, BlocksNum 0xFA00000
15:45:52.0331 0x1250 \Device\Harddisk1\DR1:
15:45:52.0331 0x1250 MBR partitions:
15:45:52.0331 0x1250 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1E183FE0
15:45:52.0331 0x1250 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1E185800, BlocksNum 0x1C1FF800
15:45:52.0331 0x1250 ============================================================
15:45:52.0331 0x1250 C: <-> \Device\Harddisk0\DR0\Partition1
15:45:52.0347 0x1250 D: <-> \Device\Harddisk1\DR1\Partition1
15:45:52.0393 0x1250 E: <-> \Device\Harddisk0\DR0\Partition4
15:45:52.0409 0x1250 F: <-> \Device\Harddisk0\DR0\Partition2
15:45:52.0456 0x1250 G: <-> \Device\Harddisk0\DR0\Partition3
15:45:52.0487 0x1250 H: <-> \Device\Harddisk1\DR1\Partition2
15:45:52.0487 0x1250 ============================================================
15:45:52.0487 0x1250 Initialize success
15:45:52.0487 0x1250 ============================================================
15:46:46.0404 0x03b4 ============================================================
15:46:46.0404 0x03b4 Scan started
15:46:46.0404 0x03b4 Mode: Manual; SigCheck; TDLFS;
15:46:46.0404 0x03b4 ============================================================
15:46:46.0404 0x03b4 KSN ping started
15:46:46.0482 0x03b4 KSN ping finished: true
15:46:47.0808 0x03b4 ================ Scan system memory ========================
15:46:47.0808 0x03b4 System memory - ok
15:46:47.0808 0x03b4 ================ Scan services =============================
15:46:47.0886 0x03b4 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:46:47.0996 0x03b4 !SASCORE - ok
15:46:48.0120 0x03b4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:46:48.0245 0x03b4 1394ohci - ok
15:46:48.0276 0x03b4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:46:48.0292 0x03b4 ACPI - ok
15:46:48.0323 0x03b4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:46:48.0432 0x03b4 AcpiPmi - ok
15:46:48.0526 0x03b4 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:46:48.0542 0x03b4 AdobeARMservice - ok
15:46:48.0729 0x03b4 [ 328708CB8CDADD9C284B4E33E2B19904, 037854C773AA9C7A542A4ED04D61F6BDD10C933EE9BA98D7DD7DB128EC915970 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:46:48.0791 0x03b4 AdobeFlashPlayerUpdateSvc - ok
15:46:48.0838 0x03b4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:46:48.0869 0x03b4 adp94xx - ok
15:46:48.0900 0x03b4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:46:48.0916 0x03b4 adpahci - ok
15:46:48.0932 0x03b4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:46:48.0947 0x03b4 adpu320 - ok
15:46:48.0978 0x03b4 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:46:49.0025 0x03b4 AeLookupSvc - ok
15:46:49.0072 0x03b4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
15:46:49.0134 0x03b4 AFD - ok
15:46:49.0150 0x03b4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:46:49.0181 0x03b4 agp440 - ok
15:46:49.0197 0x03b4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:46:49.0244 0x03b4 ALG - ok
15:46:49.0275 0x03b4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:46:49.0290 0x03b4 aliide - ok
15:46:49.0337 0x03b4 [ 6BF0147A7A924E5A3AE049A95ECC9B34, 129F0E0FD165C66FEAAA9438F91001AD89AEF39CD655FE60973B7E97146A12C6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:46:49.0431 0x03b4 AMD External Events Utility - ok
15:46:49.0493 0x03b4 [ 82D9B39F69F577729829C94C93856928, C1328F7F7D3C916785201DDAC09E732151402CB31E82FB8144E83522A9D3F942 ] AMD FUEL Service C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
15:46:49.0524 0x03b4 AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
15:46:49.0618 0x03b4 Detect skipped due to KSN trusted
15:46:49.0618 0x03b4 AMD FUEL Service - ok
15:46:49.0649 0x03b4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:46:49.0665 0x03b4 amdide - ok
15:46:49.0696 0x03b4 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:46:49.0727 0x03b4 amdiox64 - ok
15:46:49.0743 0x03b4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:46:49.0758 0x03b4 AmdK8 - ok
15:46:49.0790 0x03b4 amdkmdag - ok
15:46:49.0868 0x03b4 [ 50228D17A34A1E5CF93084A6AE70870B, BF8967C3178F4BC2DF2DDAF272C9598B6E53E6C312B7304D44AC66E3592C63D1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:46:49.0930 0x03b4 amdkmdap - ok
15:46:49.0961 0x03b4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:46:49.0977 0x03b4 AmdPPM - ok
15:46:50.0008 0x03b4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:46:50.0024 0x03b4 amdsata - ok
15:46:50.0039 0x03b4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:46:50.0055 0x03b4 amdsbs - ok
15:46:50.0070 0x03b4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:46:50.0086 0x03b4 amdxata - ok
15:46:50.0211 0x03b4 [ 00A59103080736D67F7226446CFB1E2C, 7E52530D60AE52233B5B6876020C7A4245FAE26455A876EC2D699C196327426B ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
15:46:50.0258 0x03b4 AntiVirMailService - ok
15:46:50.0304 0x03b4 [ BB3BAB4F1502328C4FB6CCA3C8114F39, 342DA11EA47208E03FA4256BEC3EF392382C2EBD702B1A69BF89AD9755A7D362 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
15:46:50.0336 0x03b4 AntiVirSchedulerService - ok
15:46:50.0382 0x03b4 [ BB3BAB4F1502328C4FB6CCA3C8114F39, 342DA11EA47208E03FA4256BEC3EF392382C2EBD702B1A69BF89AD9755A7D362 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
15:46:50.0398 0x03b4 AntiVirService - ok
15:46:50.0507 0x03b4 [ 256EE2A3AA545C6E3B160A8C5DB0088F, B4464E9B5927D3894CEDC2D861B66372F6D5D7E6CFE40A9C1DC781B1730AC306 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
15:46:50.0554 0x03b4 AntiVirWebService - ok
15:46:50.0585 0x03b4 AODDriver4.0 - ok
15:46:50.0601 0x03b4 AODDriver4.01 - ok
15:46:50.0616 0x03b4 AODDriver4.2.0 - ok
15:46:50.0648 0x03b4 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:46:50.0663 0x03b4 AODDriver4.3 - ok
15:46:50.0694 0x03b4 [ 5F9389D9A2D5A2A7B03DC92914B43A88, CCF08F6BCF2479CA97055A88849CB2E1D7DD32DD87AC3833CB349E788F594AAF ] AppID C:\Windows\system32\drivers\appid.sys
15:46:50.0726 0x03b4 AppID - ok
15:46:50.0741 0x03b4 [ 4EC449C6A6FE42F2E44F25C17D17C9F1, 24161794DEC599427F370970F7E03548F55BC8A4A58F3B667F565E571BCA0100 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:46:50.0788 0x03b4 AppIDSvc - ok
15:46:50.0804 0x03b4 [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\Windows\System32\appinfo.dll
15:46:50.0835 0x03b4 Appinfo - ok
15:46:50.0913 0x03b4 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:50.0944 0x03b4 Apple Mobile Device Service - ok
15:46:50.0991 0x03b4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:46:51.0038 0x03b4 AppMgmt - ok
15:46:51.0069 0x03b4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:46:51.0084 0x03b4 arc - ok
15:46:51.0100 0x03b4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:46:51.0116 0x03b4 arcsas - ok
15:46:51.0147 0x03b4 [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
15:46:51.0162 0x03b4 AsIO - ok
15:46:51.0240 0x03b4 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:46:51.0256 0x03b4 aspnet_state - ok
15:46:51.0287 0x03b4 [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
15:46:51.0303 0x03b4 AsUpIO - ok
15:46:51.0318 0x03b4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:51.0412 0x03b4 AsyncMac - ok
15:46:51.0428 0x03b4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:46:51.0443 0x03b4 atapi - ok
15:46:51.0474 0x03b4 [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:46:51.0521 0x03b4 AtiHDAudioService - ok
15:46:51.0552 0x03b4 [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:46:51.0568 0x03b4 AtiHdmiService - ok
15:46:51.0568 0x03b4 atikmdag - ok
15:46:51.0615 0x03b4 atillk64 - ok
15:46:51.0646 0x03b4 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
15:46:51.0677 0x03b4 AtiPcie - ok
15:46:51.0724 0x03b4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:46:51.0771 0x03b4 AudioEndpointBuilder - ok
15:46:51.0833 0x03b4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:46:51.0864 0x03b4 AudioSrv - ok
15:46:51.0911 0x03b4 [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:46:51.0942 0x03b4 avgntflt - ok
15:46:51.0974 0x03b4 [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:46:51.0989 0x03b4 avipbb - ok
15:46:52.0052 0x03b4 [ 5F0C87F2FA11C991BB93B84BD02151B3, D1A9451968C197609A08FA3B83DA1B5D0A28C805A11C1C40D91FAE9DA5FD1B55 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:46:52.0067 0x03b4 Avira.ServiceHost - ok
15:46:52.0083 0x03b4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:46:52.0098 0x03b4 avkmgr - ok
15:46:52.0130 0x03b4 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
15:46:52.0176 0x03b4 avnetflt - ok
15:46:52.0223 0x03b4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:46:52.0270 0x03b4 AxInstSV - ok
15:46:52.0332 0x03b4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:46:52.0364 0x03b4 b06bdrv - ok
15:46:52.0410 0x03b4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:52.0457 0x03b4 b57nd60a - ok
15:46:52.0488 0x03b4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:46:52.0520 0x03b4 BDESVC - ok
15:46:52.0520 0x03b4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:46:52.0566 0x03b4 Beep - ok
15:46:52.0613 0x03b4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:46:52.0676 0x03b4 BFE - ok
15:46:52.0722 0x03b4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:46:52.0894 0x03b4 BITS - ok
15:46:52.0925 0x03b4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:46:52.0941 0x03b4 blbdrive - ok
15:46:53.0034 0x03b4 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:46:53.0066 0x03b4 Bonjour Service - ok
15:46:53.0097 0x03b4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:46:53.0128 0x03b4 bowser - ok
15:46:53.0144 0x03b4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:46:53.0175 0x03b4 BrFiltLo - ok
15:46:53.0175 0x03b4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:46:53.0206 0x03b4 BrFiltUp - ok
15:46:53.0237 0x03b4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:46:53.0268 0x03b4 Browser - ok
15:46:53.0284 0x03b4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:46:53.0331 0x03b4 Brserid - ok
15:46:53.0346 0x03b4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:53.0362 0x03b4 BrSerWdm - ok
15:46:53.0378 0x03b4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:53.0393 0x03b4 BrUsbMdm - ok
15:46:53.0409 0x03b4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:53.0440 0x03b4 BrUsbSer - ok
15:46:53.0440 0x03b4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:46:53.0471 0x03b4 BTHMODEM - ok
15:46:53.0502 0x03b4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:46:53.0534 0x03b4 bthserv - ok
15:46:53.0549 0x03b4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:46:53.0596 0x03b4 cdfs - ok
15:46:53.0627 0x03b4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:46:53.0643 0x03b4 cdrom - ok
15:46:53.0705 0x03b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:46:53.0752 0x03b4 CertPropSvc - ok
15:46:53.0768 0x03b4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:46:53.0799 0x03b4 circlass - ok
15:46:53.0814 0x03b4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:46:53.0846 0x03b4 CLFS - ok
15:46:53.0892 0x03b4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:53.0939 0x03b4 clr_optimization_v2.0.50727_32 - ok
15:46:53.0970 0x03b4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:54.0017 0x03b4 clr_optimization_v2.0.50727_64 - ok
15:46:54.0064 0x03b4 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:54.0080 0x03b4 clr_optimization_v4.0.30319_32 - ok
15:46:54.0111 0x03b4 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:46:54.0126 0x03b4 clr_optimization_v4.0.30319_64 - ok
15:46:54.0158 0x03b4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:54.0173 0x03b4 CmBatt - ok
15:46:54.0189 0x03b4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:46:54.0204 0x03b4 cmdide - ok
15:46:54.0236 0x03b4 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
15:46:54.0267 0x03b4 CNG - ok
15:46:54.0282 0x03b4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:46:54.0298 0x03b4 Compbatt - ok
15:46:54.0329 0x03b4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:46:54.0360 0x03b4 CompositeBus - ok
15:46:54.0376 0x03b4 COMSysApp - ok
15:46:54.0376 0x03b4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:46:54.0392 0x03b4 crcdisk - ok
15:46:54.0423 0x03b4 [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:46:54.0470 0x03b4 CryptSvc - ok
15:46:54.0548 0x03b4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:46:54.0641 0x03b4 CSC - ok
15:46:54.0735 0x03b4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:46:54.0797 0x03b4 CscService - ok
15:46:54.0828 0x03b4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
15:46:54.0860 0x03b4 DcomLaunch - ok
15:46:54.0891 0x03b4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:46:54.0938 0x03b4 defragsvc - ok
15:46:54.0969 0x03b4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:46:55.0000 0x03b4 DfsC - ok
15:46:55.0031 0x03b4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:46:55.0078 0x03b4 Dhcp - ok
15:46:55.0094 0x03b4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:46:55.0140 0x03b4 discache - ok
15:46:55.0156 0x03b4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
15:46:55.0172 0x03b4 Disk - ok
15:46:55.0203 0x03b4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:46:55.0250 0x03b4 Dnscache - ok
15:46:55.0281 0x03b4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:46:55.0328 0x03b4 dot3svc - ok
15:46:55.0359 0x03b4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:46:55.0437 0x03b4 DPS - ok
15:46:55.0452 0x03b4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:46:55.0515 0x03b4 drmkaud - ok
15:46:55.0562 0x03b4 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:46:55.0608 0x03b4 DXGKrnl - ok
15:46:55.0640 0x03b4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:46:55.0686 0x03b4 EapHost - ok
15:46:55.0827 0x03b4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:46:55.0920 0x03b4 ebdrv - ok
15:46:55.0952 0x03b4 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] EFS C:\Windows\System32\lsass.exe
15:46:55.0983 0x03b4 EFS - ok
15:46:56.0045 0x03b4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:46:56.0108 0x03b4 ehRecvr - ok
15:46:56.0139 0x03b4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:46:56.0154 0x03b4 ehSched - ok
15:46:56.0186 0x03b4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:46:56.0217 0x03b4 elxstor - ok
15:46:56.0248 0x03b4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:46:56.0295 0x03b4 ErrDev - ok
15:46:56.0326 0x03b4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:46:56.0373 0x03b4 EventSystem - ok
15:46:56.0498 0x03b4 [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] Everything C:\Program Files\Everything\Everything.exe
15:46:56.0560 0x03b4 Everything - detected UnsignedFile.Multi.Generic ( 1 )
15:46:56.0669 0x03b4 Detect skipped due to KSN trusted
15:46:56.0669 0x03b4 Everything - ok
15:46:56.0700 0x03b4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:46:56.0778 0x03b4 exfat - ok
15:46:56.0794 0x03b4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:46:56.0825 0x03b4 fastfat - ok
15:46:56.0981 0x03b4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:46:57.0028 0x03b4 Fax - ok
15:46:57.0044 0x03b4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:46:57.0059 0x03b4 fdc - ok
15:46:57.0075 0x03b4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:46:57.0122 0x03b4 fdPHost - ok
15:46:57.0122 0x03b4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:46:57.0184 0x03b4 FDResPub - ok
15:46:57.0200 0x03b4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:46:57.0215 0x03b4 FileInfo - ok
15:46:57.0231 0x03b4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:46:57.0262 0x03b4 Filetrace - ok
15:46:57.0278 0x03b4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:46:57.0293 0x03b4 flpydisk - ok
15:46:57.0324 0x03b4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:46:57.0340 0x03b4 FltMgr - ok
15:46:57.0418 0x03b4 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
15:46:57.0465 0x03b4 FontCache - ok
15:46:57.0496 0x03b4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:46:57.0496 0x03b4 FontCache3.0.0.0 - ok
15:46:57.0512 0x03b4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:46:57.0527 0x03b4 FsDepends - ok
15:46:57.0543 0x03b4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:46:57.0558 0x03b4 Fs_Rec - ok
15:46:57.0590 0x03b4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:46:57.0621 0x03b4 fvevol - ok
15:46:57.0621 0x03b4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:46:57.0636 0x03b4 gagp30kx - ok
15:46:57.0668 0x03b4 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
15:46:57.0683 0x03b4 gdrv - ok
15:46:57.0730 0x03b4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:46:57.0761 0x03b4 GEARAspiWDM - ok
15:46:57.0824 0x03b4 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
15:46:57.0886 0x03b4 gpsvc - ok
15:46:57.0964 0x03b4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:58.0011 0x03b4 gupdate - ok
15:46:58.0026 0x03b4 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:46:58.0042 0x03b4 gupdatem - ok
15:46:58.0073 0x03b4 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:46:58.0104 0x03b4 gusvc - ok
15:46:58.0120 0x03b4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:46:58.0151 0x03b4 hcw85cir - ok
15:46:58.0167 0x03b4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:46:58.0214 0x03b4 HdAudAddService - ok
15:46:58.0229 0x03b4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:46:58.0276 0x03b4 HDAudBus - ok
15:46:58.0276 0x03b4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:46:58.0307 0x03b4 HidBatt - ok
15:46:58.0323 0x03b4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:46:58.0354 0x03b4 HidBth - ok
15:46:58.0370 0x03b4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:46:58.0401 0x03b4 HidIr - ok
15:46:58.0416 0x03b4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:46:58.0463 0x03b4 hidserv - ok
15:46:58.0479 0x03b4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:46:58.0510 0x03b4 HidUsb - ok
15:46:58.0526 0x03b4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:46:58.0572 0x03b4 hkmsvc - ok
15:46:58.0619 0x03b4 [ 0E0685EC6CC55FAD8F65FB1A0BF22B24, 3552838A20462B085B2787E5C2416BF6D37F6C4CAA662629C1C9042F60DFB775 ] hmpalert C:\Windows\system32\drivers\hmpalert.sys
15:46:58.0650 0x03b4 hmpalert - ok
15:46:58.0869 0x03b4 [ 9660A9DD4D9E3B103894FAAD4FDD6CE9, C967DA56D093251F0D0CE55CA38B893E7C76181D2E6E323BB5081ADDD4672E97 ] hmpalertsvc C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
15:46:59.0009 0x03b4 hmpalertsvc - ok
15:46:59.0040 0x03b4 [ BD56D284C7703765D473E7095B38770F, 2921F3C97815D62137D65B03661505EEA870663055D6F7E607A75E428B681D59 ] hmpnet C:\Windows\system32\drivers\hmpnet.sys
15:46:59.0072 0x03b4 hmpnet - ok
15:46:59.0103 0x03b4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:46:59.0134 0x03b4 HomeGroupListener - ok
15:46:59.0150 0x03b4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:46:59.0181 0x03b4 HomeGroupProvider - ok
15:46:59.0290 0x03b4 [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:46:59.0337 0x03b4 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
15:46:59.0462 0x03b4 Detect skipped due to KSN trusted
15:46:59.0462 0x03b4 hpqcxs08 - ok
15:46:59.0508 0x03b4 [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:46:59.0540 0x03b4 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
15:46:59.0649 0x03b4 Detect skipped due to KSN trusted
15:46:59.0649 0x03b4 hpqddsvc - ok
15:46:59.0680 0x03b4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:46:59.0742 0x03b4 HpSAMD - ok
15:46:59.0867 0x03b4 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Users\Frank\AppData\Local\Temp\7zS5093\hpslpsvc64.dll
15:46:59.0914 0x03b4 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
15:47:00.0023 0x03b4 Detect skipped due to KSN trusted
15:47:00.0023 0x03b4 HPSLPSVC - ok
15:47:00.0070 0x03b4 [ 83B7C57901235297A702348394B460A5, FE47A2C19BD5DFEBC0830944E7F3FB67BAC0F09265DD56C74C2CB8000883ABBF ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
15:47:00.0101 0x03b4 HPSupportSolutionsFrameworkService - ok
15:47:00.0148 0x03b4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:47:00.0195 0x03b4 HTTP - ok
15:47:00.0226 0x03b4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:47:00.0242 0x03b4 hwpolicy - ok
15:47:00.0257 0x03b4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:47:00.0288 0x03b4 i8042prt - ok
15:47:00.0320 0x03b4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:47:00.0351 0x03b4 iaStorV - ok
15:47:00.0413 0x03b4 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:47:00.0429 0x03b4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:47:00.0522 0x03b4 Detect skipped due to KSN trusted
15:47:00.0522 0x03b4 IDriverT - ok
15:47:00.0616 0x03b4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:47:00.0663 0x03b4 idsvc - ok
15:47:00.0678 0x03b4 IEEtwCollectorService - ok
15:47:00.0741 0x03b4 [ AC9EBDE25DB39A35E1CEB0441BA7A464, 6C53EC55E8FB4B23FE418613DC3458B4E0D2828304A478D57D992A3048899435 ] IGDCTRL C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
15:47:00.0756 0x03b4 IGDCTRL - ok
15:47:00.0772 0x03b4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:47:00.0788 0x03b4 iirsp - ok
15:47:00.0850 0x03b4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:47:00.0897 0x03b4 IKEEXT - ok
15:47:00.0928 0x03b4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:47:00.0944 0x03b4 intelide - ok
15:47:00.0959 0x03b4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:47:00.0975 0x03b4 intelppm - ok
15:47:01.0006 0x03b4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:47:01.0053 0x03b4 IPBusEnum - ok
15:47:01.0068 0x03b4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:01.0100 0x03b4 IpFilterDriver - ok
15:47:01.0146 0x03b4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:47:01.0178 0x03b4 iphlpsvc - ok
15:47:01.0209 0x03b4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:47:01.0240 0x03b4 IPMIDRV - ok
15:47:01.0256 0x03b4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:47:01.0302 0x03b4 IPNAT - ok
15:47:01.0396 0x03b4 [ 9C9D71CC6705176731EA5672F1648BB7, F44C7CAFAE09F09AFE1D17C7284D98AFBC7B322B5FB79F7D4C20EF862BF2E81F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:47:01.0427 0x03b4 iPod Service - ok
15:47:01.0458 0x03b4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:47:01.0490 0x03b4 IRENUM - ok
15:47:01.0505 0x03b4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:47:01.0505 0x03b4 isapnp - ok
15:47:01.0552 0x03b4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:47:01.0599 0x03b4 iScsiPrt - ok
15:47:01.0630 0x03b4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:01.0646 0x03b4 kbdclass - ok
15:47:01.0661 0x03b4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:47:01.0692 0x03b4 kbdhid - ok
15:47:01.0692 0x03b4 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] KeyIso C:\Windows\system32\lsass.exe
15:47:01.0708 0x03b4 KeyIso - ok
15:47:01.0739 0x03b4 [ F2A025E1C513407D0788D8D60DC33E99, CFB07F5C61690A7400D5F2F2522238157E713F70ED13D680A3391215A2B66F30 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:47:01.0755 0x03b4 KSecDD - ok
15:47:01.0770 0x03b4 [ 8F9129F7DC2BC8F4B12BF89385450567, 569BDD92D6359B030372AD63914C4F1E99E3C724619204405E758644237998FD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:47:01.0786 0x03b4 KSecPkg - ok
15:47:01.0802 0x03b4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:47:01.0833 0x03b4 ksthunk - ok
15:47:01.0864 0x03b4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:47:01.0911 0x03b4 KtmRm - ok
15:47:01.0926 0x03b4 [ B8E670D7EF61615FA03104552854FAC9, 4037B5A5D1E6E0310B73D5AF8E40A5C0ED4AD238F0EDAFF6AC6F392A2886197F ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
15:47:01.0973 0x03b4 L1E - ok
15:47:02.0004 0x03b4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:47:02.0067 0x03b4 LanmanServer - ok
15:47:02.0082 0x03b4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:02.0129 0x03b4 LanmanWorkstation - ok
15:47:02.0223 0x03b4 [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:47:02.0254 0x03b4 LBTServ - ok
15:47:02.0285 0x03b4 [ EAB70270BDDCFEF56FCC7425C2D9883D, 7B351EE3DA3DA4677DD8E4F91A5FFA6EBB3A15BF76F34EAC8879ECB16D01190F ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:47:02.0301 0x03b4 LEqdUsb - ok
15:47:02.0316 0x03b4 [ 5EBB7C1FC685D45A1D3D8B2B9A656E48, 8C4D984D3566DE29D13A294ED927525A7D7A106887E809986EBDDA8CC0B98FFB ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:47:02.0332 0x03b4 LHidEqd - ok
15:47:02.0363 0x03b4 [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:47:02.0379 0x03b4 LHidFilt - ok
15:47:02.0410 0x03b4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:47:02.0441 0x03b4 lltdio - ok
15:47:02.0472 0x03b4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:47:02.0519 0x03b4 lltdsvc - ok
15:47:02.0519 0x03b4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:47:02.0566 0x03b4 lmhosts - ok
15:47:02.0582 0x03b4 [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:47:02.0597 0x03b4 LMouFilt - ok
15:47:02.0628 0x03b4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:47:02.0644 0x03b4 LSI_FC - ok
15:47:02.0644 0x03b4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:47:02.0660 0x03b4 LSI_SAS - ok
15:47:02.0675 0x03b4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:47:02.0691 0x03b4 LSI_SAS2 - ok
15:47:02.0706 0x03b4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:47:02.0722 0x03b4 LSI_SCSI - ok
15:47:02.0738 0x03b4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:47:02.0784 0x03b4 luafv - ok
15:47:02.0847 0x03b4 [ EC470D91EF06A59397EDC18D48899CC5, AE9A4CF198485D75617B0535119B196CC7843B968579963F8AC372F0C8DA29C1 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
15:47:02.0878 0x03b4 MatSvc - ok
15:47:02.0925 0x03b4 [ 47701ECA633574E122687693B5C5D35C, 1DB12767462347504956450FAD0D90B6E682E2E8959A6C5DF3792C3C3DA289B1 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
15:47:02.0940 0x03b4 mbamchameleon - ok
15:47:03.0003 0x03b4 [ 46FB0DCE8D46A072B4558B5309A997F2, 42112A77FC44BC69EFFBF12D9996A6D3CF23B0B05733E141E36069F75B4A4CE5 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
15:47:03.0034 0x03b4 McAfee SiteAdvisor Service - ok
15:47:03.0065 0x03b4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:47:03.0081 0x03b4 Mcx2Svc - ok
15:47:03.0096 0x03b4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:47:03.0112 0x03b4 megasas - ok
15:47:03.0128 0x03b4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:47:03.0143 0x03b4 MegaSR - ok
15:47:03.0174 0x03b4 [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2 C:\Windows\system32\9030.tmp
15:47:03.0174 0x03b4 MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
15:47:03.0284 0x03b4 Detect skipped due to KSN trusted
15:47:03.0284 0x03b4 MEMSWEEP2 - ok
15:47:03.0362 0x03b4 [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
15:47:03.0408 0x03b4 mfesapsn - ok
15:47:03.0424 0x03b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:47:03.0486 0x03b4 MMCSS - ok
15:47:03.0502 0x03b4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:47:03.0533 0x03b4 Modem - ok
15:47:03.0549 0x03b4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:47:03.0580 0x03b4 monitor - ok
15:47:03.0611 0x03b4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:47:03.0627 0x03b4 mouclass - ok
15:47:03.0642 0x03b4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:47:03.0658 0x03b4 mouhid - ok
15:47:03.0720 0x03b4 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:47:03.0736 0x03b4 mountmgr - ok
15:47:03.0798 0x03b4 [ CDA5E0CA6BAB59A38B0E6820B9A34CAB, 8F7B04CFBB08CFE357F1DF861A77EFA75EC26777E1272542BACAC1C0A3047DBE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:47:03.0830 0x03b4 MozillaMaintenance - ok
15:47:03.0845 0x03b4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:47:03.0876 0x03b4 mpio - ok
15:47:03.0876 0x03b4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:47:03.0923 0x03b4 mpsdrv - ok
15:47:03.0970 0x03b4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:47:04.0032 0x03b4 MpsSvc - ok
15:47:04.0048 0x03b4 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:47:04.0095 0x03b4 MRxDAV - ok
15:47:04.0110 0x03b4 [ 15734008BB9E11AC603B3F4187B91FF1, 39A3B6DBC0DC68A3767D03537DF15AF600C6DFA2448338B5BE08B43AC2ABFC49 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:04.0126 0x03b4 mrxsmb - ok
15:47:04.0157 0x03b4 [ 6DFF8C84C6BA5CF58811B5F4AFD28AF0, 79ABA1E96FC072E816B754F2B33B9E613D4E82A0F9C0276A87922C0238DBCFDC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:04.0188 0x03b4 mrxsmb10 - ok
15:47:04.0220 0x03b4 [ 2D5C914682813F166FA1DA0FFCCF757E, 4FE2411CC0D57727E454CE2A456C1F70916682E4648EACCC394B97D45E0F36A6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:04.0251 0x03b4 mrxsmb20 - ok
15:47:04.0266 0x03b4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:47:04.0282 0x03b4 msahci - ok
15:47:04.0313 0x03b4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:47:04.0329 0x03b4 msdsm - ok
15:47:04.0344 0x03b4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:47:04.0360 0x03b4 MSDTC - ok
15:47:04.0391 0x03b4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:47:04.0422 0x03b4 Msfs - ok
15:47:04.0438 0x03b4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:47:04.0469 0x03b4 mshidkmdf - ok
15:47:04.0500 0x03b4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:47:04.0516 0x03b4 msisadrv - ok
15:47:04.0532 0x03b4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:47:04.0563 0x03b4 MSiSCSI - ok
15:47:04.0578 0x03b4 msiserver - ok
15:47:04.0594 0x03b4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:47:04.0625 0x03b4 MSKSSRV - ok
15:47:04.0641 0x03b4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:04.0688 0x03b4 MSPCLOCK - ok
15:47:04.0703 0x03b4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:47:04.0750 0x03b4 MSPQM - ok
15:47:04.0766 0x03b4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:47:04.0781 0x03b4 MsRPC - ok
15:47:04.0812 0x03b4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:47:04.0828 0x03b4 mssmbios - ok
15:47:04.0844 0x03b4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:47:04.0875 0x03b4 MSTEE - ok
15:47:04.0875 0x03b4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:47:04.0890 0x03b4 MTConfig - ok
15:47:04.0937 0x03b4 [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
15:47:04.0968 0x03b4 MTsensor - ok
15:47:04.0984 0x03b4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:47:05.0000 0x03b4 Mup - ok
15:47:05.0015 0x03b4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:47:05.0078 0x03b4 napagent - ok
15:47:05.0109 0x03b4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:47:05.0156 0x03b4 NativeWifiP - ok
15:47:05.0202 0x03b4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:47:05.0234 0x03b4 NDIS - ok
15:47:05.0249 0x03b4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:47:05.0296 0x03b4 NdisCap - ok
15:47:05.0312 0x03b4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:05.0343 0x03b4 NdisTapi - ok
15:47:05.0374 0x03b4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:05.0405 0x03b4 Ndisuio - ok
15:47:05.0436 0x03b4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:05.0483 0x03b4 NdisWan - ok
15:47:05.0499 0x03b4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:47:05.0530 0x03b4 NDProxy - ok
15:47:05.0577 0x03b4 [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:47:05.0592 0x03b4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:47:05.0702 0x03b4 Detect skipped due to KSN trusted
15:47:05.0702 0x03b4 Net Driver HPZ12 - ok
15:47:05.0717 0x03b4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:47:05.0780 0x03b4 NetBIOS - ok
15:47:05.0811 0x03b4 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:47:05.0858 0x03b4 NetBT - ok
15:47:05.0858 0x03b4 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] Netlogon C:\Windows\system32\lsass.exe
15:47:05.0873 0x03b4 Netlogon - ok
15:47:05.0904 0x03b4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:47:05.0951 0x03b4 Netman - ok
15:47:05.0998 0x03b4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:06.0029 0x03b4 NetMsmqActivator - ok
15:47:06.0045 0x03b4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:06.0060 0x03b4 NetPipeActivator - ok
15:47:06.0076 0x03b4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:47:06.0123 0x03b4 netprofm - ok
15:47:06.0154 0x03b4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:06.0170 0x03b4 NetTcpActivator - ok
15:47:06.0170 0x03b4 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:06.0201 0x03b4 NetTcpPortSharing - ok
15:47:06.0216 0x03b4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:47:06.0232 0x03b4 nfrd960 - ok
15:47:06.0263 0x03b4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:47:06.0294 0x03b4 NlaSvc - ok
15:47:06.0294 0x03b4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:47:06.0341 0x03b4 Npfs - ok
15:47:06.0341 0x03b4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:47:06.0388 0x03b4 nsi - ok
15:47:06.0404 0x03b4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:47:06.0450 0x03b4 nsiproxy - ok
15:47:06.0560 0x03b4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:47:06.0622 0x03b4 Ntfs - ok
15:47:06.0622 0x03b4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:47:06.0669 0x03b4 Null - ok
15:47:06.0700 0x03b4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:47:06.0716 0x03b4 nvraid - ok
15:47:06.0731 0x03b4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:47:06.0747 0x03b4 nvstor - ok
15:47:06.0778 0x03b4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:47:06.0794 0x03b4 nv_agp - ok
15:47:06.0825 0x03b4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:47:06.0840 0x03b4 ohci1394 - ok
15:47:07.0137 0x03b4 [ E5CD07C8B079284DC62EFBE4CCA2ECAF, C6D6EEBA132B4047D927C7288CF49F97C204C3E0F6392591E783069E682D91B3 ] OO DiskImage C:\Program Files\OO Software\DiskImage\oodiag.exe
15:47:07.0324 0x03b4 OO DiskImage - ok
15:47:07.0386 0x03b4 [ C904C08F6D3528A90EE18931E9D7823B, 5060286FE4BE98D0063C50826883E841897E168B5D0FFD4E1103B96EA5AD6C92 ] oodisr C:\Windows\system32\DRIVERS\oodisr.sys
15:47:07.0402 0x03b4 oodisr - ok
15:47:07.0433 0x03b4 [ C1CA04648A407581DE1F984D471D96C8, 03C3B3EA429C28DA5EA432E233615CA751F955967A9D68FF9C43B57B0EB72A17 ] oodisrh C:\Windows\system32\DRIVERS\oodisrh.sys
15:47:07.0449 0x03b4 oodisrh - ok
15:47:07.0464 0x03b4 [ E02B3E97F4ADADDB65A180EFC7017756, B9C6E8C4A3B2FFC05849F0484512057D6B159147F9FB90EC1E3CE25D90E3B0C0 ] oodivd C:\Windows\system32\DRIVERS\oodivd.sys
15:47:07.0480 0x03b4 oodivd - ok
15:47:07.0496 0x03b4 [ FF25E17C5DCDB980437E393519BBC92D, 1C383C4710123C0C0AE17D2E4AEB2D37BBC88B97DE89EF26AE8FCDEC0039D2F2 ] oodivdh C:\Windows\system32\DRIVERS\oodivdh.sys
15:47:07.0511 0x03b4 oodivdh - ok
15:47:07.0558 0x03b4 [ 7B2FD92550C937DBDADCC39854A1A6E5, 7AB1FAEF087585963751BDD2485FEE34A73915C25015504D961B102D80178DCB ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:07.0574 0x03b4 ose - ok
15:47:07.0823 0x03b4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:07.0948 0x03b4 osppsvc - ok
15:47:07.0979 0x03b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:47:08.0026 0x03b4 p2pimsvc - ok
15:47:08.0057 0x03b4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:47:08.0104 0x03b4 p2psvc - ok
15:47:08.0120 0x03b4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:47:08.0151 0x03b4 Parport - ok
15:47:08.0166 0x03b4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:47:08.0182 0x03b4 partmgr - ok
15:47:08.0213 0x03b4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:47:08.0260 0x03b4 PcaSvc - ok
15:47:08.0276 0x03b4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:47:08.0291 0x03b4 pci - ok
15:47:08.0307 0x03b4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:47:08.0322 0x03b4 pciide - ok
15:47:08.0338 0x03b4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:47:08.0369 0x03b4 pcmcia - ok
15:47:08.0369 0x03b4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:47:08.0400 0x03b4 pcw - ok
15:47:08.0432 0x03b4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:47:08.0463 0x03b4 PEAUTH - ok
15:47:08.0541 0x03b4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:47:08.0603 0x03b4 PeerDistSvc - ok
15:47:08.0666 0x03b4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:47:08.0744 0x03b4 PerfHost - ok
15:47:08.0806 0x03b4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:47:08.0900 0x03b4 pla - ok
15:47:08.0962 0x03b4 [ 4808ACE4B2C161AF2667F6C1AC45B434, 7C8F570721BA9827D2F4E5E48545D8A062484783091D7B1340BEE1F78AC90117 ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
15:47:08.0978 0x03b4 PlaysService - ok
15:47:09.0009 0x03b4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:47:09.0056 0x03b4 PlugPlay - ok
15:47:09.0102 0x03b4 [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:47:09.0118 0x03b4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:47:09.0227 0x03b4 Detect skipped due to KSN trusted
15:47:09.0227 0x03b4 Pml Driver HPZ12 - ok
15:47:09.0258 0x03b4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:47:09.0321 0x03b4 PNRPAutoReg - ok
15:47:09.0336 0x03b4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:47:09.0368 0x03b4 PNRPsvc - ok
15:47:09.0399 0x03b4 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:47:09.0446 0x03b4 PolicyAgent - ok
15:47:09.0461 0x03b4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:47:09.0508 0x03b4 Power - ok
15:47:09.0539 0x03b4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:47:09.0570 0x03b4 PptpMiniport - ok
15:47:09.0602 0x03b4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:47:09.0617 0x03b4 Processor - ok
15:47:09.0664 0x03b4 PROCEXP151 - ok
15:47:09.0695 0x03b4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:47:09.0726 0x03b4 ProfSvc - ok
15:47:09.0742 0x03b4 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] ProtectedStorage C:\Windows\system32\lsass.exe
15:47:09.0758 0x03b4 ProtectedStorage - ok
15:47:09.0789 0x03b4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:47:09.0820 0x03b4 Psched - ok
15:47:09.0882 0x03b4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:47:09.0945 0x03b4 ql2300 - ok
15:47:09.0976 0x03b4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:47:09.0992 0x03b4 ql40xx - ok
15:47:10.0023 0x03b4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:47:10.0038 0x03b4 QWAVE - ok
15:47:10.0054 0x03b4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:47:10.0101 0x03b4 QWAVEdrv - ok
15:47:10.0116 0x03b4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:47:10.0148 0x03b4 RasAcd - ok
15:47:10.0163 0x03b4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:47:10.0210 0x03b4 RasAgileVpn - ok
15:47:10.0226 0x03b4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:47:10.0272 0x03b4 RasAuto - ok
15:47:10.0304 0x03b4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:10.0335 0x03b4 Rasl2tp - ok
15:47:10.0366 0x03b4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:47:10.0413 0x03b4 RasMan - ok
15:47:10.0413 0x03b4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:10.0460 0x03b4 RasPppoe - ok
15:47:10.0475 0x03b4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:47:10.0522 0x03b4 RasSstp - ok
15:47:10.0553 0x03b4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:47:10.0600 0x03b4 rdbss - ok
15:47:10.0616 0x03b4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:47:10.0631 0x03b4 rdpbus - ok
15:47:10.0662 0x03b4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:10.0694 0x03b4 RDPCDD - ok
15:47:10.0709 0x03b4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:47:10.0740 0x03b4 RDPDR - ok
15:47:10.0756 0x03b4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:47:10.0787 0x03b4 RDPENCDD - ok
15:47:10.0803 0x03b4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:47:10.0865 0x03b4 RDPREFMP - ok
15:47:10.0928 0x03b4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:47:11.0037 0x03b4 RdpVideoMiniport - ok
15:47:11.0068 0x03b4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:47:11.0115 0x03b4 RDPWD - ok
15:47:11.0162 0x03b4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:47:11.0208 0x03b4 rdyboost - ok
15:47:11.0224 0x03b4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:47:11.0271 0x03b4 RemoteAccess - ok
15:47:11.0286 0x03b4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:47:11.0333 0x03b4 RemoteRegistry - ok
15:47:11.0349 0x03b4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:47:11.0396 0x03b4 RpcEptMapper - ok
15:47:11.0411 0x03b4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:47:11.0442 0x03b4 RpcLocator - ok
15:47:11.0474 0x03b4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
15:47:11.0505 0x03b4 RpcSs - ok
15:47:11.0536 0x03b4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:47:11.0614 0x03b4 rspndr - ok
15:47:11.0630 0x03b4 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] SamSs C:\Windows\system32\lsass.exe
15:47:11.0645 0x03b4 SamSs - ok
15:47:11.0661 0x03b4 SANDRA - ok
15:47:11.0708 0x03b4 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:47:11.0754 0x03b4 SASDIFSV - ok
15:47:11.0786 0x03b4 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:47:11.0801 0x03b4 SASKUTIL - ok
15:47:11.0848 0x03b4 [ ECADB026023BF6E200A552E4EA700F47, 3BE40D99EF0229EC69E584D2351806F77A523EF362CC5094066DC4B9F7EB002A ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
15:47:11.0879 0x03b4 SbieDrv - ok
15:47:11.0895 0x03b4 [ 6E78D6CA33ECE9C7F0A7B0775198BA4D, 81F07C1D64FD66BFC0DC817045175EBA2096EC38D5D57584D114283DFA5899F4 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
15:47:11.0910 0x03b4 SbieSvc - ok
15:47:11.0942 0x03b4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:47:11.0957 0x03b4 sbp2port - ok
15:47:11.0973 0x03b4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:47:12.0035 0x03b4 SCardSvr - ok
15:47:12.0051 0x03b4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:47:12.0129 0x03b4 scfilter - ok
15:47:12.0176 0x03b4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:47:12.0238 0x03b4 Schedule - ok
15:47:12.0269 0x03b4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:47:12.0316 0x03b4 SCPolicySvc - ok
15:47:12.0332 0x03b4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:47:12.0363 0x03b4 SDRSVC - ok
15:47:12.0394 0x03b4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:47:12.0425 0x03b4 secdrv - ok
15:47:12.0441 0x03b4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
15:47:12.0488 0x03b4 seclogon - ok
15:47:12.0488 0x03b4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:47:12.0534 0x03b4 SENS - ok
15:47:12.0534 0x03b4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:47:12.0566 0x03b4 SensrSvc - ok
15:47:12.0597 0x03b4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:47:12.0612 0x03b4 Serenum - ok
15:47:12.0644 0x03b4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:47:12.0659 0x03b4 Serial - ok
15:47:12.0675 0x03b4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:47:12.0690 0x03b4 sermouse - ok
15:47:12.0722 0x03b4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:47:12.0753 0x03b4 SessionEnv - ok
15:47:12.0784 0x03b4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:47:12.0815 0x03b4 sffdisk - ok
15:47:12.0831 0x03b4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:47:12.0862 0x03b4 sffp_mmc - ok
15:47:12.0862 0x03b4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:47:12.0878 0x03b4 sffp_sd - ok
15:47:12.0893 0x03b4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:47:12.0909 0x03b4 sfloppy - ok
15:47:12.0940 0x03b4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:47:13.0002 0x03b4 SharedAccess - ok
15:47:13.0034 0x03b4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:47:13.0080 0x03b4 ShellHWDetection - ok
15:47:13.0080 0x03b4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:47:13.0096 0x03b4 SiSRaid2 - ok
15:47:13.0112 0x03b4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:47:13.0127 0x03b4 SiSRaid4 - ok
15:47:13.0158 0x03b4 [ 61D77AD6ED162196247CD5045E84C32E, CF612C0DBD87BEE9B04BEA9D6698C7488398181394E958B49A14878FF3C54BA6 ] SIVDRIVER C:\Windows\system32\Drivers\SIVX64.sys
15:47:13.0158 0x03b4 SIVDRIVER - ok
15:47:13.0190 0x03b4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:47:13.0236 0x03b4 Smb - ok
15:47:13.0283 0x03b4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:47:13.0330 0x03b4 SNMPTRAP - ok
15:47:13.0330 0x03b4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:47:13.0346 0x03b4 spldr - ok
15:47:13.0392 0x03b4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:47:13.0439 0x03b4 Spooler - ok
15:47:13.0564 0x03b4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:47:13.0720 0x03b4 sppsvc - ok
15:47:13.0736 0x03b4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:47:13.0782 0x03b4 sppuinotify - ok
15:47:13.0814 0x03b4 [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv C:\Windows\system32\DRIVERS\srv.sys
15:47:13.0860 0x03b4 srv - ok
15:47:13.0892 0x03b4 [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:47:13.0923 0x03b4 srv2 - ok
15:47:13.0954 0x03b4 [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:47:13.0985 0x03b4 srvnet - ok
15:47:14.0001 0x03b4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:47:14.0048 0x03b4 SSDPSRV - ok
15:47:14.0048 0x03b4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:47:14.0110 0x03b4 SstpSvc - ok
15:47:14.0126 0x03b4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:47:14.0141 0x03b4 stexstor - ok
15:47:14.0188 0x03b4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:47:14.0219 0x03b4 stisvc - ok
15:47:14.0250 0x03b4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
15:47:14.0297 0x03b4 StorSvc - ok
15:47:14.0328 0x03b4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
15:47:14.0344 0x03b4 swenum - ok
15:47:14.0360 0x03b4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:47:14.0422 0x03b4 swprv - ok
15:47:14.0531 0x03b4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:47:14.0609 0x03b4 SysMain - ok
15:47:14.0734 0x03b4 [ 00068CD7BD0A2BFA6ACC1F75671394FF, BE2235923006B300910404020D8FA3E4B6F4798778E03D1AFD3A04D995411C72 ] SystemExplorerHelpService C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
15:47:14.0765 0x03b4 SystemExplorerHelpService - ok
15:47:14.0781 0x03b4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:47:14.0828 0x03b4 TabletInputService - ok
15:47:14.0843 0x03b4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:47:14.0906 0x03b4 TapiSrv - ok
15:47:14.0968 0x03b4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:47:15.0046 0x03b4 Tcpip - ok
15:47:15.0108 0x03b4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:47:15.0171 0x03b4 TCPIP6 - ok
15:47:15.0186 0x03b4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:47:15.0202 0x03b4 tcpipreg - ok
15:47:15.0233 0x03b4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:47:15.0264 0x03b4 TDPIPE - ok
15:47:15.0280 0x03b4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:47:15.0296 0x03b4 TDTCP - ok
15:47:15.0311 0x03b4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:47:15.0342 0x03b4 tdx - ok
15:47:15.0374 0x03b4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
15:47:15.0389 0x03b4 TermDD - ok
15:47:15.0420 0x03b4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:47:15.0467 0x03b4 TermService - ok
15:47:15.0498 0x03b4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:47:15.0514 0x03b4 Themes - ok
15:47:15.0545 0x03b4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:47:15.0576 0x03b4 THREADORDER - ok
15:47:15.0608 0x03b4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:47:15.0639 0x03b4 TrkWks - ok
15:47:15.0686 0x03b4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:47:15.0732 0x03b4 TrustedInstaller - ok
15:47:15.0748 0x03b4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:15.0779 0x03b4 tssecsrv - ok
15:47:15.0795 0x03b4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:47:15.0826 0x03b4 TsUsbFlt - ok
15:47:15.0857 0x03b4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:47:15.0904 0x03b4 tunnel - ok
15:47:15.0935 0x03b4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:47:15.0951 0x03b4 uagp35 - ok
15:47:15.0982 0x03b4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:47:16.0029 0x03b4 udfs - ok
15:47:16.0044 0x03b4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:47:16.0060 0x03b4 UI0Detect - ok
15:47:16.0076 0x03b4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:47:16.0091 0x03b4 uliagpkx - ok
15:47:16.0122 0x03b4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
15:47:16.0138 0x03b4 umbus - ok
15:47:16.0154 0x03b4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:47:16.0169 0x03b4 UmPass - ok
15:47:16.0232 0x03b4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:47:16.0310 0x03b4 UmRdpService - ok
15:47:16.0372 0x03b4 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
15:47:16.0403 0x03b4 UnlockerDriver5 - ok
15:47:16.0434 0x03b4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:47:16.0481 0x03b4 upnphost - ok
15:47:16.0512 0x03b4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:16.0544 0x03b4 usbccgp - ok
15:47:16.0575 0x03b4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:47:16.0590 0x03b4 usbcir - ok
15:47:16.0606 0x03b4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:47:16.0622 0x03b4 usbehci - ok
15:47:16.0637 0x03b4 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
15:47:16.0653 0x03b4 usbfilter - ok
15:47:16.0700 0x03b4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:47:16.0715 0x03b4 usbhub - ok
15:47:16.0746 0x03b4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:47:16.0778 0x03b4 usbohci - ok
15:47:16.0809 0x03b4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:47:16.0824 0x03b4 usbprint - ok
15:47:16.0840 0x03b4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:47:16.0887 0x03b4 USBSTOR - ok
15:47:16.0902 0x03b4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:47:16.0934 0x03b4 usbuhci - ok
15:47:16.0965 0x03b4 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:47:17.0027 0x03b4 usb_rndisx - ok
15:47:17.0027 0x03b4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:47:17.0090 0x03b4 UxSms - ok
15:47:17.0105 0x03b4 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] VaultSvc C:\Windows\system32\lsass.exe
15:47:17.0121 0x03b4 VaultSvc - ok
15:47:17.0136 0x03b4 VBoxNetFlt - ok
15:47:17.0152 0x03b4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:47:17.0168 0x03b4 vdrvroot - ok
15:47:17.0214 0x03b4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:47:17.0261 0x03b4 vds - ok
15:47:17.0292 0x03b4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:17.0324 0x03b4 vga - ok
15:47:17.0339 0x03b4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:47:17.0370 0x03b4 VgaSave - ok
15:47:17.0402 0x03b4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:47:17.0417 0x03b4 vhdmp - ok
15:47:17.0480 0x03b4 [ 574B29F436C4C63D37020C6E570A7528, 9FC5D4DBC1FE270303142DB5538EF7E2C5D1EAC8723684DA9C6680164E138336 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
15:47:17.0526 0x03b4 VIAHdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
15:47:17.0620 0x03b4 Detect skipped due to KSN trusted
15:47:17.0620 0x03b4 VIAHdAudAddService - ok
15:47:17.0651 0x03b4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:47:17.0698 0x03b4 viaide - ok
15:47:17.0745 0x03b4 [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53 C:\Windows\system32\DRIVERS\vsflt53.sys
15:47:17.0760 0x03b4 vidsflt53 - ok
15:47:17.0776 0x03b4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:47:17.0792 0x03b4 volmgr - ok
15:47:17.0823 0x03b4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:47:17.0854 0x03b4 volmgrx - ok
15:47:17.0870 0x03b4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:47:17.0901 0x03b4 volsnap - ok
15:47:17.0948 0x03b4 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
15:47:17.0994 0x03b4 vpcbus - ok
15:47:18.0010 0x03b4 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
15:47:18.0041 0x03b4 vpcnfltr - ok
15:47:18.0057 0x03b4 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
15:47:18.0088 0x03b4 vpcusb - ok
15:47:18.0119 0x03b4 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
15:47:18.0150 0x03b4 vpcvmm - ok
15:47:18.0166 0x03b4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:47:18.0182 0x03b4 vsmraid - ok
15:47:18.0260 0x03b4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:47:18.0353 0x03b4 VSS - ok
15:47:18.0369 0x03b4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:47:18.0384 0x03b4 vwifibus - ok
15:47:18.0416 0x03b4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:47:18.0462 0x03b4 W32Time - ok
15:47:18.0478 0x03b4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:47:18.0494 0x03b4 WacomPen - ok
15:47:18.0525 0x03b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:47:18.0556 0x03b4 WANARP - ok
15:47:18.0572 0x03b4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:47:18.0618 0x03b4 Wanarpv6 - ok
15:47:18.0681 0x03b4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:47:18.0806 0x03b4 WatAdminSvc - ok
15:47:18.0884 0x03b4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:47:18.0962 0x03b4 wbengine - ok
15:47:18.0977 0x03b4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:47:19.0008 0x03b4 WbioSrvc - ok
15:47:19.0040 0x03b4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:47:19.0071 0x03b4 wcncsvc - ok
15:47:19.0086 0x03b4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:47:19.0118 0x03b4 WcsPlugInService - ok
15:47:19.0133 0x03b4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:47:19.0149 0x03b4 Wd - ok
15:47:19.0196 0x03b4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:47:19.0227 0x03b4 Wdf01000 - ok
15:47:19.0258 0x03b4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:47:19.0289 0x03b4 WdiServiceHost - ok
15:47:19.0289 0x03b4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:47:19.0305 0x03b4 WdiSystemHost - ok
15:47:19.0336 0x03b4 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
15:47:19.0367 0x03b4 WebClient - ok
15:47:19.0398 0x03b4 [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:47:19.0445 0x03b4 Wecsvc - ok
15:47:19.0461 0x03b4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:47:19.0492 0x03b4 wercplsupport - ok
15:47:19.0508 0x03b4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:47:19.0570 0x03b4 WerSvc - ok
15:47:19.0586 0x03b4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:47:19.0617 0x03b4 WfpLwf - ok
15:47:19.0632 0x03b4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:47:19.0648 0x03b4 WIMMount - ok
15:47:19.0664 0x03b4 WinDefend - ok
15:47:19.0695 0x03b4 WinHttpAutoProxySvc - ok
15:47:19.0742 0x03b4 [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:47:19.0773 0x03b4 Winmgmt - ok
15:47:19.0898 0x03b4 [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM C:\Windows\system32\WsmSvc.dll
15:47:20.0007 0x03b4 WinRM - ok
15:47:20.0069 0x03b4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:47:20.0085 0x03b4 WinUsb - ok
15:47:20.0132 0x03b4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:47:20.0178 0x03b4 Wlansvc - ok
15:47:20.0210 0x03b4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:47:20.0225 0x03b4 WmiAcpi - ok
15:47:20.0241 0x03b4 [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:47:20.0256 0x03b4 wmiApSrv - ok
15:47:20.0288 0x03b4 WMPNetworkSvc - ok
15:47:20.0303 0x03b4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:47:20.0334 0x03b4 WPCSvc - ok
15:47:20.0366 0x03b4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:47:20.0397 0x03b4 WPDBusEnum - ok
15:47:20.0428 0x03b4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:47:20.0459 0x03b4 ws2ifsl - ok
15:47:20.0475 0x03b4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:47:20.0506 0x03b4 wscsvc - ok
15:47:20.0506 0x03b4 WSearch - ok
15:47:20.0662 0x03b4 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
15:47:20.0787 0x03b4 wuauserv - ok
15:47:20.0802 0x03b4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:47:20.0834 0x03b4 WudfPf - ok
15:47:20.0865 0x03b4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:20.0896 0x03b4 WUDFRd - ok
15:47:20.0912 0x03b4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:47:20.0927 0x03b4 wudfsvc - ok
15:47:20.0958 0x03b4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:47:20.0990 0x03b4 WwanSvc - ok
15:47:21.0005 0x03b4 ================ Scan global ===============================
15:47:21.0036 0x03b4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:47:21.0068 0x03b4 [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
15:47:21.0068 0x03b4 [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
15:47:21.0099 0x03b4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:47:21.0130 0x03b4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:47:21.0130 0x03b4 [ Global ] - ok
15:47:21.0130 0x03b4 ================ Scan MBR ==================================
15:47:21.0146 0x03b4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:47:21.0458 0x03b4 \Device\Harddisk0\DR0 - ok
15:47:21.0473 0x03b4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
15:47:21.0645 0x03b4 \Device\Harddisk1\DR1 - ok
15:47:21.0645 0x03b4 ================ Scan VBR ==================================
15:47:21.0660 0x03b4 [ FB4A74CA8D113310B5936CE8F9A6CD0A ] \Device\Harddisk0\DR0\Partition1
15:47:21.0660 0x03b4 \Device\Harddisk0\DR0\Partition1 - ok
15:47:21.0660 0x03b4 [ 32670C0832F42FD55291BC8D411F2CE2 ] \Device\Harddisk0\DR0\Partition2
15:47:21.0660 0x03b4 \Device\Harddisk0\DR0\Partition2 - ok
15:47:21.0676 0x03b4 [ 9695018C54CD56E74659A09C4A7C4CBA ] \Device\Harddisk0\DR0\Partition3
15:47:21.0676 0x03b4 \Device\Harddisk0\DR0\Partition3 - ok
15:47:21.0692 0x03b4 [ 7B77ED01ECAF618144D338845767B65B ] \Device\Harddisk0\DR0\Partition4
15:47:21.0692 0x03b4 \Device\Harddisk0\DR0\Partition4 - ok
15:47:21.0692 0x03b4 [ F5BB09B1EB3EECDC39DAD0DF9CEC71F6 ] \Device\Harddisk1\DR1\Partition1
15:47:21.0707 0x03b4 \Device\Harddisk1\DR1\Partition1 - ok
15:47:21.0707 0x03b4 [ DC777ECD93A7C82972A7758B4236447E ] \Device\Harddisk1\DR1\Partition2
15:47:21.0707 0x03b4 \Device\Harddisk1\DR1\Partition2 - ok
15:47:21.0707 0x03b4 ================ Scan generic autorun ======================
15:47:21.0801 0x03b4 [ 7444E0F4C9991AE3711F5FAB5DB257E1, C87EA79AE840F6579AB6C34C44E7059E3489B95E7300394D265353F62B7FA43F ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
15:47:21.0832 0x03b4 avgnt - ok
15:47:21.0926 0x03b4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:47:21.0988 0x03b4 Sidebar - ok
15:47:22.0019 0x03b4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:47:22.0035 0x03b4 mctadmin - ok
15:47:22.0066 0x03b4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:47:22.0113 0x03b4 Sidebar - ok
15:47:22.0128 0x03b4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:47:22.0144 0x03b4 mctadmin - ok
15:47:22.0191 0x03b4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:47:22.0253 0x03b4 Sidebar - ok
15:47:22.0394 0x03b4 [ 7034D09742E4E2639E0D20FA6E46B95F, 7948A81270F31089244DBEBE61948DD4FB3BCBB3FF9BFF0FE2E0B9015E767196 ] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
15:47:22.0456 0x03b4 FileHippo.com - detected UnsignedFile.Multi.Generic ( 1 )
15:47:22.0581 0x03b4 Detect skipped due to KSN trusted
15:47:22.0581 0x03b4 FileHippo.com - ok
15:47:22.0581 0x03b4 Waiting for KSN requests completion. In queue: 136
15:47:23.0626 0x03b4 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.18.351 ), 0x41000 ( enabled : updated )
15:47:23.0626 0x03b4 Win FW state via NFP2: enabled ( trusted )
15:47:23.0751 0x03b4 ============================================================
15:47:23.0751 0x03b4 Scan finished
15:47:23.0751 0x03b4 ============================================================
15:47:23.0766 0x08ec Detected object count: 0
15:47:23.0766 0x08ec Actual detected object count: 0
15:47:42.0689 0x14d8 ============================================================
15:47:42.0689 0x14d8 Scan started
15:47:42.0689 0x14d8 Mode: Manual; SigCheck; TDLFS;
15:47:42.0689 0x14d8 ============================================================
15:47:42.0689 0x14d8 KSN ping started
15:47:42.0736 0x14d8 KSN ping finished: true
15:47:44.0234 0x14d8 ================ Scan system memory ========================
15:47:44.0234 0x14d8 System memory - ok
15:47:44.0234 0x14d8 ================ Scan services =============================
15:47:44.0280 0x14d8 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:47:44.0374 0x14d8 !SASCORE - ok
15:47:44.0499 0x14d8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:47:44.0561 0x14d8 1394ohci - ok
15:47:44.0577 0x14d8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:47:44.0592 0x14d8 ACPI - ok
15:47:44.0624 0x14d8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:47:44.0639 0x14d8 AcpiPmi - ok
15:47:44.0717 0x14d8 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:47:44.0733 0x14d8 AdobeARMservice - ok
15:47:44.0811 0x14d8 [ 328708CB8CDADD9C284B4E33E2B19904, 037854C773AA9C7A542A4ED04D61F6BDD10C933EE9BA98D7DD7DB128EC915970 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:47:44.0826 0x14d8 AdobeFlashPlayerUpdateSvc - ok
15:47:44.0873 0x14d8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:47:44.0889 0x14d8 adp94xx - ok
15:47:44.0904 0x14d8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:47:44.0936 0x14d8 adpahci - ok
15:47:44.0951 0x14d8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:47:44.0967 0x14d8 adpu320 - ok
15:47:44.0998 0x14d8 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:47:45.0014 0x14d8 AeLookupSvc - ok
15:47:45.0045 0x14d8 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
15:47:45.0076 0x14d8 AFD - ok
15:47:45.0092 0x14d8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:47:45.0107 0x14d8 agp440 - ok
15:47:45.0138 0x14d8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:47:45.0154 0x14d8 ALG - ok
15:47:45.0170 0x14d8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:47:45.0185 0x14d8 aliide - ok
15:47:45.0216 0x14d8 [ 6BF0147A7A924E5A3AE049A95ECC9B34, 129F0E0FD165C66FEAAA9438F91001AD89AEF39CD655FE60973B7E97146A12C6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:47:45.0248 0x14d8 AMD External Events Utility - ok
15:47:45.0294 0x14d8 [ 82D9B39F69F577729829C94C93856928, C1328F7F7D3C916785201DDAC09E732151402CB31E82FB8144E83522A9D3F942 ] AMD FUEL Service C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
15:47:45.0310 0x14d8 AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
15:47:45.0310 0x14d8 Detect skipped due to KSN trusted
15:47:45.0310 0x14d8 AMD FUEL Service - ok
15:47:45.0326 0x14d8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:47:45.0341 0x14d8 amdide - ok
15:47:45.0357 0x14d8 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
15:47:45.0372 0x14d8 amdiox64 - ok
15:47:45.0388 0x14d8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:47:45.0404 0x14d8 AmdK8 - ok
15:47:45.0419 0x14d8 amdkmdag - ok
15:47:45.0450 0x14d8 [ 50228D17A34A1E5CF93084A6AE70870B, BF8967C3178F4BC2DF2DDAF272C9598B6E53E6C312B7304D44AC66E3592C63D1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:47:45.0482 0x14d8 amdkmdap - ok
15:47:45.0497 0x14d8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:47:45.0513 0x14d8 AmdPPM - ok
15:47:45.0528 0x14d8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:47:45.0544 0x14d8 amdsata - ok
15:47:45.0560 0x14d8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:47:45.0591 0x14d8 amdsbs - ok
15:47:45.0591 0x14d8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:47:45.0606 0x14d8 amdxata - ok
15:47:45.0731 0x14d8 [ 00A59103080736D67F7226446CFB1E2C, 7E52530D60AE52233B5B6876020C7A4245FAE26455A876EC2D699C196327426B ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
15:47:45.0762 0x14d8 AntiVirMailService - ok
15:47:45.0809 0x14d8 [ BB3BAB4F1502328C4FB6CCA3C8114F39, 342DA11EA47208E03FA4256BEC3EF392382C2EBD702B1A69BF89AD9755A7D362 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
15:47:45.0840 0x14d8 AntiVirSchedulerService - ok
15:47:45.0903 0x14d8 [ BB3BAB4F1502328C4FB6CCA3C8114F39, 342DA11EA47208E03FA4256BEC3EF392382C2EBD702B1A69BF89AD9755A7D362 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
15:47:45.0950 0x14d8 AntiVirService - ok
15:47:46.0043 0x14d8 [ 256EE2A3AA545C6E3B160A8C5DB0088F, B4464E9B5927D3894CEDC2D861B66372F6D5D7E6CFE40A9C1DC781B1730AC306 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
15:47:46.0090 0x14d8 AntiVirWebService - ok
15:47:46.0106 0x14d8 AODDriver4.0 - ok
15:47:46.0106 0x14d8 AODDriver4.01 - ok
15:47:46.0106 0x14d8 AODDriver4.2.0 - ok
15:47:46.0137 0x14d8 [ C3D487827E48CC5EC17994FEC5BDFF87,
Geändert von buju (31.07.2016 um 15:12 Uhr) |
|
01.08.2016, 12:29
| #7 |
| | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Log war zu lang, hier nun Teil 2: Code:
ATTFilter 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:47:46.0152 0x14d8 AODDriver4.3 - ok
15:47:46.0168 0x14d8 [ 5F9389D9A2D5A2A7B03DC92914B43A88, CCF08F6BCF2479CA97055A88849CB2E1D7DD32DD87AC3833CB349E788F594AAF ] AppID C:\Windows\system32\drivers\appid.sys
15:47:46.0184 0x14d8 AppID - ok
15:47:46.0215 0x14d8 [ 4EC449C6A6FE42F2E44F25C17D17C9F1, 24161794DEC599427F370970F7E03548F55BC8A4A58F3B667F565E571BCA0100 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:47:46.0230 0x14d8 AppIDSvc - ok
15:47:46.0246 0x14d8 [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\Windows\System32\appinfo.dll
15:47:46.0262 0x14d8 Appinfo - ok
15:47:46.0324 0x14d8 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:47:46.0355 0x14d8 Apple Mobile Device Service - ok
15:47:46.0386 0x14d8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:47:46.0418 0x14d8 AppMgmt - ok
15:47:46.0433 0x14d8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:47:46.0449 0x14d8 arc - ok
15:47:46.0496 0x14d8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:47:46.0511 0x14d8 arcsas - ok
15:47:46.0542 0x14d8 [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
15:47:46.0574 0x14d8 AsIO - ok
15:47:46.0652 0x14d8 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:47:46.0698 0x14d8 aspnet_state - ok
15:47:46.0714 0x14d8 [ 26D66E32E78D3059715B3A17BC679CD9, 5039CB81CE0829C5F3DED16A4005FEB10141C6C9B473CC319E81BAF6D1DA33E3 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
15:47:46.0730 0x14d8 AsUpIO - ok
15:47:46.0730 0x14d8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:47:46.0761 0x14d8 AsyncMac - ok
15:47:46.0776 0x14d8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:47:46.0792 0x14d8 atapi - ok
15:47:46.0823 0x14d8 [ F270AFC3848C54C67E3BFB892CE9B9C6, BF5F087D2677E8D75DB34335B54496A3C3AFBCE5A019C52B9EB2B1D19A0803B1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:47:46.0839 0x14d8 AtiHDAudioService - ok
15:47:46.0870 0x14d8 [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:47:46.0886 0x14d8 AtiHdmiService - ok
15:47:46.0886 0x14d8 atikmdag - ok
15:47:46.0901 0x14d8 atillk64 - ok
15:47:46.0917 0x14d8 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
15:47:46.0932 0x14d8 AtiPcie - ok
15:47:46.0979 0x14d8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:47:47.0010 0x14d8 AudioEndpointBuilder - ok
15:47:47.0042 0x14d8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:47:47.0073 0x14d8 AudioSrv - ok
15:47:47.0104 0x14d8 [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:47:47.0120 0x14d8 avgntflt - ok
15:47:47.0135 0x14d8 [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:47:47.0151 0x14d8 avipbb - ok
15:47:47.0182 0x14d8 [ 5F0C87F2FA11C991BB93B84BD02151B3, D1A9451968C197609A08FA3B83DA1B5D0A28C805A11C1C40D91FAE9DA5FD1B55 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:47:47.0213 0x14d8 Avira.ServiceHost - ok
15:47:47.0229 0x14d8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:47:47.0244 0x14d8 avkmgr - ok
15:47:47.0260 0x14d8 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
15:47:47.0276 0x14d8 avnetflt - ok
15:47:47.0307 0x14d8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:47:47.0322 0x14d8 AxInstSV - ok
15:47:47.0369 0x14d8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:47:47.0385 0x14d8 b06bdrv - ok
15:47:47.0400 0x14d8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:47:47.0432 0x14d8 b57nd60a - ok
15:47:47.0447 0x14d8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:47:47.0463 0x14d8 BDESVC - ok
15:47:47.0478 0x14d8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:47:47.0510 0x14d8 Beep - ok
15:47:47.0556 0x14d8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:47:47.0588 0x14d8 BFE - ok
15:47:47.0634 0x14d8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:47:47.0681 0x14d8 BITS - ok
15:47:47.0697 0x14d8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:47:47.0712 0x14d8 blbdrive - ok
15:47:47.0759 0x14d8 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:47:47.0790 0x14d8 Bonjour Service - ok
15:47:47.0806 0x14d8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:47:47.0822 0x14d8 bowser - ok
15:47:47.0837 0x14d8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:47:47.0853 0x14d8 BrFiltLo - ok
15:47:47.0868 0x14d8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:47:47.0884 0x14d8 BrFiltUp - ok
15:47:47.0900 0x14d8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:47:47.0931 0x14d8 Browser - ok
15:47:47.0946 0x14d8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:47:47.0962 0x14d8 Brserid - ok
15:47:47.0978 0x14d8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:47:47.0993 0x14d8 BrSerWdm - ok
15:47:47.0993 0x14d8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:47:48.0024 0x14d8 BrUsbMdm - ok
15:47:48.0024 0x14d8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:47:48.0040 0x14d8 BrUsbSer - ok
15:47:48.0056 0x14d8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:47:48.0071 0x14d8 BTHMODEM - ok
15:47:48.0102 0x14d8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:47:48.0134 0x14d8 bthserv - ok
15:47:48.0149 0x14d8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:47:48.0196 0x14d8 cdfs - ok
15:47:48.0227 0x14d8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:47:48.0243 0x14d8 cdrom - ok
15:47:48.0258 0x14d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:47:48.0305 0x14d8 CertPropSvc - ok
15:47:48.0321 0x14d8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:47:48.0336 0x14d8 circlass - ok
15:47:48.0368 0x14d8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:47:48.0383 0x14d8 CLFS - ok
15:47:48.0430 0x14d8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:47:48.0477 0x14d8 clr_optimization_v2.0.50727_32 - ok
15:47:48.0524 0x14d8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:47:48.0539 0x14d8 clr_optimization_v2.0.50727_64 - ok
15:47:48.0586 0x14d8 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:47:48.0633 0x14d8 clr_optimization_v4.0.30319_32 - ok
15:47:48.0664 0x14d8 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:47:48.0711 0x14d8 clr_optimization_v4.0.30319_64 - ok
15:47:48.0711 0x14d8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:47:48.0742 0x14d8 CmBatt - ok
15:47:48.0758 0x14d8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:47:48.0773 0x14d8 cmdide - ok
15:47:48.0867 0x14d8 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
15:47:48.0898 0x14d8 CNG - ok
15:47:48.0914 0x14d8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:47:48.0929 0x14d8 Compbatt - ok
15:47:48.0945 0x14d8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:47:48.0960 0x14d8 CompositeBus - ok
15:47:48.0960 0x14d8 COMSysApp - ok
15:47:48.0976 0x14d8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:47:48.0992 0x14d8 crcdisk - ok
15:47:49.0007 0x14d8 [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:47:49.0038 0x14d8 CryptSvc - ok
15:47:49.0070 0x14d8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:47:49.0101 0x14d8 CSC - ok
15:47:49.0148 0x14d8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:47:49.0179 0x14d8 CscService - ok
15:47:49.0210 0x14d8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
15:47:49.0241 0x14d8 DcomLaunch - ok
15:47:49.0272 0x14d8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:47:49.0304 0x14d8 defragsvc - ok
15:47:49.0335 0x14d8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:47:49.0382 0x14d8 DfsC - ok
15:47:49.0397 0x14d8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:47:49.0428 0x14d8 Dhcp - ok
15:47:49.0444 0x14d8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:47:49.0475 0x14d8 discache - ok
15:47:49.0491 0x14d8 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
15:47:49.0506 0x14d8 Disk - ok
15:47:49.0538 0x14d8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:47:49.0553 0x14d8 Dnscache - ok
15:47:49.0584 0x14d8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:47:49.0616 0x14d8 dot3svc - ok
15:47:49.0631 0x14d8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:47:49.0678 0x14d8 DPS - ok
15:47:49.0694 0x14d8 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:47:49.0709 0x14d8 drmkaud - ok
15:47:49.0756 0x14d8 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:47:49.0787 0x14d8 DXGKrnl - ok
15:47:49.0803 0x14d8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:47:49.0850 0x14d8 EapHost - ok
15:47:49.0990 0x14d8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:47:50.0084 0x14d8 ebdrv - ok
15:47:50.0115 0x14d8 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] EFS C:\Windows\System32\lsass.exe
15:47:50.0130 0x14d8 EFS - ok
15:47:50.0208 0x14d8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:47:50.0240 0x14d8 ehRecvr - ok
15:47:50.0271 0x14d8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:47:50.0286 0x14d8 ehSched - ok
15:47:50.0302 0x14d8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:47:50.0333 0x14d8 elxstor - ok
15:47:50.0364 0x14d8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:47:50.0380 0x14d8 ErrDev - ok
15:47:50.0396 0x14d8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:47:50.0442 0x14d8 EventSystem - ok
15:47:50.0520 0x14d8 [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] Everything C:\Program Files\Everything\Everything.exe
15:47:50.0552 0x14d8 Everything - detected UnsignedFile.Multi.Generic ( 1 )
15:47:50.0552 0x14d8 Detect skipped due to KSN trusted
15:47:50.0552 0x14d8 Everything - ok
15:47:50.0567 0x14d8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:47:50.0614 0x14d8 exfat - ok
15:47:50.0630 0x14d8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:47:50.0661 0x14d8 fastfat - ok
15:47:50.0739 0x14d8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:47:50.0770 0x14d8 Fax - ok
15:47:50.0770 0x14d8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:47:50.0786 0x14d8 fdc - ok
15:47:50.0817 0x14d8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:47:50.0848 0x14d8 fdPHost - ok
15:47:50.0864 0x14d8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:47:50.0895 0x14d8 FDResPub - ok
15:47:50.0910 0x14d8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:47:50.0926 0x14d8 FileInfo - ok
15:47:50.0942 0x14d8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:47:50.0973 0x14d8 Filetrace - ok
15:47:50.0988 0x14d8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:47:51.0004 0x14d8 flpydisk - ok
15:47:51.0035 0x14d8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:47:51.0051 0x14d8 FltMgr - ok
15:47:51.0098 0x14d8 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
15:47:51.0144 0x14d8 FontCache - ok
15:47:51.0176 0x14d8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:47:51.0191 0x14d8 FontCache3.0.0.0 - ok
15:47:51.0191 0x14d8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:47:51.0207 0x14d8 FsDepends - ok
15:47:51.0222 0x14d8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:47:51.0238 0x14d8 Fs_Rec - ok
15:47:51.0269 0x14d8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:47:51.0285 0x14d8 fvevol - ok
15:47:51.0316 0x14d8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:47:51.0332 0x14d8 gagp30kx - ok
15:47:51.0363 0x14d8 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
15:47:51.0378 0x14d8 gdrv - ok
15:47:51.0394 0x14d8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:51.0441 0x14d8 GEARAspiWDM - ok
15:47:51.0472 0x14d8 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
15:47:51.0503 0x14d8 gpsvc - ok
15:47:51.0566 0x14d8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:47:51.0612 0x14d8 gupdate - ok
15:47:51.0628 0x14d8 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:47:51.0644 0x14d8 gupdatem - ok
15:47:51.0690 0x14d8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:47:51.0706 0x14d8 gusvc - ok
15:47:51.0800 0x14d8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:47:51.0846 0x14d8 hcw85cir - ok
15:47:51.0878 0x14d8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:51.0893 0x14d8 HdAudAddService - ok
15:47:51.0909 0x14d8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:51.0940 0x14d8 HDAudBus - ok
15:47:51.0940 0x14d8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:47:51.0956 0x14d8 HidBatt - ok
15:47:51.0956 0x14d8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:47:51.0987 0x14d8 HidBth - ok
15:47:51.0987 0x14d8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:47:52.0002 0x14d8 HidIr - ok
15:47:52.0018 0x14d8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:47:52.0065 0x14d8 hidserv - ok
15:47:52.0080 0x14d8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:47:52.0096 0x14d8 HidUsb - ok
15:47:52.0112 0x14d8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:47:52.0143 0x14d8 hkmsvc - ok
15:47:52.0174 0x14d8 [ 0E0685EC6CC55FAD8F65FB1A0BF22B24, 3552838A20462B085B2787E5C2416BF6D37F6C4CAA662629C1C9042F60DFB775 ] hmpalert C:\Windows\system32\drivers\hmpalert.sys
15:47:52.0190 0x14d8 hmpalert - ok
15:47:52.0392 0x14d8 [ 9660A9DD4D9E3B103894FAAD4FDD6CE9, C967DA56D093251F0D0CE55CA38B893E7C76181D2E6E323BB5081ADDD4672E97 ] hmpalertsvc C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
15:47:52.0517 0x14d8 hmpalertsvc - ok
15:47:52.0548 0x14d8 [ BD56D284C7703765D473E7095B38770F, 2921F3C97815D62137D65B03661505EEA870663055D6F7E607A75E428B681D59 ] hmpnet C:\Windows\system32\drivers\hmpnet.sys
15:47:52.0564 0x14d8 hmpnet - ok
15:47:52.0595 0x14d8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:47:52.0626 0x14d8 HomeGroupListener - ok
15:47:52.0642 0x14d8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:47:52.0673 0x14d8 HomeGroupProvider - ok
15:47:52.0736 0x14d8 [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:47:52.0767 0x14d8 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
15:47:52.0767 0x14d8 Detect skipped due to KSN trusted
15:47:52.0767 0x14d8 hpqcxs08 - ok
15:47:52.0782 0x14d8 [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:47:52.0798 0x14d8 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
15:47:52.0798 0x14d8 Detect skipped due to KSN trusted
15:47:52.0798 0x14d8 hpqddsvc - ok
15:47:52.0829 0x14d8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:47:52.0845 0x14d8 HpSAMD - ok
15:47:52.0970 0x14d8 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Users\Frank\AppData\Local\Temp\7zS5093\hpslpsvc64.dll
15:47:53.0016 0x14d8 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
15:47:53.0016 0x14d8 Detect skipped due to KSN trusted
15:47:53.0016 0x14d8 HPSLPSVC - ok
15:47:53.0048 0x14d8 [ 83B7C57901235297A702348394B460A5, FE47A2C19BD5DFEBC0830944E7F3FB67BAC0F09265DD56C74C2CB8000883ABBF ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
15:47:53.0063 0x14d8 HPSupportSolutionsFrameworkService - ok
15:47:53.0141 0x14d8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:47:53.0188 0x14d8 HTTP - ok
15:47:53.0219 0x14d8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:47:53.0235 0x14d8 hwpolicy - ok
15:47:53.0250 0x14d8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:47:53.0266 0x14d8 i8042prt - ok
15:47:53.0297 0x14d8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:47:53.0328 0x14d8 iaStorV - ok
15:47:53.0360 0x14d8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:47:53.0375 0x14d8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:47:53.0375 0x14d8 Detect skipped due to KSN trusted
15:47:53.0375 0x14d8 IDriverT - ok
15:47:53.0453 0x14d8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:47:53.0484 0x14d8 idsvc - ok
15:47:53.0484 0x14d8 IEEtwCollectorService - ok
15:47:53.0516 0x14d8 [ AC9EBDE25DB39A35E1CEB0441BA7A464, 6C53EC55E8FB4B23FE418613DC3458B4E0D2828304A478D57D992A3048899435 ] IGDCTRL C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
15:47:53.0531 0x14d8 IGDCTRL - ok
15:47:53.0547 0x14d8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:47:53.0562 0x14d8 iirsp - ok
15:47:53.0609 0x14d8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:47:53.0656 0x14d8 IKEEXT - ok
15:47:53.0672 0x14d8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:47:53.0687 0x14d8 intelide - ok
15:47:53.0703 0x14d8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:47:53.0718 0x14d8 intelppm - ok
15:47:53.0734 0x14d8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:47:53.0781 0x14d8 IPBusEnum - ok
15:47:53.0843 0x14d8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:53.0906 0x14d8 IpFilterDriver - ok
15:47:53.0968 0x14d8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:47:53.0999 0x14d8 iphlpsvc - ok
15:47:54.0030 0x14d8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:47:54.0046 0x14d8 IPMIDRV - ok
15:47:54.0062 0x14d8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:47:54.0093 0x14d8 IPNAT - ok
15:47:54.0140 0x14d8 [ 9C9D71CC6705176731EA5672F1648BB7, F44C7CAFAE09F09AFE1D17C7284D98AFBC7B322B5FB79F7D4C20EF862BF2E81F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:47:54.0171 0x14d8 iPod Service - ok
15:47:54.0171 0x14d8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:47:54.0202 0x14d8 IRENUM - ok
15:47:54.0202 0x14d8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:47:54.0218 0x14d8 isapnp - ok
15:47:54.0249 0x14d8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:47:54.0280 0x14d8 iScsiPrt - ok
15:47:54.0280 0x14d8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:54.0296 0x14d8 kbdclass - ok
15:47:54.0311 0x14d8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:47:54.0327 0x14d8 kbdhid - ok
15:47:54.0342 0x14d8 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] KeyIso C:\Windows\system32\lsass.exe
15:47:54.0358 0x14d8 KeyIso - ok
15:47:54.0389 0x14d8 [ F2A025E1C513407D0788D8D60DC33E99, CFB07F5C61690A7400D5F2F2522238157E713F70ED13D680A3391215A2B66F30 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:47:54.0405 0x14d8 KSecDD - ok
15:47:54.0420 0x14d8 [ 8F9129F7DC2BC8F4B12BF89385450567, 569BDD92D6359B030372AD63914C4F1E99E3C724619204405E758644237998FD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:47:54.0436 0x14d8 KSecPkg - ok
15:47:54.0436 0x14d8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:47:54.0483 0x14d8 ksthunk - ok
15:47:54.0498 0x14d8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:47:54.0545 0x14d8 KtmRm - ok
15:47:54.0561 0x14d8 [ B8E670D7EF61615FA03104552854FAC9, 4037B5A5D1E6E0310B73D5AF8E40A5C0ED4AD238F0EDAFF6AC6F392A2886197F ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
15:47:54.0576 0x14d8 L1E - ok
15:47:54.0608 0x14d8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:47:54.0654 0x14d8 LanmanServer - ok
15:47:54.0670 0x14d8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:54.0717 0x14d8 LanmanWorkstation - ok
15:47:54.0779 0x14d8 [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:47:54.0826 0x14d8 LBTServ - ok
15:47:54.0857 0x14d8 [ EAB70270BDDCFEF56FCC7425C2D9883D, 7B351EE3DA3DA4677DD8E4F91A5FFA6EBB3A15BF76F34EAC8879ECB16D01190F ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:47:54.0873 0x14d8 LEqdUsb - ok
15:47:54.0888 0x14d8 [ 5EBB7C1FC685D45A1D3D8B2B9A656E48, 8C4D984D3566DE29D13A294ED927525A7D7A106887E809986EBDDA8CC0B98FFB ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:47:54.0904 0x14d8 LHidEqd - ok
15:47:54.0920 0x14d8 [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:47:54.0935 0x14d8 LHidFilt - ok
15:47:54.0951 0x14d8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:47:54.0998 0x14d8 lltdio - ok
15:47:55.0013 0x14d8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:47:55.0060 0x14d8 lltdsvc - ok
15:47:55.0076 0x14d8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:47:55.0107 0x14d8 lmhosts - ok
15:47:55.0122 0x14d8 [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:47:55.0138 0x14d8 LMouFilt - ok
15:47:55.0154 0x14d8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:47:55.0169 0x14d8 LSI_FC - ok
15:47:55.0169 0x14d8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:47:55.0185 0x14d8 LSI_SAS - ok
15:47:55.0200 0x14d8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:47:55.0216 0x14d8 LSI_SAS2 - ok
15:47:55.0232 0x14d8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:47:55.0247 0x14d8 LSI_SCSI - ok
15:47:55.0263 0x14d8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:47:55.0294 0x14d8 luafv - ok
15:47:55.0341 0x14d8 [ EC470D91EF06A59397EDC18D48899CC5, AE9A4CF198485D75617B0535119B196CC7843B968579963F8AC372F0C8DA29C1 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
15:47:55.0356 0x14d8 MatSvc - ok
15:47:55.0372 0x14d8 [ 47701ECA633574E122687693B5C5D35C, 1DB12767462347504956450FAD0D90B6E682E2E8959A6C5DF3792C3C3DA289B1 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
15:47:55.0388 0x14d8 mbamchameleon - ok
15:47:55.0434 0x14d8 [ 46FB0DCE8D46A072B4558B5309A997F2, 42112A77FC44BC69EFFBF12D9996A6D3CF23B0B05733E141E36069F75B4A4CE5 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
15:47:55.0481 0x14d8 McAfee SiteAdvisor Service - ok
15:47:55.0497 0x14d8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:47:55.0528 0x14d8 Mcx2Svc - ok
15:47:55.0528 0x14d8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:47:55.0544 0x14d8 megasas - ok
15:47:55.0575 0x14d8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:47:55.0590 0x14d8 MegaSR - ok
15:47:55.0622 0x14d8 [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2 C:\Windows\system32\9030.tmp
15:47:55.0622 0x14d8 MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
15:47:55.0622 0x14d8 Detect skipped due to KSN trusted
15:47:55.0622 0x14d8 MEMSWEEP2 - ok
15:47:55.0668 0x14d8 [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
15:47:55.0700 0x14d8 mfesapsn - ok
15:47:55.0731 0x14d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:47:55.0762 0x14d8 MMCSS - ok
15:47:55.0762 0x14d8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:47:55.0809 0x14d8 Modem - ok
15:47:55.0809 0x14d8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:47:55.0840 0x14d8 monitor - ok
15:47:55.0856 0x14d8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:47:55.0871 0x14d8 mouclass - ok
15:47:55.0887 0x14d8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:47:55.0902 0x14d8 mouhid - ok
15:47:55.0918 0x14d8 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:47:55.0934 0x14d8 mountmgr - ok
15:47:55.0980 0x14d8 [ CDA5E0CA6BAB59A38B0E6820B9A34CAB, 8F7B04CFBB08CFE357F1DF861A77EFA75EC26777E1272542BACAC1C0A3047DBE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:47:55.0996 0x14d8 MozillaMaintenance - ok
15:47:56.0012 0x14d8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:47:56.0043 0x14d8 mpio - ok
15:47:56.0043 0x14d8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:47:56.0090 0x14d8 mpsdrv - ok
15:47:56.0136 0x14d8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:47:56.0183 0x14d8 MpsSvc - ok
15:47:56.0199 0x14d8 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:47:56.0230 0x14d8 MRxDAV - ok
15:47:56.0246 0x14d8 [ 15734008BB9E11AC603B3F4187B91FF1, 39A3B6DBC0DC68A3767D03537DF15AF600C6DFA2448338B5BE08B43AC2ABFC49 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:56.0261 0x14d8 mrxsmb - ok
15:47:56.0292 0x14d8 [ 6DFF8C84C6BA5CF58811B5F4AFD28AF0, 79ABA1E96FC072E816B754F2B33B9E613D4E82A0F9C0276A87922C0238DBCFDC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:56.0324 0x14d8 mrxsmb10 - ok
15:47:56.0339 0x14d8 [ 2D5C914682813F166FA1DA0FFCCF757E, 4FE2411CC0D57727E454CE2A456C1F70916682E4648EACCC394B97D45E0F36A6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:56.0355 0x14d8 mrxsmb20 - ok
15:47:56.0386 0x14d8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:47:56.0402 0x14d8 msahci - ok
15:47:56.0433 0x14d8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:47:56.0448 0x14d8 msdsm - ok
15:47:56.0448 0x14d8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:47:56.0480 0x14d8 MSDTC - ok
15:47:56.0480 0x14d8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:47:56.0511 0x14d8 Msfs - ok
15:47:56.0526 0x14d8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:47:56.0558 0x14d8 mshidkmdf - ok
15:47:56.0589 0x14d8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:47:56.0604 0x14d8 msisadrv - ok
15:47:56.0620 0x14d8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:47:56.0667 0x14d8 MSiSCSI - ok
15:47:56.0667 0x14d8 msiserver - ok
15:47:56.0667 0x14d8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:47:56.0714 0x14d8 MSKSSRV - ok
15:47:56.0714 0x14d8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:56.0745 0x14d8 MSPCLOCK - ok
15:47:56.0760 0x14d8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:47:56.0792 0x14d8 MSPQM - ok
15:47:56.0870 0x14d8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:47:56.0901 0x14d8 MsRPC - ok
15:47:56.0916 0x14d8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:47:56.0932 0x14d8 mssmbios - ok
15:47:56.0932 0x14d8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:47:56.0979 0x14d8 MSTEE - ok
15:47:56.0979 0x14d8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:47:56.0994 0x14d8 MTConfig - ok
15:47:57.0026 0x14d8 [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
15:47:57.0026 0x14d8 MTsensor - ok
15:47:57.0041 0x14d8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:47:57.0057 0x14d8 Mup - ok
15:47:57.0104 0x14d8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:47:57.0150 0x14d8 napagent - ok
15:47:57.0166 0x14d8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:47:57.0182 0x14d8 NativeWifiP - ok
15:47:57.0244 0x14d8 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:47:57.0275 0x14d8 NDIS - ok
15:47:57.0291 0x14d8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:47:57.0322 0x14d8 NdisCap - ok
15:47:57.0322 0x14d8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:57.0369 0x14d8 NdisTapi - ok
15:47:57.0384 0x14d8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:57.0431 0x14d8 Ndisuio - ok
15:47:57.0447 0x14d8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:57.0494 0x14d8 NdisWan - ok
15:47:57.0509 0x14d8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:47:57.0540 0x14d8 NDProxy - ok
15:47:57.0572 0x14d8 [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:47:57.0572 0x14d8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:47:57.0587 0x14d8 Detect skipped due to KSN trusted
15:47:57.0587 0x14d8 Net Driver HPZ12 - ok
15:47:57.0587 0x14d8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:47:57.0634 0x14d8 NetBIOS - ok
15:47:57.0650 0x14d8 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:47:57.0665 0x14d8 NetBT - ok
15:47:57.0681 0x14d8 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] Netlogon C:\Windows\system32\lsass.exe
15:47:57.0696 0x14d8 Netlogon - ok
15:47:57.0728 0x14d8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:47:57.0759 0x14d8 Netman - ok
15:47:57.0806 0x14d8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:57.0852 0x14d8 NetMsmqActivator - ok
15:47:57.0868 0x14d8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:57.0884 0x14d8 NetPipeActivator - ok
15:47:57.0899 0x14d8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:47:57.0946 0x14d8 netprofm - ok
15:47:57.0946 0x14d8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:57.0962 0x14d8 NetTcpActivator - ok
15:47:57.0977 0x14d8 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:47:57.0993 0x14d8 NetTcpPortSharing - ok
15:47:57.0993 0x14d8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:47:58.0008 0x14d8 nfrd960 - ok
15:47:58.0040 0x14d8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:47:58.0071 0x14d8 NlaSvc - ok
15:47:58.0071 0x14d8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:47:58.0118 0x14d8 Npfs - ok
15:47:58.0118 0x14d8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:47:58.0164 0x14d8 nsi - ok
15:47:58.0164 0x14d8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:47:58.0211 0x14d8 nsiproxy - ok
15:47:58.0274 0x14d8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:47:58.0336 0x14d8 Ntfs - ok
15:47:58.0352 0x14d8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:47:58.0383 0x14d8 Null - ok
15:47:58.0398 0x14d8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:47:58.0414 0x14d8 nvraid - ok
15:47:58.0430 0x14d8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:47:58.0461 0x14d8 nvstor - ok
15:47:58.0476 0x14d8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:47:58.0492 0x14d8 nv_agp - ok
15:47:58.0523 0x14d8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:47:58.0539 0x14d8 ohci1394 - ok
15:47:58.0820 0x14d8 [ E5CD07C8B079284DC62EFBE4CCA2ECAF, C6D6EEBA132B4047D927C7288CF49F97C204C3E0F6392591E783069E682D91B3 ] OO DiskImage C:\Program Files\OO Software\DiskImage\oodiag.exe
15:47:59.0022 0x14d8 OO DiskImage - ok
15:47:59.0069 0x14d8 [ C904C08F6D3528A90EE18931E9D7823B, 5060286FE4BE98D0063C50826883E841897E168B5D0FFD4E1103B96EA5AD6C92 ] oodisr C:\Windows\system32\DRIVERS\oodisr.sys
15:47:59.0085 0x14d8 oodisr - ok
15:47:59.0085 0x14d8 [ C1CA04648A407581DE1F984D471D96C8, 03C3B3EA429C28DA5EA432E233615CA751F955967A9D68FF9C43B57B0EB72A17 ] oodisrh C:\Windows\system32\DRIVERS\oodisrh.sys
15:47:59.0100 0x14d8 oodisrh - ok
15:47:59.0132 0x14d8 [ E02B3E97F4ADADDB65A180EFC7017756, B9C6E8C4A3B2FFC05849F0484512057D6B159147F9FB90EC1E3CE25D90E3B0C0 ] oodivd C:\Windows\system32\DRIVERS\oodivd.sys
15:47:59.0147 0x14d8 oodivd - ok
15:47:59.0163 0x14d8 [ FF25E17C5DCDB980437E393519BBC92D, 1C383C4710123C0C0AE17D2E4AEB2D37BBC88B97DE89EF26AE8FCDEC0039D2F2 ] oodivdh C:\Windows\system32\DRIVERS\oodivdh.sys
15:47:59.0178 0x14d8 oodivdh - ok
15:47:59.0210 0x14d8 [ 7B2FD92550C937DBDADCC39854A1A6E5, 7AB1FAEF087585963751BDD2485FEE34A73915C25015504D961B102D80178DCB ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:59.0241 0x14d8 ose - ok
15:47:59.0459 0x14d8 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:59.0600 0x14d8 osppsvc - ok
15:47:59.0631 0x14d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:47:59.0646 0x14d8 p2pimsvc - ok
15:47:59.0678 0x14d8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:47:59.0709 0x14d8 p2psvc - ok
15:47:59.0724 0x14d8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:47:59.0740 0x14d8 Parport - ok
15:47:59.0756 0x14d8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:47:59.0771 0x14d8 partmgr - ok
15:47:59.0802 0x14d8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:47:59.0834 0x14d8 PcaSvc - ok
15:47:59.0849 0x14d8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:47:59.0865 0x14d8 pci - ok
15:47:59.0880 0x14d8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:47:59.0896 0x14d8 pciide - ok
15:47:59.0927 0x14d8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:47:59.0943 0x14d8 pcmcia - ok
15:47:59.0958 0x14d8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:47:59.0974 0x14d8 pcw - ok
15:48:00.0005 0x14d8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:48:00.0036 0x14d8 PEAUTH - ok
15:48:00.0099 0x14d8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:48:00.0146 0x14d8 PeerDistSvc - ok
15:48:00.0224 0x14d8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:48:00.0270 0x14d8 PerfHost - ok
15:48:00.0348 0x14d8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:48:00.0411 0x14d8 pla - ok
15:48:00.0473 0x14d8 [ 4808ACE4B2C161AF2667F6C1AC45B434, 7C8F570721BA9827D2F4E5E48545D8A062484783091D7B1340BEE1F78AC90117 ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
15:48:00.0489 0x14d8 PlaysService - ok
15:48:00.0504 0x14d8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:48:00.0536 0x14d8 PlugPlay - ok
15:48:00.0567 0x14d8 [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:48:00.0567 0x14d8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:48:00.0567 0x14d8 Detect skipped due to KSN trusted
15:48:00.0567 0x14d8 Pml Driver HPZ12 - ok
15:48:00.0582 0x14d8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:48:00.0598 0x14d8 PNRPAutoReg - ok
15:48:00.0614 0x14d8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:48:00.0645 0x14d8 PNRPsvc - ok
15:48:00.0676 0x14d8 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:48:00.0707 0x14d8 PolicyAgent - ok
15:48:00.0723 0x14d8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:48:00.0770 0x14d8 Power - ok
15:48:00.0785 0x14d8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:48:00.0832 0x14d8 PptpMiniport - ok
15:48:00.0848 0x14d8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:48:00.0863 0x14d8 Processor - ok
15:48:00.0863 0x14d8 PROCEXP151 - ok
15:48:00.0894 0x14d8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:48:00.0926 0x14d8 ProfSvc - ok
15:48:00.0926 0x14d8 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] ProtectedStorage C:\Windows\system32\lsass.exe
15:48:00.0941 0x14d8 ProtectedStorage - ok
15:48:00.0972 0x14d8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:48:01.0004 0x14d8 Psched - ok
15:48:01.0066 0x14d8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:48:01.0113 0x14d8 ql2300 - ok
15:48:01.0128 0x14d8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:48:01.0144 0x14d8 ql40xx - ok
15:48:01.0175 0x14d8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:48:01.0206 0x14d8 QWAVE - ok
15:48:01.0238 0x14d8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:48:01.0284 0x14d8 QWAVEdrv - ok
15:48:01.0284 0x14d8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:48:01.0316 0x14d8 RasAcd - ok
15:48:01.0331 0x14d8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:48:01.0378 0x14d8 RasAgileVpn - ok
15:48:01.0394 0x14d8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:48:01.0425 0x14d8 RasAuto - ok
15:48:01.0456 0x14d8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:48:01.0487 0x14d8 Rasl2tp - ok
15:48:01.0518 0x14d8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:48:01.0565 0x14d8 RasMan - ok
15:48:01.0581 0x14d8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:48:01.0612 0x14d8 RasPppoe - ok
15:48:01.0628 0x14d8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:48:01.0659 0x14d8 RasSstp - ok
15:48:01.0690 0x14d8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:48:01.0737 0x14d8 rdbss - ok
15:48:01.0737 0x14d8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:48:01.0752 0x14d8 rdpbus - ok
15:48:01.0768 0x14d8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:48:01.0799 0x14d8 RDPCDD - ok
15:48:01.0830 0x14d8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:48:01.0846 0x14d8 RDPDR - ok
15:48:01.0846 0x14d8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:48:01.0877 0x14d8 RDPENCDD - ok
15:48:01.0893 0x14d8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:48:01.0924 0x14d8 RDPREFMP - ok
15:48:01.0955 0x14d8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:48:01.0986 0x14d8 RdpVideoMiniport - ok
15:48:02.0018 0x14d8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:48:02.0049 0x14d8 RDPWD - ok
15:48:02.0080 0x14d8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:48:02.0096 0x14d8 rdyboost - ok
15:48:02.0111 0x14d8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:48:02.0158 0x14d8 RemoteAccess - ok
15:48:02.0174 0x14d8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:48:02.0205 0x14d8 RemoteRegistry - ok
15:48:02.0220 0x14d8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:48:02.0267 0x14d8 RpcEptMapper - ok
15:48:02.0283 0x14d8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:48:02.0298 0x14d8 RpcLocator - ok
15:48:02.0314 0x14d8 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
15:48:02.0345 0x14d8 RpcSs - ok
15:48:02.0361 0x14d8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:48:02.0408 0x14d8 rspndr - ok
15:48:02.0408 0x14d8 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] SamSs C:\Windows\system32\lsass.exe
15:48:02.0439 0x14d8 SamSs - ok
15:48:02.0439 0x14d8 SANDRA - ok
15:48:02.0470 0x14d8 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:48:02.0470 0x14d8 SASDIFSV - ok
15:48:02.0486 0x14d8 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:48:02.0486 0x14d8 SASKUTIL - ok
15:48:02.0532 0x14d8 [ ECADB026023BF6E200A552E4EA700F47, 3BE40D99EF0229EC69E584D2351806F77A523EF362CC5094066DC4B9F7EB002A ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
15:48:02.0595 0x14d8 SbieDrv - ok
15:48:02.0595 0x14d8 [ 6E78D6CA33ECE9C7F0A7B0775198BA4D, 81F07C1D64FD66BFC0DC817045175EBA2096EC38D5D57584D114283DFA5899F4 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
15:48:02.0626 0x14d8 SbieSvc - ok
15:48:02.0642 0x14d8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:48:02.0657 0x14d8 sbp2port - ok
15:48:02.0673 0x14d8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:48:02.0720 0x14d8 SCardSvr - ok
15:48:02.0735 0x14d8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:48:02.0766 0x14d8 scfilter - ok
15:48:02.0829 0x14d8 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
15:48:02.0876 0x14d8 Schedule - ok
15:48:02.0907 0x14d8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:48:02.0938 0x14d8 SCPolicySvc - ok
15:48:02.0969 0x14d8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:48:02.0985 0x14d8 SDRSVC - ok
15:48:03.0000 0x14d8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:48:03.0016 0x14d8 secdrv - ok
15:48:03.0047 0x14d8 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
15:48:03.0063 0x14d8 seclogon - ok
15:48:03.0078 0x14d8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:48:03.0110 0x14d8 SENS - ok
15:48:03.0125 0x14d8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:48:03.0141 0x14d8 SensrSvc - ok
15:48:03.0156 0x14d8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:48:03.0172 0x14d8 Serenum - ok
15:48:03.0172 0x14d8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:48:03.0188 0x14d8 Serial - ok
15:48:03.0203 0x14d8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:48:03.0219 0x14d8 sermouse - ok
15:48:03.0250 0x14d8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:48:03.0297 0x14d8 SessionEnv - ok
15:48:03.0312 0x14d8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:48:03.0344 0x14d8 sffdisk - ok
15:48:03.0344 0x14d8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:48:03.0359 0x14d8 sffp_mmc - ok
15:48:03.0375 0x14d8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:48:03.0390 0x14d8 sffp_sd - ok
15:48:03.0406 0x14d8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:48:03.0422 0x14d8 sfloppy - ok
15:48:03.0437 0x14d8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:48:03.0484 0x14d8 SharedAccess - ok
15:48:03.0515 0x14d8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:48:03.0562 0x14d8 ShellHWDetection - ok
15:48:03.0578 0x14d8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:48:03.0593 0x14d8 SiSRaid2 - ok
15:48:03.0609 0x14d8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:48:03.0624 0x14d8 SiSRaid4 - ok
15:48:03.0640 0x14d8 [ 61D77AD6ED162196247CD5045E84C32E, CF612C0DBD87BEE9B04BEA9D6698C7488398181394E958B49A14878FF3C54BA6 ] SIVDRIVER C:\Windows\system32\Drivers\SIVX64.sys
15:48:03.0656 0x14d8 SIVDRIVER - ok
15:48:03.0656 0x14d8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:48:03.0702 0x14d8 Smb - ok
15:48:03.0718 0x14d8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:48:03.0734 0x14d8 SNMPTRAP - ok
15:48:03.0734 0x14d8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:48:03.0749 0x14d8 spldr - ok
15:48:03.0780 0x14d8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:48:03.0812 0x14d8 Spooler - ok
15:48:03.0983 0x14d8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:48:04.0108 0x14d8 sppsvc - ok
15:48:04.0124 0x14d8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:48:04.0155 0x14d8 sppuinotify - ok
15:48:04.0202 0x14d8 [ F2F4B895296EE3ECCE781CC2A296A5D1, 126321EDDA8141A42DBE7C90675948433063E6D5B6DEFD805AA0797C95A461EE ] srv C:\Windows\system32\DRIVERS\srv.sys
15:48:04.0233 0x14d8 srv - ok
15:48:04.0248 0x14d8 [ FD0008BEDD2723170CCA7D61837DFD52, F9F576FA7B84CAB5180B9080D62B8A00B3E5D5BC73199B11C63193742529227D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:48:04.0280 0x14d8 srv2 - ok
15:48:04.0295 0x14d8 [ 63B5845D9379262083655D5C6AB8DFC5, 1813D2FC41ADCDAC6E3A522373B9DB934CC27B89E7185E0E4FC26E30CDAF1523 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:48:04.0311 0x14d8 srvnet - ok
15:48:04.0326 0x14d8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:48:04.0373 0x14d8 SSDPSRV - ok
15:48:04.0373 0x14d8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:48:04.0420 0x14d8 SstpSvc - ok
15:48:04.0420 0x14d8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:48:04.0436 0x14d8 stexstor - ok
15:48:04.0482 0x14d8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:48:04.0514 0x14d8 stisvc - ok
15:48:04.0529 0x14d8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
15:48:04.0545 0x14d8 StorSvc - ok
15:48:04.0560 0x14d8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
15:48:04.0576 0x14d8 swenum - ok
15:48:04.0592 0x14d8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:48:04.0638 0x14d8 swprv - ok
15:48:04.0716 0x14d8 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
15:48:04.0779 0x14d8 SysMain - ok
15:48:04.0872 0x14d8 [ 00068CD7BD0A2BFA6ACC1F75671394FF, BE2235923006B300910404020D8FA3E4B6F4798778E03D1AFD3A04D995411C72 ] SystemExplorerHelpService C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
15:48:04.0919 0x14d8 SystemExplorerHelpService - ok
15:48:04.0935 0x14d8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:48:04.0950 0x14d8 TabletInputService - ok
15:48:04.0982 0x14d8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:48:05.0028 0x14d8 TapiSrv - ok
15:48:05.0106 0x14d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:48:05.0169 0x14d8 Tcpip - ok
15:48:05.0231 0x14d8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:48:05.0294 0x14d8 TCPIP6 - ok
15:48:05.0309 0x14d8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:48:05.0325 0x14d8 tcpipreg - ok
15:48:05.0340 0x14d8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:48:05.0356 0x14d8 TDPIPE - ok
15:48:05.0387 0x14d8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:48:05.0403 0x14d8 TDTCP - ok
15:48:05.0418 0x14d8 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:48:05.0434 0x14d8 tdx - ok
15:48:05.0450 0x14d8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
15:48:05.0465 0x14d8 TermDD - ok
15:48:05.0512 0x14d8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:48:05.0543 0x14d8 TermService - ok
15:48:05.0559 0x14d8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:48:05.0590 0x14d8 Themes - ok
15:48:05.0606 0x14d8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:48:05.0637 0x14d8 THREADORDER - ok
15:48:05.0652 0x14d8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:48:05.0699 0x14d8 TrkWks - ok
15:48:05.0746 0x14d8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:48:05.0808 0x14d8 TrustedInstaller - ok
15:48:05.0824 0x14d8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:48:05.0840 0x14d8 tssecsrv - ok
15:48:05.0855 0x14d8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:48:05.0871 0x14d8 TsUsbFlt - ok
15:48:05.0886 0x14d8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:48:05.0933 0x14d8 tunnel - ok
15:48:05.0933 0x14d8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:48:05.0949 0x14d8 uagp35 - ok
15:48:05.0980 0x14d8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:48:06.0027 0x14d8 udfs - ok
15:48:06.0042 0x14d8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:48:06.0058 0x14d8 UI0Detect - ok
15:48:06.0058 0x14d8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:48:06.0074 0x14d8 uliagpkx - ok
15:48:06.0105 0x14d8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
15:48:06.0120 0x14d8 umbus - ok
15:48:06.0136 0x14d8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:48:06.0152 0x14d8 UmPass - ok
15:48:06.0183 0x14d8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:48:06.0198 0x14d8 UmRdpService - ok
15:48:06.0230 0x14d8 [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
15:48:06.0245 0x14d8 UnlockerDriver5 - ok
15:48:06.0261 0x14d8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:48:06.0308 0x14d8 upnphost - ok
15:48:06.0339 0x14d8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:48:06.0354 0x14d8 usbccgp - ok
15:48:06.0370 0x14d8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:48:06.0401 0x14d8 usbcir - ok
15:48:06.0401 0x14d8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:48:06.0417 0x14d8 usbehci - ok
15:48:06.0448 0x14d8 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
15:48:06.0448 0x14d8 usbfilter - ok
15:48:06.0495 0x14d8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:48:06.0510 0x14d8 usbhub - ok
15:48:06.0542 0x14d8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:48:06.0557 0x14d8 usbohci - ok
15:48:06.0573 0x14d8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:48:06.0588 0x14d8 usbprint - ok
15:48:06.0604 0x14d8 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
15:48:06.0620 0x14d8 USBSTOR - ok
15:48:06.0651 0x14d8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:48:06.0666 0x14d8 usbuhci - ok
15:48:06.0682 0x14d8 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
15:48:06.0698 0x14d8 usb_rndisx - ok
15:48:06.0713 0x14d8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:48:06.0744 0x14d8 UxSms - ok
15:48:06.0760 0x14d8 [ 28F0F20D3747E2FFC2EA305D1B63D31E, 0027D944908429F03EDB4DBF1FFA25AF24E7CC84A3E3BE49CE5E646EFFB19E5B ] VaultSvc C:\Windows\system32\lsass.exe
15:48:06.0776 0x14d8 VaultSvc - ok
15:48:06.0776 0x14d8 VBoxNetFlt - ok
15:48:06.0791 0x14d8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:48:06.0807 0x14d8 vdrvroot - ok
15:48:06.0838 0x14d8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:48:06.0885 0x14d8 vds - ok
15:48:06.0900 0x14d8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:48:06.0916 0x14d8 vga - ok
15:48:06.0932 0x14d8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:48:06.0963 0x14d8 VgaSave - ok
15:48:06.0994 0x14d8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:48:07.0010 0x14d8 vhdmp - ok
15:48:07.0056 0x14d8 [ 574B29F436C4C63D37020C6E570A7528, 9FC5D4DBC1FE270303142DB5538EF7E2C5D1EAC8723684DA9C6680164E138336 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
15:48:07.0103 0x14d8 VIAHdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
15:48:07.0103 0x14d8 Detect skipped due to KSN trusted
15:48:07.0103 0x14d8 VIAHdAudAddService - ok
15:48:07.0119 0x14d8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:48:07.0134 0x14d8 viaide - ok
15:48:07.0166 0x14d8 [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53 C:\Windows\system32\DRIVERS\vsflt53.sys
15:48:07.0181 0x14d8 vidsflt53 - ok
15:48:07.0197 0x14d8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:48:07.0212 0x14d8 volmgr - ok
15:48:07.0244 0x14d8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:48:07.0259 0x14d8 volmgrx - ok
15:48:07.0290 0x14d8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:48:07.0306 0x14d8 volsnap - ok
15:48:07.0337 0x14d8 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
15:48:07.0353 0x14d8 vpcbus - ok
15:48:07.0368 0x14d8 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
15:48:07.0384 0x14d8 vpcnfltr - ok
15:48:07.0400 0x14d8 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
15:48:07.0431 0x14d8 vpcusb - ok
15:48:07.0462 0x14d8 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
15:48:07.0478 0x14d8 vpcvmm - ok
15:48:07.0509 0x14d8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:48:07.0524 0x14d8 vsmraid - ok
15:48:07.0618 0x14d8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:48:07.0680 0x14d8 VSS - ok
15:48:07.0696 0x14d8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:48:07.0712 0x14d8 vwifibus - ok
15:48:07.0743 0x14d8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:48:07.0790 0x14d8 W32Time - ok
15:48:07.0790 0x14d8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:48:07.0821 0x14d8 WacomPen - ok
15:48:07.0821 0x14d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:48:07.0852 0x14d8 WANARP - ok
15:48:07.0868 0x14d8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:48:07.0899 0x14d8 Wanarpv6 - ok
15:48:07.0961 0x14d8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:48:08.0008 0x14d8 WatAdminSvc - ok
15:48:08.0086 0x14d8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:48:08.0133 0x14d8 wbengine - ok
15:48:08.0148 0x14d8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:48:08.0180 0x14d8 WbioSrvc - ok
15:48:08.0211 0x14d8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:48:08.0242 0x14d8 wcncsvc - ok
15:48:08.0258 0x14d8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:48:08.0273 0x14d8 WcsPlugInService - ok
15:48:08.0289 0x14d8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:48:08.0304 0x14d8 Wd - ok
15:48:08.0351 0x14d8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:48:08.0382 0x14d8 Wdf01000 - ok
15:48:08.0398 0x14d8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:48:08.0429 0x14d8 WdiServiceHost - ok
15:48:08.0429 0x14d8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:48:08.0445 0x14d8 WdiSystemHost - ok
15:48:08.0476 0x14d8 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
15:48:08.0492 0x14d8 WebClient - ok
15:48:08.0523 0x14d8 [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:48:08.0538 0x14d8 Wecsvc - ok
15:48:08.0554 0x14d8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:48:08.0585 0x14d8 wercplsupport - ok
15:48:08.0601 0x14d8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:48:08.0648 0x14d8 WerSvc - ok
15:48:08.0648 0x14d8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:48:08.0694 0x14d8 WfpLwf - ok
15:48:08.0710 0x14d8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:48:08.0710 0x14d8 WIMMount - ok
15:48:08.0741 0x14d8 WinDefend - ok
15:48:08.0741 0x14d8 WinHttpAutoProxySvc - ok
15:48:08.0788 0x14d8 [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:48:08.0819 0x14d8 Winmgmt - ok
15:48:08.0960 0x14d8 [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM C:\Windows\system32\WsmSvc.dll
15:48:09.0053 0x14d8 WinRM - ok
15:48:09.0084 0x14d8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:48:09.0100 0x14d8 WinUsb - ok
15:48:09.0131 0x14d8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:48:09.0178 0x14d8 Wlansvc - ok
15:48:09.0209 0x14d8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:48:09.0225 0x14d8 WmiAcpi - ok
15:48:09.0256 0x14d8 [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:48:09.0272 0x14d8 wmiApSrv - ok
15:48:09.0287 0x14d8 WMPNetworkSvc - ok
15:48:09.0287 0x14d8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:48:09.0303 0x14d8 WPCSvc - ok
15:48:09.0334 0x14d8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:48:09.0350 0x14d8 WPDBusEnum - ok
15:48:09.0350 0x14d8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:48:09.0396 0x14d8 ws2ifsl - ok
15:48:09.0396 0x14d8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:48:09.0428 0x14d8 wscsvc - ok
15:48:09.0428 0x14d8 WSearch - ok
15:48:09.0568 0x14d8 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
15:48:09.0646 0x14d8 wuauserv - ok
15:48:09.0662 0x14d8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:48:09.0677 0x14d8 WudfPf - ok
15:48:09.0708 0x14d8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:48:09.0724 0x14d8 WUDFRd - ok
15:48:09.0740 0x14d8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:48:09.0771 0x14d8 wudfsvc - ok
15:48:09.0786 0x14d8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:48:09.0818 0x14d8 WwanSvc - ok
15:48:09.0818 0x14d8 ================ Scan global ===============================
15:48:09.0849 0x14d8 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:48:09.0864 0x14d8 [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
15:48:09.0880 0x14d8 [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
15:48:09.0896 0x14d8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:48:09.0927 0x14d8 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:48:09.0927 0x14d8 [ Global ] - ok
15:48:09.0927 0x14d8 ================ Scan MBR ==================================
15:48:09.0942 0x14d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:48:10.0239 0x14d8 \Device\Harddisk0\DR0 - ok
15:48:10.0254 0x14d8 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
15:48:10.0410 0x14d8 \Device\Harddisk1\DR1 - ok
15:48:10.0410 0x14d8 ================ Scan VBR ==================================
15:48:10.0426 0x14d8 [ FB4A74CA8D113310B5936CE8F9A6CD0A ] \Device\Harddisk0\DR0\Partition1
15:48:10.0426 0x14d8 \Device\Harddisk0\DR0\Partition1 - ok
15:48:10.0426 0x14d8 [ 32670C0832F42FD55291BC8D411F2CE2 ] \Device\Harddisk0\DR0\Partition2
15:48:10.0442 0x14d8 \Device\Harddisk0\DR0\Partition2 - ok
15:48:10.0442 0x14d8 [ 9695018C54CD56E74659A09C4A7C4CBA ] \Device\Harddisk0\DR0\Partition3
15:48:10.0442 0x14d8 \Device\Harddisk0\DR0\Partition3 - ok
15:48:10.0473 0x14d8 [ 7B77ED01ECAF618144D338845767B65B ] \Device\Harddisk0\DR0\Partition4
15:48:10.0473 0x14d8 \Device\Harddisk0\DR0\Partition4 - ok
15:48:10.0473 0x14d8 [ F5BB09B1EB3EECDC39DAD0DF9CEC71F6 ] \Device\Harddisk1\DR1\Partition1
15:48:10.0473 0x14d8 \Device\Harddisk1\DR1\Partition1 - ok
15:48:10.0473 0x14d8 [ DC777ECD93A7C82972A7758B4236447E ] \Device\Harddisk1\DR1\Partition2
15:48:10.0473 0x14d8 \Device\Harddisk1\DR1\Partition2 - ok
15:48:10.0488 0x14d8 ================ Scan generic autorun ======================
15:48:10.0566 0x14d8 [ 7444E0F4C9991AE3711F5FAB5DB257E1, C87EA79AE840F6579AB6C34C44E7059E3489B95E7300394D265353F62B7FA43F ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
15:48:10.0613 0x14d8 avgnt - ok
15:48:10.0707 0x14d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:10.0755 0x14d8 Sidebar - ok
15:48:10.0770 0x14d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:10.0801 0x14d8 mctadmin - ok
15:48:10.0848 0x14d8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:48:10.0895 0x14d8 Sidebar - ok
15:48:10.0895 0x14d8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:48:10.0911 0x14d8 mctadmin - ok
15:48:10.0973 0x14d8 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:48:11.0020 0x14d8 Sidebar - ok
15:48:11.0145 0x14d8 [ 7034D09742E4E2639E0D20FA6E46B95F, 7948A81270F31089244DBEBE61948DD4FB3BCBB3FF9BFF0FE2E0B9015E767196 ] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
15:48:11.0160 0x14d8 FileHippo.com - detected UnsignedFile.Multi.Generic ( 1 )
15:48:11.0160 0x14d8 Detect skipped due to KSN trusted
15:48:11.0160 0x14d8 FileHippo.com - ok
15:48:11.0160 0x14d8 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.18.351 ), 0x41000 ( enabled : updated )
15:48:11.0160 0x14d8 Win FW state via NFP2: enabled ( trusted )
15:48:11.0285 0x14d8 ============================================================
15:48:11.0285 0x14d8 Scan finished
15:48:11.0285 0x14d8 ============================================================
15:48:11.0301 0x1904 Detected object count: 0
15:48:11.0301 0x1904 Actual detected object count: 0
sind wir schon durch oder gibt es noch etwas zu tun? Danke! Gruß buju |
|
01.08.2016, 12:38
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber ich seh da nix....  ...aber gerne nochmal MBAR:Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.08.2016, 13:42
| #9 |
| | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Hi cosinus, hier das Log von MBAR: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.08.01.06
rootkit: v2016.05.27.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18376
Frank :: FRANK-PC [administrator]
01.08.2016 14:20:17
mbar-log-2016-08-01 (14-20-17).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322893
Time elapsed: 19 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Viel wichtiger ist mir aber Deine Meinung dazu. Danke dafür! Gruß buju |
|
01.08.2016, 14:16
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber ja, da war ja nix 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.08.2016, 15:55
| #11 |
| | Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber Hi cosinus, dann Danke ich Dir ganz herzlich! Virenfreie Zeit uns Allen  Gruß buju |
|
| Themen zu Eine Speicherveränderung wurde entdeckt... (AviraPro) - versteckter Treiber |
| bösartige, code, elemente, entdeck, entdeckt, erhalte, erkannt, folge, folgende, folgenden, gestern, hinweis, kostenlose, laufen, missbraucht, möglicherweise, service, treiber, versteckte, versteckten, versteckter, webadvisor, websites, windows, windows 7, woche |
Linear-Darstellung
