| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Eset findet 6 TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.12.2016, 12:25
| #1 |
 |  Windows 7: Eset findet 6 Trojaner Hallo, zunächst vielen Dank für die Hilfe! Der PC meines Vaters wurde sehr langsam und stürzte ab. malwarebite fand drei unerwünschte Anwendungen, die ich dann gelöscht habe. Als das Problem nicht gelöst war, habe ich Eset heruntergeladen, das 18 unerwünschte Anwendingen fand. Dann war ich wohl zu schnell und habe sie alle gelöscht - das Problem blieb. Hier die gewünschten Dateien: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016 durchgeführt von PC (Administrator) auf PC-PC (27-12-2016 11:50:54) Gestartet von C:\Users\PC\Downloads\msvcp120 Geladene Profile: PC & (Verfügbare Profile: PC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (SPEEDbit) C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [26832 2016-12-13] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [159568 2016-12-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Run: [Firefox] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [510920 2016-12-14] (Mozilla Corporation) HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Run: [Thunderbird] => C:\Windows.old.000\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [491464 2016-12-17] (Mozilla Corporation) HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Run: [SpeedBitVideoAccelerator] => C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe [1517224 2016-03-18] (SPEEDbit) HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Firefox] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [510920 2016-12-14] (Mozilla Corporation) HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Thunderbird] => C:\Windows.old.000\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [491464 2016-12-17] (Mozilla Corporation) HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpeedBitVideoAccelerator] => C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe [1517224 2016-03-18] (SPEEDbit) IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\videoaccelerator.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-12-26] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Balke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-10-01] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Balke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2016-12-26] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-12-01] ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2016-12-26] ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 10 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Winsock: Catalog9 21 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{708ACFE3-B12D-4B7A-8537-6C3F9EB3BE6F}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-21] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-21] (Oracle Corporation) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security) Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 [2016-12-27] FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\user.js [2015-12-23] FF NewTab: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> hxxps://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p10_serp_ff_de_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_09c29ee9_1201_1401_20160811_DE_ff_nt_ FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> Qwant FF DefaultSearchUrl: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> hxxp://go.speedbit.com/search.aspx?s=G3Ib&q= FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> Amazon FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> Speedbit Search FF Homepage: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> about:home FF Keyword.URL: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> hxxp://go.speedbit.com/search.aspx?s=G3Ib&q= FF Extension: (friGate - unlock sites) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\Extensions\e67f8350-7edf-11e3-baa7-0800200c9a66@fri-gate.org.xpi [2016-05-07] FF Extension: (Video DownloadHelper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-20] FF Extension: (Adblock Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\searchplugins\qwant.xml [2016-01-11] FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\searchplugins\startpage---deutsch.xml [2016-03-19] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome - Chrome.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-11-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [329480 2016-12-14] (McAfee, Inc.) R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35416 2016-12-13] (Avira Operations GmbH & Co. KG) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2016-11-30] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-11-30] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-11-30] (McAfee, Inc.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4788496 2016-11-25] (AVG Technologies CZ, s.r.o.) R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2016-11-25] (AVG Technologies CZ, s.r.o.) R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [48912 2016-11-25] (AVG Technologies CZ, s.r.o.) R2 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2016-03-18] (SPEEDbit) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-11] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-27] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.) U2 SBUpd; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-12-27 11:50 - 2016-12-27 11:50 - 00000000 ____D C:\FRST 2016-12-26 14:32 - 2016-12-26 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2016-12-24 11:03 - 2016-12-24 11:03 - 00000000 ____D C:\Program Files (x86)\ESET 2016-12-19 08:14 - 2016-12-26 14:32 - 00000000 ____D C:\Program Files\McAfee Security Scan 2016-12-17 22:20 - 2016-12-18 00:42 - 00080884 _____ C:\Windows\SysWOW64\MyDefrag.dat 2016-12-17 22:14 - 2016-12-17 22:14 - 00000000 ____D C:\Users\PC\AppData\Local\AviraSpeedup 2016-12-15 11:53 - 2016-12-26 14:28 - 00000000 ____D C:\Users\Public\Speedup Sessions 2016-12-14 11:27 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-12-14 11:27 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2016-12-14 11:27 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2016-12-14 11:27 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2016-12-14 11:27 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-12-14 11:27 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2016-12-14 11:27 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2016-12-14 11:27 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2016-12-14 11:27 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2016-12-14 11:27 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2016-12-14 11:27 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2016-12-14 11:27 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-12-14 11:27 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-12-14 11:27 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-12-14 11:27 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2016-12-14 11:27 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2016-12-14 11:27 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2016-12-14 11:27 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-12-14 11:27 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2016-12-14 11:27 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-12-14 11:27 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-12-14 11:27 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-12-14 11:27 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-12-14 11:27 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-12-14 11:27 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-12-14 11:27 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-12-14 11:27 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-12-14 11:27 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-12-14 11:27 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-12-14 11:27 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-12-14 11:27 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-12-14 11:27 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-12-14 11:27 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-12-14 11:27 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-12-14 11:27 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-12-14 11:27 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-12-14 11:27 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-12-14 11:27 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-12-14 11:27 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-12-14 11:27 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-12-14 11:27 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-12-14 11:27 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-12-14 11:27 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-12-14 11:27 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-12-14 11:27 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-12-14 11:27 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-12-14 11:27 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-12-14 11:27 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-12-14 11:27 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-12-14 11:27 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-12-14 11:27 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-12-14 11:27 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-12-14 11:27 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-12-14 11:27 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-12-14 11:27 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-12-14 11:27 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-12-14 11:27 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-12-14 11:27 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-12-14 11:27 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-12-14 11:27 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-12-14 11:27 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-12-14 11:27 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-12-14 11:27 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-12-14 11:27 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-12-14 11:27 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-12-14 11:27 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-12-14 11:27 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-12-14 11:27 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-12-14 11:27 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-12-14 11:27 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-12-14 11:27 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-12-14 11:27 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-12-14 11:27 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-12-14 11:27 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-12-14 11:27 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-12-14 11:27 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-12-14 11:27 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-12-14 11:27 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-12-14 11:27 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-12-14 11:27 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-12-14 11:27 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-12-14 11:27 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-12-14 11:27 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-12-14 11:27 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-12-14 11:27 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-12-14 11:27 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2016-12-14 11:27 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-12-14 11:27 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-12-14 11:27 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2016-12-14 11:27 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2016-12-14 11:27 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2016-12-14 11:27 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2016-12-14 11:27 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-12-14 11:27 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2016-12-14 11:27 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2016-12-14 11:27 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2016-12-14 11:27 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2016-12-14 11:27 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-12-14 11:27 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-12-14 11:27 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-12-14 11:27 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2016-12-14 11:27 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2016-12-14 11:27 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-12-14 11:27 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-12-14 11:27 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-12-14 11:27 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2016-12-14 11:27 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2016-12-14 11:27 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2016-12-14 11:27 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2016-12-14 11:27 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2016-12-14 11:27 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2016-12-14 11:27 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2016-12-14 11:27 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2016-12-14 11:27 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe 2016-12-14 11:27 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-12-14 11:27 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2016-12-14 11:27 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2016-12-14 11:27 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2016-12-14 11:27 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2016-12-14 11:27 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2016-12-14 11:27 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls 2016-12-14 11:27 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls 2016-12-14 11:27 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-12-14 11:27 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2016-12-14 11:27 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2016-12-14 11:27 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-12-14 11:27 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2016-12-14 11:27 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2016-12-14 11:27 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2016-12-14 11:27 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2016-12-14 11:27 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2016-12-14 11:26 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2016-12-14 11:26 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2016-12-14 11:26 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2016-12-14 11:26 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2016-12-14 11:26 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2016-12-14 11:26 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2016-12-14 11:26 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-12-14 11:26 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-12-14 11:26 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2016-12-14 11:26 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2016-12-08 16:47 - 2016-12-08 16:47 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk 2016-11-30 16:58 - 2016-12-15 11:53 - 00001219 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk 2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll 2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll 2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll 2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-12-27 11:50 - 2016-08-11 21:56 - 00000000 ____D C:\Users\PC\Downloads\msvcp120 2016-12-27 11:49 - 2009-07-14 05:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-27 11:49 - 2009-07-14 05:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-27 08:47 - 2015-10-16 22:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-12-26 19:38 - 2016-06-10 16:30 - 00000462 _____ C:\Windows\Tasks\ParetoLogic Registration3.job 2016-12-26 14:43 - 2016-09-20 20:56 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2016-12-26 14:32 - 2016-02-10 08:13 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2016-12-26 14:28 - 2016-11-20 08:28 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla 2016-12-26 14:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-24 21:25 - 2016-08-31 21:10 - 00000000 ____D C:\Users\PC\Documents\Bendix 2016-12-24 17:48 - 2013-03-20 16:28 - 00000000 ____D C:\Users\Balke\AppData\Local\iLivid 2016-12-23 20:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Resources 2016-12-22 08:37 - 2016-06-02 20:55 - 00000000 ____D C:\Program Files (x86)\McAfee 2016-12-22 08:36 - 2016-04-27 14:53 - 00000000 ____D C:\Program Files\TrueKey 2016-12-21 16:39 - 2016-04-27 15:02 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk 2016-12-19 18:41 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-18 00:42 - 2016-09-15 16:17 - 00140418 _____ C:\Windows\SysWOW64\Defrag.debuglog 2016-12-17 22:21 - 2015-10-21 09:15 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-12-17 22:21 - 2015-10-16 22:13 - 00003696 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager 2016-12-17 09:31 - 2016-07-29 06:25 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 09:31 - 2015-12-17 22:19 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-16 22:06 - 2012-02-04 11:51 - 00000000 ____D C:\Users\PC\Documents\PhotoEd 2016-12-15 12:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2016-12-15 11:53 - 2015-10-28 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-12-15 11:53 - 2015-10-28 17:51 - 00000000 ____D C:\Program Files (x86)\Avira 2016-12-14 22:54 - 2016-05-06 21:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-14 22:54 - 2015-10-15 07:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-14 22:06 - 2016-07-18 15:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-12-14 21:44 - 2016-10-06 07:22 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys 2016-12-14 21:44 - 2015-10-28 17:54 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-12-14 21:44 - 2015-10-28 17:54 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-12-14 17:33 - 2015-10-17 21:20 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe 2016-12-14 17:31 - 2016-07-18 15:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-12-14 17:31 - 2015-10-19 15:22 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-14 17:31 - 2015-10-19 15:22 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-14 17:31 - 2015-10-19 15:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-12-14 17:31 - 2015-10-19 15:22 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-14 17:24 - 2010-11-21 07:50 - 00699462 _____ C:\Windows\system32\perfh007.dat 2016-12-14 17:24 - 2010-11-21 07:50 - 00149602 _____ C:\Windows\system32\perfc007.dat 2016-12-14 17:24 - 2009-07-14 06:13 - 01620812 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-14 17:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-14 17:16 - 2009-07-14 05:45 - 00340360 _____ C:\Windows\system32\FNTCACHE.DAT 2016-12-14 12:22 - 2015-10-14 18:15 - 00000000 ____D C:\Windows\system32\MRT 2016-12-14 12:19 - 2015-10-14 18:15 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-12-14 12:17 - 2015-12-18 09:50 - 01594156 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2016-12-10 17:20 - 2015-10-14 10:41 - 00000000 ____D C:\Windows.old.000 2016-12-08 16:47 - 2015-10-28 17:51 - 00000000 ____D C:\ProgramData\Package Cache 2016-12-01 23:12 - 2016-09-21 20:54 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client 2016-12-01 23:12 - 2016-09-21 14:20 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk 2016-12-01 23:12 - 2016-09-21 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client 2016-12-01 23:05 - 2012-03-04 16:19 - 00000000 ____D C:\Users\PC\Texte ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-02-16 07:37 - 2016-02-16 07:37 - 0431616 ____N () C:\Program Files\CEWE FOTOIMPORTER.exe 2016-02-16 07:37 - 2016-02-16 07:37 - 0229376 ____N () C:\Program Files\CEWE FOTOSCHAU.exe 2016-02-16 07:37 - 2016-02-16 07:37 - 0016384 ____N () C:\Program Files\gpuprobe.exe 2016-02-16 07:37 - 2016-02-16 07:37 - 5404672 ____N () C:\Program Files\Mein CEWE FOTOBUCH.exe 2016-08-11 21:56 - 2016-08-11 13:14 - 0660128 _____ (Microsoft Corporation) C:\Program Files\msvcp120.dll 2016-08-11 07:04 - 2016-08-11 07:04 - 0199671 _____ () C:\Program Files (x86)\msvcp120.zip 2016-08-12 20:29 - 2016-08-12 20:29 - 0001166 _____ () C:\Program Files (x86)\vcredist_x86 - Verknüpfung.lnk ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-12-24 20:02 ==================== Ende von FRST.txt === Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von PC (27-12-2016 11:51:45)
Gestartet von C:\Users\PC\Downloads\msvcp120
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-14 09:19:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1501792886-3384884554-2704517135-500 - Administrator - Disabled)
Gast (S-1-5-21-1501792886-3384884554-2704517135-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1501792886-3384884554-2704517135-1003 - Limited - Enabled)
PC (S-1-5-21-1501792886-3384884554-2704517135-1000 - Administrator - Enabled) => C:\Users\PC
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1-Click PC Tuneup (HKLM-x32\...\1-Click PC Tuneup) (Version: F:\1clickTuneup\build\oneclick.exe - Vitarsoft Corporation)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{CE42CFF5-F477-D440-6CFB-6CBAE0008B91}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.63.2.50050 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.63.4 - AVG Technologies) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.0.4242 - Avira Operations GmbH & Co. KG)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON Easy Photo Print (HKLM-x32\...\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}) (Version: 1.2.3.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.11.110.1 - Intel Security)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.474.2 - McAfee, Inc.)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
PIF DESIGNER (HKLM-x32\...\{B90450DF-E781-46FD-B1F1-0C86DA40E443}) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0776D7CE-5405-4D6E-AE88-385B45B9E3EA} - System32\Tasks\{305175E0-3461-405B-B56B-A49BD5DBB315} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {15AD885A-78A4-4F5C-BE03-7121A8FBEE3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {17EE6412-0D5D-4A9B-9990-DA468BBC0F1D} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {1F2A6E02-F7D5-46AE-BEA5-031812053CD7} - System32\Tasks\{1ACAD4E6-2FB8-4C8A-A5FD-F92F7C1ADE01} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {20A5CE53-33A2-4F5F-A141-DEEF1C5414A3} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
Task: {228403F9-EFE7-4786-9771-D4B5218C02DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-17] (Google Inc.)
Task: {33FDB15B-4E07-4A5A-9102-ED47ACD32196} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {40E23B5D-368B-4E59-B357-0230C6172D3C} - System32\Tasks\{A3B49289-E3D5-4049-A083-4E4890EC392E} => C:\Program Files\Vitarsoft\1-Click PC Tuneup\PCtuneup.exe [2013-03-09] (Vitarsoft)
Task: {5EBB9670-8D09-4FDF-9FF7-177BC4B4DA79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-17] (Google Inc.)
Task: {A2A5F4B3-E3EC-40C0-88D7-AF93F622B3C5} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {B1B61AD5-0D83-461D-8BFD-A3BCCB3A8634} - System32\Tasks\{5452F968-0C34-416A-A03E-0B5F8C7BAEC9} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe [2015-10-05] (Malwarebytes)
Task: {B324921B-3B63-4D5A-B33D-F421CF870339} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-11-25] (AVG Technologies CZ, s.r.o.)
Task: {B5B1575F-617E-4A10-864E-F1A678B906C6} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {C7517279-344F-42FE-959E-39C24692286A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {D7E1C81E-DB44-43FC-8691-620E2FD91442} - System32\Tasks\{259FDB5E-6C93-4D19-804F-656F00579B0A} => C:\Program Files\Vitarsoft\1-Click PC Tuneup\PCtuneup.exe [2013-03-09] (Vitarsoft)
Task: {DDABBB45-B655-46A7-BBCD-5C99D475D27C} - System32\Tasks\{2BC080A6-B983-49C6-BD39-DF7F955A5A46} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {E0466576-A0C7-466E-826D-17E374DA0757} - System32\Tasks\{62EA9BC3-D3DE-43E7-B429-AB0FA61B6992} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {E2875857-E254-4FA8-8B14-704040A6FA37} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {F0F67EC2-CFBF-4AAE-AF37-A44199081729} - System32\Tasks\Vitarsoft_1_Click_PC_Tuneup_Update => C:\Program Files\Vitarsoft\1-Click PC Tuneup\update.exe [2013-03-09] (Vitarsoft)
Task: {F2DCE893-6039-47E7-9C48-5112716B7DA8} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => rundll32.exe C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\Vitarsoft_1_Click_PC_Tuneup_Update.job => C:\Program Files\Vitarsoft\1-Click PC Tuneup\update.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-28 17:47 - 2016-11-28 17:46 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A5A99030-04D3-406B-9B49-2FFA5BDF5E22}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E113D91F-F65F-4DCB-94C1-02BF873E7E53}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE509530-6147-4C33-9836-E826174F5CCC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E7E95471-F389-498C-990B-E61EE733F78C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
19-12-2016 22:46:44 Vitarsoft
26-12-2016 14:38:46 Windows-Sicherung
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/26/2016 02:53:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\pc\downloads\msvcp120\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (12/26/2016 02:29:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/24/2016 11:03:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\msvcp120\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (12/24/2016 11:03:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\msvcp120\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (12/23/2016 08:44:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/22/2016 08:38:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/21/2016 04:37:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/19/2016 10:52:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/19/2016 10:09:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/19/2016 06:47:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (12/26/2016 07:38:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (12/26/2016 07:38:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.
Error: (12/24/2016 09:21:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/24/2016 07:36:20 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/24/2016 07:35:58 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (12/24/2016 05:49:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/24/2016 05:49:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\PC\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (12/24/2016 05:49:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/24/2016 05:49:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\PC\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (12/24/2016 05:49:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
CodeIntegrity:
===================================
Date: 2016-12-23 20:02:34.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:02:34.734
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:02:34.564
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:00:28.010
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:00:27.821
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:00:27.626
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:00:18.086
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.10240.16431_none_510c5232f65d3fa4\GamePanel.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:00:17.926
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.10240.16431_none_510c5232f65d3fa4\GamePanel.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 20:00:17.716
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.10240.16431_none_510c5232f65d3fa4\GamePanel.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2016-12-23 19:58:35.369
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-windows-edp-audit_31bf3856ad364e35_10.0.10240.16384_none_7777f253b03d948e\edpauditapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: AMD A4-3400 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3581.22 MB
Verfügbarer physikalischer RAM: 1375.24 MB
Summe virtueller Speicher: 7160.63 MB
Verfügbarer virtueller Speicher: 4074.45 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:467.45 GB) (Free:383.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Sicherung) (Fixed) (Total:449.07 GB) (Free:219.36 GB) NTFS
Drive j: () (Fixed) (Total:465.76 GB) (Free:302.68 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AA6F3D90)
Partition 1: (Not Active) - (Size=467.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.1 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=15 GB) - (Type=27)
========================================================
Disk: 5 (Size: 465.8 GB) (Disk ID: D663720F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter C:\Windows.old.000\Documents and Settings\Balke\AppData\Roaming\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js JS/Mindspark.C evtl. unerwünschte Anwendung
C:\Windows.old.000\ProgramData\InstallMate\{9C9673A6-147E-4B58-A9B3-5C5C47755150}\_Setupx.dll Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung
C:\Windows.old.000\Users\All Users\InstallMate\{9C9673A6-147E-4B58-A9B3-5C5C47755150}\_Setupx.dll Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung
C:\Windows.old.000\Users\Balke\Anwendungsdaten\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js JS/Mindspark.C evtl. unerwünschte Anwendung
C:\Windows.old.000\Users\Balke\AppData\Roaming\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js JS/Mindspark.C evtl. unerwünschte Anwendung
C:\Program Files\Common Files\SpeedBit\SBUpdate\sba.exe Variante von Win64/SBWatchman.B evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbei32.dll Variante von Win32/SBWatchman.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbei64.dll Variante von Win64/SBWatchman.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll Variante von Win32/SBWatchman.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi64.dll Variante von Win64/SBWatchman.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbi32.exe Variante von Win32/SBWatchman.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbi64.exe Variante von MSIL/SBWatchman.A evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Program Files (x86)\Common Files\SpeedBit\SBUpdate\AAAA Variante von Win32/SpeedBit.K evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Users\Balke\AppData\Local\iLivid\Helper.dll Variante von Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Users\PC\Downloads\va33.exe Variante von Win32/SpeedBit.K evtl. unerwünschte Anwendung gelöscht
C:\Windows.old.000\Documents and Settings\All Users\InstallMate\{9C9673A6-147E-4B58-A9B3-5C5C47755150}\_Setupx.dll Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Windows.old.000\Documents and Settings\Balke\Anwendungsdaten\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js JS/Mindspark.C evtl. unerwünschte Anwendung Gesäubert durch Löschen
C:\Windows.old.000\Program Files (x86)\WxDownload\uninstall.exe Variante von Win32/SProtector.B evtl. unerwünschte Anwendung gelöscht
Mit freundlichen Grüßen, BigBen17 Geändert von cosinus (27.12.2016 um 12:33 Uhr) Grund: CODE-Tags |
|
27.12.2016, 12:35
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7: Eset findet 6 Trojaner Hi,
__________________Zitat:
Und Logs werden grundsätzlich in CODE-Tags gepostet, nicht einfach so rein.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
27.12.2016, 13:54
| #3 |
| | Windows 7: Eset findet 6 Trojaner Hallo Cosinus, es tut mir leid: Ich bin zum ersten Mal in einem solchen Computer-Forum und kenne mich damit bedauerlicherweise nicht aus.
__________________Malwarebytes hat die Logs nur von heute, nicht von den letzten Tagen gespeichert. Ich hatte mir von Hand aufgeschrieben, dass es PCKeeper, Bandoo und MindSpot gefunden und gelöscht hat (PUP.Optional). |
|
27.12.2016, 15:00
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Eset findet 6 Trojaner Du sollst die Logs posten, nicht irgendwelche Nacherzählungen, mit denen keiner so richtig was anfangen kann  Wenn du keine Ahnung hast solltest du auch eigentlich nicht ohne Anleitungen irgendwelche Tools ausführen. Die Logs von MBAM findest du im Verlauf.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.12.2016, 15:46
| #5 |
| | Windows 7: Eset findet 6 Trojaner Hallo, anscheinend hat mein Vater die Logs gelöscht, so wie Malewarebytes es freundlich vorschlägt ("Löschen/ Alles Löschen"). Sie finden sich auch nicht im entsprechenden Verzeichnis oder im Papierkorb. Nur als Beweis, dass ich den Verlauf durchaus finden kann: Malwarebytes Anti-Malware www.malwarebytes.org Update, 27.12.2016 13:27, SYSTEM, PC-PC, Scheduler, Failed, No Internet connection detected, Update, 27.12.2016 13:30, SYSTEM, PC-PC, Scheduler, IP Database, 2016.12.25.1, 2016.12.27.1, Update, 27.12.2016 13:30, SYSTEM, PC-PC, Scheduler, Domain Database, 2016.12.26.1, 2016.12.27.1, Update, 27.12.2016 13:30, SYSTEM, PC-PC, Scheduler, Malware Database, 2016.12.27.2, 2016.12.27.3, Protection, 27.12.2016 13:30, SYSTEM, PC-PC, Protection, Refresh, Starting, Protection, 27.12.2016 13:30, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopping, Protection, 27.12.2016 13:30, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopped, Protection, 27.12.2016 13:31, SYSTEM, PC-PC, Protection, Refresh, Success, Protection, 27.12.2016 13:31, SYSTEM, PC-PC, Protection, Malicious Website Protection, Starting, Protection, 27.12.2016 13:31, SYSTEM, PC-PC, Protection, Malicious Website Protection, Started, Update, 27.12.2016 15:21, SYSTEM, PC-PC, Scheduler, Domain Database, 2016.12.27.1, 2016.12.27.3, Protection, 27.12.2016 15:21, SYSTEM, PC-PC, Protection, Refresh, Starting, Protection, 27.12.2016 15:21, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopping, Protection, 27.12.2016 15:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopped, Protection, 27.12.2016 15:22, SYSTEM, PC-PC, Protection, Refresh, Success, Protection, 27.12.2016 15:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Starting, Protection, 27.12.2016 15:23, SYSTEM, PC-PC, Protection, Malicious Website Protection, Started, (end) Ich würde mich sehr freuen, wenn die "Goldene Regel 6" ("Wenn du etwas nicht verstehst, frage höflich nach. Wir erklären dir gerne, was du machen musst") für uns beide gelten könnte. |
|
28.12.2016, 09:19
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Eset findet 6 Trojaner Ja das ist dann schön blöd, denn so kann niemand sich mehr zu den Funden von MBAM äußern. Also da kannste du keine Info zu erwarten. Zitat:
Das mit den CODE-Tags zB  +++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden? Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ --> Windows 7: Eset findet 6 Trojaner |
|
28.12.2016, 18:12
| #7 |
| | OK, versuchen wir´s Hallo, der Verlauf von MBAM wurde gestern leider von Avira System Speedup Pro gelöscht, passiert nicht noch einmal. Ich habe jetzt sichergestellt, dass - Antivir deinstalliert wurde - der infizierte PC nicht mehr online geht - keine weitere Anwendung betätigt oder verändert werden. Damit müssten alle Hinweise von Dir umgesetzt worden sein. |
|
29.12.2016, 10:08
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Eset findet 6 Trojaner Um den Rechner zu analysieren und zu bereinigen ist ein Gang ins Internet aber erforderlich. 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.12.2016, 12:03
| #9 |
| | Windows 7: Eset findet 6 TrojanerCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 29.12.2016 Suchlaufzeit: 10:15 Protokolldatei: MBAR.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.12.29.03 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: PC Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 325060 Abgelaufene Zeit: 9 Min., 20 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter 11:42:59.0715 0x1334 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
11:43:07.0327 0x1334 ============================================================
11:43:07.0327 0x1334 Current date / time: 2016/12/29 11:43:07.0327
11:43:07.0327 0x1334 SystemInfo:
11:43:07.0327 0x1334
11:43:07.0327 0x1334 OS Version: 6.1.7601 ServicePack: 1.0
11:43:07.0327 0x1334 Product type: Workstation
11:43:07.0327 0x1334 ComputerName: PC-PC
11:43:07.0327 0x1334 UserName: PC
11:43:07.0327 0x1334 Windows directory: C:\Windows
11:43:07.0327 0x1334 System windows directory: C:\Windows
11:43:07.0327 0x1334 Running under WOW64
11:43:07.0327 0x1334 Processor architecture: Intel x64
11:43:07.0327 0x1334 Number of processors: 2
11:43:07.0327 0x1334 Page size: 0x1000
11:43:07.0327 0x1334 Boot type: Normal boot
11:43:07.0327 0x1334 CodeIntegrityOptions = 0x00000001
11:43:07.0327 0x1334 ============================================================
11:43:15.0065 0x1334 KLMD registered as C:\Windows\system32\drivers\94819112.sys
11:43:15.0065 0x1334 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
11:43:16.0251 0x1334 System UUID: {77787518-603C-CF7E-04A7-C99401041361}
11:43:18.0669 0x1334 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:43:18.0684 0x1334 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:43:18.0731 0x1334 ============================================================
11:43:18.0731 0x1334 \Device\Harddisk0\DR0:
11:43:18.0731 0x1334 MBR partitions:
11:43:18.0731 0x1334 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A6E6000
11:43:18.0731 0x1334 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A6E6800, BlocksNum 0x38224800
11:43:18.0731 0x1334 \Device\Harddisk1\DR1:
11:43:18.0731 0x1334 MBR partitions:
11:43:18.0731 0x1334 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
11:43:18.0731 0x1334 ============================================================
11:43:19.0371 0x1334 C: <-> \Device\Harddisk0\DR0\Partition1
11:43:19.0714 0x1334 D: <-> \Device\Harddisk0\DR0\Partition2
11:43:19.0745 0x1334 J: <-> \Device\Harddisk1\DR1\Partition1
11:43:19.0745 0x1334 ============================================================
11:43:19.0745 0x1334 Initialize success
11:43:19.0745 0x1334 ============================================================
11:56:26.0414 0x1698 ============================================================
11:56:26.0414 0x1698 Scan started
11:56:26.0414 0x1698 Mode: Manual;
11:56:26.0414 0x1698 ============================================================
11:56:26.0414 0x1698 KSN ping started
11:56:26.0601 0x1698 KSN ping finished: false
11:56:28.0146 0x1698 ================ Scan system memory ========================
11:56:28.0146 0x1698 System memory - ok
11:56:28.0146 0x1698 ================ Scan services =============================
11:56:28.0333 0x1698 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:56:28.0333 0x1698 1394ohci - ok
11:56:28.0520 0x1698 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:56:28.0551 0x1698 ACPI - ok
11:56:28.0583 0x1698 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:56:28.0583 0x1698 AcpiPmi - ok
11:56:28.0692 0x1698 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:56:28.0692 0x1698 AdobeARMservice - ok
11:56:28.0817 0x1698 [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:56:28.0832 0x1698 AdobeFlashPlayerUpdateSvc - ok
11:56:28.0879 0x1698 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:56:28.0895 0x1698 adp94xx - ok
11:56:28.0910 0x1698 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:56:28.0926 0x1698 adpahci - ok
11:56:28.0926 0x1698 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:56:28.0926 0x1698 adpu320 - ok
11:56:28.0988 0x1698 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:56:28.0988 0x1698 AeLookupSvc - ok
11:56:29.0066 0x1698 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
11:56:29.0082 0x1698 AFD - ok
11:56:29.0097 0x1698 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
11:56:29.0097 0x1698 agp440 - ok
11:56:29.0129 0x1698 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:56:29.0129 0x1698 ALG - ok
11:56:29.0160 0x1698 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
11:56:29.0160 0x1698 aliide - ok
11:56:29.0222 0x1698 [ 5EC60409BD50953BD4F892B18840039E, E02B6646E4A6A965DF9FB0A226487733F16D68EB88AE7D263A40067279190A9D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:56:29.0238 0x1698 AMD External Events Utility - ok
11:56:29.0316 0x1698 AMD FUEL Service - ok
11:56:29.0363 0x1698 [ 30BFEEE0DFFD5BD79D29157CF080DEED, D3176AA5CFD43CAE7180E9E51A2C76DC2AC02897CA730391A54F647D263ED4E0 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
11:56:29.0363 0x1698 amdhub30 - ok
11:56:29.0394 0x1698 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
11:56:29.0394 0x1698 amdide - ok
11:56:29.0409 0x1698 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
11:56:29.0409 0x1698 amdiox64 - ok
11:56:29.0425 0x1698 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:56:29.0425 0x1698 AmdK8 - ok
11:56:29.0737 0x1698 [ 322E5C178990F116F00E3D923F4E6B1C, 1D39F9C371C7988299D7183C31641971E0398191287D72CE87ECC38398890B50 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:56:30.0049 0x1698 amdkmdag - ok
11:56:30.0096 0x1698 [ 961A81A84FDD700E361E8294528A37BA, B0F1F6479EE607C4BEEF624375BF01F766EBAD3403E503714848DD5546A2DF64 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:56:30.0111 0x1698 amdkmdap - ok
11:56:30.0127 0x1698 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:56:30.0143 0x1698 AmdPPM - ok
11:56:30.0189 0x1698 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:56:30.0189 0x1698 amdsata - ok
11:56:30.0189 0x1698 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:56:30.0205 0x1698 amdsbs - ok
11:56:30.0205 0x1698 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:56:30.0221 0x1698 amdxata - ok
11:56:30.0252 0x1698 [ 321533578132C811EC834A1B741C994C, 82B62C52018655B8A596E1E503CB31F0FA581780425A9FF44BE1248C0F3D4B3E ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
11:56:30.0267 0x1698 amdxhc - ok
11:56:30.0314 0x1698 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
11:56:30.0314 0x1698 AppID - ok
11:56:30.0330 0x1698 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:56:30.0330 0x1698 AppIDSvc - ok
11:56:30.0345 0x1698 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
11:56:30.0345 0x1698 Appinfo - ok
11:56:30.0361 0x1698 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
11:56:30.0361 0x1698 arc - ok
11:56:30.0377 0x1698 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:56:30.0377 0x1698 arcsas - ok
11:56:30.0533 0x1698 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:56:30.0533 0x1698 aspnet_state - ok
11:56:30.0564 0x1698 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:56:30.0564 0x1698 AsyncMac - ok
11:56:30.0579 0x1698 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
11:56:30.0579 0x1698 atapi - ok
11:56:30.0704 0x1698 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:56:30.0720 0x1698 AudioEndpointBuilder - ok
11:56:30.0751 0x1698 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:56:30.0751 0x1698 AudioSrv - ok
11:56:30.0907 0x1698 [ 77886F050DE9D0296B4BA7D7AD13A0BA, 132DADE478A11207984AF96A7049C872AFB02E46A5B4149050D3BC1A96F995ED ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
11:56:30.0954 0x1698 avgsvc - ok
11:56:31.0110 0x1698 [ 14FCA1D1720A68C2D586940ABBE2DB3C, 274DB01CFD3024357602748FE36882ACE6BB3764A9FB62B2B40F9232B84A9B3E ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
11:56:31.0125 0x1698 Avira.ServiceHost - ok
11:56:31.0172 0x1698 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:56:31.0172 0x1698 AxInstSV - ok
11:56:31.0235 0x1698 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:56:31.0250 0x1698 b06bdrv - ok
11:56:31.0281 0x1698 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:56:31.0297 0x1698 b57nd60a - ok
11:56:31.0328 0x1698 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:56:31.0328 0x1698 BDESVC - ok
11:56:31.0344 0x1698 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:56:31.0344 0x1698 Beep - ok
11:56:31.0391 0x1698 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
11:56:31.0406 0x1698 BFE - ok
11:56:31.0469 0x1698 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
11:56:31.0484 0x1698 BITS - ok
11:56:31.0515 0x1698 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:56:31.0515 0x1698 blbdrive - ok
11:56:31.0547 0x1698 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:56:31.0547 0x1698 bowser - ok
11:56:31.0562 0x1698 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:56:31.0562 0x1698 BrFiltLo - ok
11:56:31.0578 0x1698 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:56:31.0578 0x1698 BrFiltUp - ok
11:56:31.0625 0x1698 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
11:56:31.0625 0x1698 Browser - ok
11:56:31.0640 0x1698 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:56:31.0640 0x1698 Brserid - ok
11:56:31.0656 0x1698 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:56:31.0656 0x1698 BrSerWdm - ok
11:56:31.0671 0x1698 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:56:31.0671 0x1698 BrUsbMdm - ok
11:56:31.0687 0x1698 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:56:31.0687 0x1698 BrUsbSer - ok
11:56:31.0703 0x1698 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:56:31.0703 0x1698 BTHMODEM - ok
11:56:31.0718 0x1698 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:56:31.0718 0x1698 bthserv - ok
11:56:31.0718 0x1698 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:56:31.0718 0x1698 cdfs - ok
11:56:31.0765 0x1698 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:56:31.0765 0x1698 cdrom - ok
11:56:31.0781 0x1698 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
11:56:31.0781 0x1698 CertPropSvc - ok
11:56:31.0796 0x1698 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
11:56:31.0796 0x1698 circlass - ok
11:56:31.0827 0x1698 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
11:56:31.0843 0x1698 CLFS - ok
11:56:31.0921 0x1698 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:56:31.0937 0x1698 clr_optimization_v2.0.50727_32 - ok
11:56:31.0999 0x1698 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:56:31.0999 0x1698 clr_optimization_v2.0.50727_64 - ok
11:56:32.0124 0x1698 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:56:32.0124 0x1698 clr_optimization_v4.0.30319_32 - ok
11:56:32.0155 0x1698 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:56:32.0155 0x1698 clr_optimization_v4.0.30319_64 - ok
11:56:32.0171 0x1698 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:56:32.0171 0x1698 CmBatt - ok
11:56:32.0202 0x1698 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:56:32.0202 0x1698 cmdide - ok
11:56:32.0264 0x1698 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
11:56:32.0264 0x1698 CNG - ok
11:56:32.0280 0x1698 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:56:32.0280 0x1698 Compbatt - ok
11:56:32.0295 0x1698 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:56:32.0295 0x1698 CompositeBus - ok
11:56:32.0295 0x1698 COMSysApp - ok
11:56:32.0311 0x1698 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:56:32.0311 0x1698 crcdisk - ok
11:56:32.0358 0x1698 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:56:32.0358 0x1698 CryptSvc - ok
11:56:32.0420 0x1698 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
11:56:32.0436 0x1698 DcomLaunch - ok
11:56:32.0467 0x1698 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:56:32.0483 0x1698 defragsvc - ok
11:56:32.0514 0x1698 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:56:32.0529 0x1698 DfsC - ok
11:56:32.0545 0x1698 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:56:32.0545 0x1698 Dhcp - ok
11:56:32.0670 0x1698 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
11:56:32.0732 0x1698 DiagTrack - ok
11:56:32.0748 0x1698 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:56:32.0763 0x1698 discache - ok
11:56:32.0795 0x1698 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
11:56:32.0810 0x1698 Disk - ok
11:56:32.0857 0x1698 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:56:32.0873 0x1698 Dnscache - ok
11:56:32.0888 0x1698 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
11:56:32.0904 0x1698 dot3svc - ok
11:56:32.0919 0x1698 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
11:56:32.0919 0x1698 DPS - ok
11:56:32.0966 0x1698 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:56:32.0966 0x1698 drmkaud - ok
11:56:33.0060 0x1698 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:56:33.0075 0x1698 DXGKrnl - ok
11:56:33.0122 0x1698 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:56:33.0122 0x1698 EapHost - ok
11:56:33.0247 0x1698 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:56:33.0387 0x1698 ebdrv - ok
11:56:33.0419 0x1698 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS C:\Windows\System32\lsass.exe
11:56:33.0419 0x1698 EFS - ok
11:56:33.0528 0x1698 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:56:33.0559 0x1698 ehRecvr - ok
11:56:33.0559 0x1698 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
11:56:33.0575 0x1698 ehSched - ok
11:56:33.0590 0x1698 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:56:33.0606 0x1698 elxstor - ok
11:56:33.0621 0x1698 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:56:33.0621 0x1698 ErrDev - ok
11:56:33.0684 0x1698 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:56:33.0684 0x1698 EventSystem - ok
11:56:33.0699 0x1698 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:56:33.0715 0x1698 exfat - ok
11:56:33.0731 0x1698 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:56:33.0731 0x1698 fastfat - ok
11:56:33.0777 0x1698 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
11:56:33.0793 0x1698 Fax - ok
11:56:33.0809 0x1698 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
11:56:33.0809 0x1698 fdc - ok
11:56:33.0840 0x1698 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:56:33.0840 0x1698 fdPHost - ok
11:56:33.0840 0x1698 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:56:33.0840 0x1698 FDResPub - ok
11:56:33.0871 0x1698 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:56:33.0871 0x1698 FileInfo - ok
11:56:33.0887 0x1698 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:56:33.0887 0x1698 Filetrace - ok
11:56:33.0887 0x1698 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:56:33.0887 0x1698 flpydisk - ok
11:56:33.0902 0x1698 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:56:33.0918 0x1698 FltMgr - ok
11:56:33.0980 0x1698 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
11:56:34.0027 0x1698 FontCache - ok
11:56:34.0074 0x1698 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:56:34.0074 0x1698 FontCache3.0.0.0 - ok
11:56:34.0089 0x1698 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:56:34.0105 0x1698 FsDepends - ok
11:56:34.0121 0x1698 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:56:34.0121 0x1698 Fs_Rec - ok
11:56:34.0152 0x1698 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:56:34.0167 0x1698 fvevol - ok
11:56:34.0183 0x1698 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:56:34.0183 0x1698 gagp30kx - ok
11:56:34.0245 0x1698 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
11:56:34.0277 0x1698 gpsvc - ok
11:56:34.0386 0x1698 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:56:34.0386 0x1698 gupdate - ok
11:56:34.0401 0x1698 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:56:34.0401 0x1698 gupdatem - ok
11:56:34.0417 0x1698 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:56:34.0433 0x1698 hcw85cir - ok
11:56:34.0495 0x1698 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:56:34.0511 0x1698 HdAudAddService - ok
11:56:34.0526 0x1698 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:56:34.0526 0x1698 HDAudBus - ok
11:56:34.0542 0x1698 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:56:34.0542 0x1698 HidBatt - ok
11:56:34.0557 0x1698 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:56:34.0557 0x1698 HidBth - ok
11:56:34.0589 0x1698 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
11:56:34.0589 0x1698 HidIr - ok
11:56:34.0620 0x1698 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
11:56:34.0620 0x1698 hidserv - ok
11:56:34.0667 0x1698 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:56:34.0667 0x1698 HidUsb - ok
11:56:34.0682 0x1698 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:56:34.0682 0x1698 hkmsvc - ok
11:56:34.0698 0x1698 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:56:34.0713 0x1698 HomeGroupListener - ok
11:56:34.0760 0x1698 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:56:34.0776 0x1698 HomeGroupProvider - ok
11:56:34.0791 0x1698 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:56:34.0791 0x1698 HpSAMD - ok
11:56:34.0838 0x1698 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:56:34.0854 0x1698 HTTP - ok
11:56:34.0869 0x1698 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:56:34.0869 0x1698 hwpolicy - ok
11:56:34.0885 0x1698 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:56:34.0885 0x1698 i8042prt - ok
11:56:34.0932 0x1698 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:56:34.0947 0x1698 iaStorV - ok
11:56:35.0057 0x1698 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:56:35.0088 0x1698 idsvc - ok
11:56:35.0103 0x1698 IEEtwCollectorService - ok
11:56:35.0135 0x1698 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:56:35.0135 0x1698 iirsp - ok
11:56:35.0228 0x1698 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
11:56:35.0275 0x1698 IKEEXT - ok
11:56:35.0431 0x1698 [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:56:35.0509 0x1698 IntcAzAudAddService - ok
11:56:35.0525 0x1698 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
11:56:35.0525 0x1698 intelide - ok
11:56:35.0525 0x1698 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
11:56:35.0525 0x1698 intelppm - ok
11:56:35.0556 0x1698 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:56:35.0556 0x1698 IPBusEnum - ok
11:56:35.0556 0x1698 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:56:35.0556 0x1698 IpFilterDriver - ok
11:56:35.0634 0x1698 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:56:35.0649 0x1698 iphlpsvc - ok
11:56:35.0665 0x1698 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:56:35.0681 0x1698 IPMIDRV - ok
11:56:35.0696 0x1698 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:56:35.0696 0x1698 IPNAT - ok
11:56:35.0712 0x1698 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:56:35.0712 0x1698 IRENUM - ok
11:56:35.0727 0x1698 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:56:35.0743 0x1698 isapnp - ok
11:56:35.0759 0x1698 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:56:35.0759 0x1698 iScsiPrt - ok
11:56:35.0774 0x1698 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:56:35.0774 0x1698 kbdclass - ok
11:56:35.0790 0x1698 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:56:35.0790 0x1698 kbdhid - ok
11:56:35.0805 0x1698 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso C:\Windows\system32\lsass.exe
11:56:35.0805 0x1698 KeyIso - ok
11:56:35.0852 0x1698 [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:56:35.0852 0x1698 KSecDD - ok
11:56:35.0868 0x1698 [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:56:35.0883 0x1698 KSecPkg - ok
11:56:35.0899 0x1698 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:56:35.0899 0x1698 ksthunk - ok
11:56:35.0930 0x1698 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:56:35.0930 0x1698 KtmRm - ok
11:56:36.0008 0x1698 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:56:36.0039 0x1698 LanmanServer - ok
11:56:36.0055 0x1698 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:56:36.0055 0x1698 LanmanWorkstation - ok
11:56:36.0086 0x1698 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:56:36.0086 0x1698 lltdio - ok
11:56:36.0117 0x1698 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:56:36.0117 0x1698 lltdsvc - ok
11:56:36.0149 0x1698 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:56:36.0149 0x1698 lmhosts - ok
11:56:36.0164 0x1698 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:56:36.0180 0x1698 LSI_FC - ok
11:56:36.0195 0x1698 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:56:36.0195 0x1698 LSI_SAS - ok
11:56:36.0211 0x1698 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:56:36.0211 0x1698 LSI_SAS2 - ok
11:56:36.0227 0x1698 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:56:36.0227 0x1698 LSI_SCSI - ok
11:56:36.0242 0x1698 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:56:36.0242 0x1698 luafv - ok
11:56:36.0289 0x1698 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:56:36.0289 0x1698 MBAMProtector - ok
11:56:36.0398 0x1698 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:56:36.0445 0x1698 MBAMScheduler - ok
11:56:36.0492 0x1698 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:56:36.0523 0x1698 MBAMService - ok
11:56:36.0585 0x1698 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:56:36.0601 0x1698 MBAMSwissArmy - ok
11:56:36.0617 0x1698 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:56:36.0617 0x1698 MBAMWebAccessControl - ok
11:56:36.0757 0x1698 [ 429E9838454921D860277C4F164ED2B4, B45F9A9035DEB22AB3FC958278539647561B364FF8F9F2F12C590866927B6EB8 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe
11:56:36.0773 0x1698 McComponentHostService - ok
11:56:36.0804 0x1698 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:56:36.0819 0x1698 Mcx2Svc - ok
11:56:36.0851 0x1698 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
11:56:36.0851 0x1698 megasas - ok
11:56:36.0897 0x1698 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:56:36.0897 0x1698 MegaSR - ok
11:56:36.0929 0x1698 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:56:36.0944 0x1698 MMCSS - ok
11:56:36.0960 0x1698 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:56:36.0975 0x1698 Modem - ok
11:56:36.0975 0x1698 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:56:36.0975 0x1698 monitor - ok
11:56:36.0991 0x1698 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:56:37.0007 0x1698 mouclass - ok
11:56:37.0022 0x1698 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:56:37.0022 0x1698 mouhid - ok
11:56:37.0053 0x1698 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:56:37.0069 0x1698 mountmgr - ok
11:56:37.0116 0x1698 [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:56:37.0131 0x1698 MozillaMaintenance - ok
11:56:37.0147 0x1698 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
11:56:37.0147 0x1698 mpio - ok
11:56:37.0163 0x1698 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:56:37.0163 0x1698 mpsdrv - ok
11:56:37.0194 0x1698 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:56:37.0209 0x1698 MpsSvc - ok
11:56:37.0272 0x1698 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:56:37.0272 0x1698 MRxDAV - ok
11:56:37.0319 0x1698 [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:56:37.0334 0x1698 mrxsmb - ok
11:56:37.0397 0x1698 [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:56:37.0412 0x1698 mrxsmb10 - ok
11:56:37.0459 0x1698 [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:56:37.0475 0x1698 mrxsmb20 - ok
11:56:37.0506 0x1698 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
11:56:37.0506 0x1698 msahci - ok
11:56:37.0537 0x1698 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:56:37.0537 0x1698 msdsm - ok
11:56:37.0568 0x1698 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:56:37.0568 0x1698 MSDTC - ok
11:56:37.0584 0x1698 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:56:37.0584 0x1698 Msfs - ok
11:56:37.0599 0x1698 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:56:37.0599 0x1698 mshidkmdf - ok
11:56:37.0615 0x1698 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:56:37.0615 0x1698 msisadrv - ok
11:56:37.0631 0x1698 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:56:37.0646 0x1698 MSiSCSI - ok
11:56:37.0646 0x1698 msiserver - ok
11:56:37.0662 0x1698 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:56:37.0662 0x1698 MSKSSRV - ok
11:56:37.0677 0x1698 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:56:37.0677 0x1698 MSPCLOCK - ok
11:56:37.0709 0x1698 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:56:37.0709 0x1698 MSPQM - ok
11:56:37.0724 0x1698 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:56:37.0740 0x1698 MsRPC - ok
11:56:37.0755 0x1698 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:56:37.0771 0x1698 mssmbios - ok
11:56:37.0771 0x1698 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:56:37.0771 0x1698 MSTEE - ok
11:56:37.0787 0x1698 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:56:37.0787 0x1698 MTConfig - ok
11:56:37.0802 0x1698 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:56:37.0802 0x1698 Mup - ok
11:56:37.0865 0x1698 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
11:56:37.0896 0x1698 napagent - ok
11:56:37.0927 0x1698 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:56:37.0927 0x1698 NativeWifiP - ok
11:56:38.0036 0x1698 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:56:38.0067 0x1698 NDIS - ok
11:56:38.0083 0x1698 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:56:38.0083 0x1698 NdisCap - ok
11:56:38.0099 0x1698 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:56:38.0099 0x1698 NdisTapi - ok
11:56:38.0114 0x1698 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:56:38.0130 0x1698 Ndisuio - ok
11:56:38.0130 0x1698 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:56:38.0145 0x1698 NdisWan - ok
11:56:38.0161 0x1698 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:56:38.0161 0x1698 NDProxy - ok
11:56:38.0177 0x1698 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:56:38.0177 0x1698 NetBIOS - ok
11:56:38.0208 0x1698 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:56:38.0223 0x1698 NetBT - ok
11:56:38.0223 0x1698 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon C:\Windows\system32\lsass.exe
11:56:38.0239 0x1698 Netlogon - ok
11:56:38.0255 0x1698 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:56:38.0255 0x1698 Netman - ok
11:56:38.0317 0x1698 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0333 0x1698 NetMsmqActivator - ok
11:56:38.0348 0x1698 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0364 0x1698 NetPipeActivator - ok
11:56:38.0379 0x1698 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:56:38.0395 0x1698 netprofm - ok
11:56:38.0411 0x1698 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0411 0x1698 NetTcpActivator - ok
11:56:38.0411 0x1698 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0426 0x1698 NetTcpPortSharing - ok
11:56:38.0426 0x1698 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:56:38.0442 0x1698 nfrd960 - ok
11:56:38.0489 0x1698 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
11:56:38.0504 0x1698 NlaSvc - ok
11:56:38.0520 0x1698 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:56:38.0520 0x1698 Npfs - ok
11:56:38.0520 0x1698 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:56:38.0520 0x1698 nsi - ok
11:56:38.0535 0x1698 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:56:38.0551 0x1698 nsiproxy - ok
11:56:38.0660 0x1698 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:56:38.0754 0x1698 Ntfs - ok
11:56:38.0769 0x1698 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:56:38.0769 0x1698 Null - ok
11:56:38.0801 0x1698 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:56:38.0816 0x1698 nvraid - ok
11:56:38.0847 0x1698 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:56:38.0847 0x1698 nvstor - ok
11:56:38.0879 0x1698 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:56:38.0879 0x1698 nv_agp - ok
11:56:38.0910 0x1698 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:56:38.0910 0x1698 ohci1394 - ok
11:56:38.0988 0x1698 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:56:38.0988 0x1698 ose - ok
11:56:39.0222 0x1698 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:56:39.0315 0x1698 osppsvc - ok
11:56:39.0362 0x1698 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:56:39.0378 0x1698 p2pimsvc - ok
11:56:39.0425 0x1698 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:56:39.0425 0x1698 p2psvc - ok
11:56:39.0440 0x1698 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
11:56:39.0440 0x1698 Parport - ok
11:56:39.0487 0x1698 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:56:39.0487 0x1698 partmgr - ok
11:56:39.0534 0x1698 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
11:56:39.0549 0x1698 PcaSvc - ok
11:56:39.0581 0x1698 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
11:56:39.0581 0x1698 pci - ok
11:56:39.0596 0x1698 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
11:56:39.0596 0x1698 pciide - ok
11:56:39.0612 0x1698 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:56:39.0612 0x1698 pcmcia - ok
11:56:39.0627 0x1698 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:56:39.0627 0x1698 pcw - ok
11:56:39.0659 0x1698 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:56:39.0674 0x1698 PEAUTH - ok
11:56:39.0752 0x1698 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:56:39.0768 0x1698 PerfHost - ok
11:56:39.0846 0x1698 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
11:56:39.0893 0x1698 pla - ok
11:56:39.0971 0x1698 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:56:39.0986 0x1698 PlugPlay - ok
11:56:40.0002 0x1698 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:56:40.0002 0x1698 PNRPAutoReg - ok
11:56:40.0017 0x1698 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:56:40.0033 0x1698 PNRPsvc - ok
11:56:40.0080 0x1698 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:56:40.0095 0x1698 PolicyAgent - ok
11:56:40.0111 0x1698 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
11:56:40.0111 0x1698 Power - ok
11:56:40.0142 0x1698 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:56:40.0142 0x1698 PptpMiniport - ok
11:56:40.0158 0x1698 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
11:56:40.0158 0x1698 Processor - ok
11:56:40.0205 0x1698 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
11:56:40.0205 0x1698 ProfSvc - ok
11:56:40.0236 0x1698 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:56:40.0236 0x1698 ProtectedStorage - ok
11:56:40.0251 0x1698 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:56:40.0251 0x1698 Psched - ok
11:56:40.0298 0x1698 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:56:40.0345 0x1698 ql2300 - ok
11:56:40.0345 0x1698 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:56:40.0361 0x1698 ql40xx - ok
11:56:40.0376 0x1698 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:56:40.0376 0x1698 QWAVE - ok
11:56:40.0392 0x1698 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:56:40.0392 0x1698 QWAVEdrv - ok
11:56:40.0501 0x1698 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
11:56:40.0517 0x1698 RapiMgr - ok
11:56:40.0548 0x1698 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:56:40.0548 0x1698 RasAcd - ok
11:56:40.0595 0x1698 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:56:40.0610 0x1698 RasAgileVpn - ok
11:56:40.0626 0x1698 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:56:40.0641 0x1698 RasAuto - ok
11:56:40.0673 0x1698 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:56:40.0688 0x1698 Rasl2tp - ok
11:56:40.0719 0x1698 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
11:56:40.0719 0x1698 RasMan - ok
11:56:40.0751 0x1698 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:56:40.0751 0x1698 RasPppoe - ok
11:56:40.0766 0x1698 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:56:40.0766 0x1698 RasSstp - ok
11:56:40.0782 0x1698 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:56:40.0797 0x1698 rdbss - ok
11:56:40.0797 0x1698 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:56:40.0813 0x1698 rdpbus - ok
11:56:40.0829 0x1698 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:56:40.0829 0x1698 RDPCDD - ok
11:56:40.0844 0x1698 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:56:40.0860 0x1698 RDPENCDD - ok
11:56:40.0891 0x1698 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:56:40.0891 0x1698 RDPREFMP - ok
11:56:40.0985 0x1698 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:56:41.0000 0x1698 RdpVideoMiniport - ok
11:56:41.0063 0x1698 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:56:41.0078 0x1698 RDPWD - ok
11:56:41.0094 0x1698 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:56:41.0109 0x1698 rdyboost - ok
11:56:41.0141 0x1698 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:56:41.0141 0x1698 RemoteAccess - ok
11:56:41.0172 0x1698 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:56:41.0172 0x1698 RemoteRegistry - ok
11:56:41.0187 0x1698 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:56:41.0187 0x1698 RpcEptMapper - ok
11:56:41.0203 0x1698 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:56:41.0203 0x1698 RpcLocator - ok
11:56:41.0265 0x1698 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
11:56:41.0281 0x1698 RpcSs - ok
11:56:41.0297 0x1698 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:56:41.0297 0x1698 rspndr - ok
11:56:41.0343 0x1698 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:56:41.0359 0x1698 RTL8167 - ok
11:56:41.0375 0x1698 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs C:\Windows\system32\lsass.exe
11:56:41.0375 0x1698 SamSs - ok
11:56:41.0390 0x1698 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:56:41.0390 0x1698 sbp2port - ok
11:56:41.0421 0x1698 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:56:41.0437 0x1698 SCardSvr - ok
11:56:41.0453 0x1698 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:56:41.0453 0x1698 scfilter - ok
11:56:41.0499 0x1698 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
11:56:41.0546 0x1698 Schedule - ok
11:56:41.0577 0x1698 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:56:41.0577 0x1698 SCPolicySvc - ok
11:56:41.0593 0x1698 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:56:41.0609 0x1698 SDRSVC - ok
11:56:41.0624 0x1698 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:56:41.0624 0x1698 secdrv - ok
11:56:41.0655 0x1698 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
11:56:41.0655 0x1698 seclogon - ok
11:56:41.0671 0x1698 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
11:56:41.0671 0x1698 SENS - ok
11:56:41.0687 0x1698 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:56:41.0687 0x1698 SensrSvc - ok
11:56:41.0702 0x1698 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
11:56:41.0702 0x1698 Serenum - ok
11:56:41.0702 0x1698 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
11:56:41.0718 0x1698 Serial - ok
11:56:41.0718 0x1698 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:56:41.0718 0x1698 sermouse - ok
11:56:41.0749 0x1698 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
11:56:41.0749 0x1698 SessionEnv - ok
11:56:41.0749 0x1698 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:56:41.0749 0x1698 sffdisk - ok
11:56:41.0765 0x1698 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:56:41.0765 0x1698 sffp_mmc - ok
11:56:41.0780 0x1698 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:56:41.0780 0x1698 sffp_sd - ok
11:56:41.0780 0x1698 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:56:41.0780 0x1698 sfloppy - ok
11:56:41.0811 0x1698 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:56:41.0811 0x1698 SharedAccess - ok
11:56:41.0843 0x1698 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:56:41.0843 0x1698 ShellHWDetection - ok
11:56:41.0858 0x1698 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:56:41.0858 0x1698 SiSRaid2 - ok
11:56:41.0858 0x1698 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:56:41.0858 0x1698 SiSRaid4 - ok
11:56:41.0874 0x1698 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:56:41.0874 0x1698 Smb - ok
11:56:41.0905 0x1698 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:56:41.0905 0x1698 SNMPTRAP - ok
11:56:42.0014 0x1698 [ 97F08F8E5CB913E3DF467A35767866B6, F75C1D157D7AF5C2B691D8495D38C5A65944C93F5D4A3EA9813B07E4AF3E3E68 ] SpeedupService C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
11:56:42.0014 0x1698 SpeedupService - ok
11:56:42.0030 0x1698 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:56:42.0045 0x1698 spldr - ok
11:56:42.0123 0x1698 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
11:56:42.0155 0x1698 Spooler - ok
11:56:42.0295 0x1698 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
11:56:42.0404 0x1698 sppsvc - ok
11:56:42.0435 0x1698 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:56:42.0435 0x1698 sppuinotify - ok
11:56:42.0498 0x1698 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:56:42.0498 0x1698 srv - ok
11:56:42.0529 0x1698 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:56:42.0529 0x1698 srv2 - ok
11:56:42.0545 0x1698 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:56:42.0560 0x1698 srvnet - ok
11:56:42.0576 0x1698 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:56:42.0576 0x1698 SSDPSRV - ok
11:56:42.0591 0x1698 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:56:42.0591 0x1698 SstpSvc - ok
11:56:42.0623 0x1698 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:56:42.0623 0x1698 stexstor - ok
11:56:42.0669 0x1698 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
11:56:42.0685 0x1698 stisvc - ok
11:56:42.0716 0x1698 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:56:42.0716 0x1698 swenum - ok
11:56:42.0747 0x1698 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:56:42.0747 0x1698 swprv - ok
11:56:42.0841 0x1698 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
11:56:42.0888 0x1698 SysMain - ok
11:56:42.0903 0x1698 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:56:42.0919 0x1698 TabletInputService - ok
11:56:42.0935 0x1698 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
11:56:42.0935 0x1698 TapiSrv - ok
11:56:43.0044 0x1698 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:56:43.0091 0x1698 Tcpip - ok
11:56:43.0169 0x1698 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:56:43.0200 0x1698 TCPIP6 - ok
11:56:43.0215 0x1698 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:56:43.0231 0x1698 tcpipreg - ok
11:56:43.0231 0x1698 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:56:43.0231 0x1698 TDPIPE - ok
11:56:43.0278 0x1698 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:56:43.0278 0x1698 TDTCP - ok
11:56:43.0325 0x1698 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:56:43.0340 0x1698 tdx - ok
11:56:43.0356 0x1698 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:56:43.0356 0x1698 TermDD - ok
11:56:43.0418 0x1698 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
11:56:43.0434 0x1698 TermService - ok
11:56:43.0449 0x1698 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:56:43.0449 0x1698 Themes - ok
11:56:43.0481 0x1698 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:56:43.0496 0x1698 THREADORDER - ok
11:56:43.0527 0x1698 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:56:43.0543 0x1698 TrkWks - ok
11:56:43.0637 0x1698 [ 6D8B6AFF929CFEBD77EE8CC1D03857A7, D40B630A31BBAE97EFA09E6DC59C1C20B0563CF1E38BE207BB577705B5A09159 ] TrueKey C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
11:56:43.0683 0x1698 TrueKey - ok
11:56:43.0730 0x1698 [ 050BDF54D8D89C14971FA7A928A8C781, B05FA95082FE1AD0DA8613C01E9AACD18005104353E1584519754DB1D2F2323D ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
11:56:43.0730 0x1698 TrueKeyScheduler - ok
11:56:43.0746 0x1698 [ A954D5B1BC55BCA1308CA001C08DCB8F, F5BC1FD813B9D276DD61C3AEAFD76D07405F70AA6691A340B70D53E1D2F9753A ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
11:56:43.0761 0x1698 TrueKeyServiceHelper - ok
11:56:43.0808 0x1698 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:56:43.0824 0x1698 TrustedInstaller - ok
11:56:43.0871 0x1698 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:56:43.0871 0x1698 tssecsrv - ok
11:56:43.0933 0x1698 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:56:43.0933 0x1698 TsUsbFlt - ok
11:56:43.0964 0x1698 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:56:43.0980 0x1698 TsUsbGD - ok
11:56:44.0214 0x1698 [ 2F09E7B063C0DB79A8CA4EDB66429F6B, D3525F064D796544F7EAF9D5C37EDF33E08A19A7C13E2ABD4FD7119CF0C8E5E4 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
11:56:44.0385 0x1698 TuneUp.UtilitiesSvc - ok
11:56:44.0432 0x1698 [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
11:56:44.0432 0x1698 TuneUpUtilitiesDrv - ok
11:56:44.0463 0x1698 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:56:44.0463 0x1698 tunnel - ok
11:56:44.0495 0x1698 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:56:44.0495 0x1698 uagp35 - ok
11:56:44.0495 0x1698 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:56:44.0510 0x1698 udfs - ok
11:56:44.0541 0x1698 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:56:44.0557 0x1698 UI0Detect - ok
11:56:44.0557 0x1698 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:56:44.0573 0x1698 uliagpkx - ok
11:56:44.0588 0x1698 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:56:44.0588 0x1698 umbus - ok
11:56:44.0604 0x1698 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
11:56:44.0604 0x1698 UmPass - ok
11:56:44.0619 0x1698 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:56:44.0619 0x1698 upnphost - ok
11:56:44.0666 0x1698 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
11:56:44.0666 0x1698 usbccgp - ok
11:56:44.0697 0x1698 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:56:44.0713 0x1698 usbcir - ok
11:56:44.0744 0x1698 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:56:44.0744 0x1698 usbehci - ok
11:56:44.0807 0x1698 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
11:56:44.0822 0x1698 usbhub - ok
11:56:44.0869 0x1698 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:56:44.0869 0x1698 usbohci - ok
11:56:44.0885 0x1698 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:56:44.0900 0x1698 usbprint - ok
11:56:44.0931 0x1698 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:56:44.0931 0x1698 usbscan - ok
11:56:44.0994 0x1698 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:56:44.0994 0x1698 USBSTOR - ok
11:56:45.0041 0x1698 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:56:45.0041 0x1698 usbuhci - ok
11:56:45.0061 0x1698 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:56:45.0064 0x1698 UxSms - ok
11:56:45.0126 0x1698 [ D4070827C8EE4039FD65532CED62C0B0, 03270B9F74F48C92F1DFA15BD9F451CD19AE78D390717E2C2B8B0A2810454916 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
11:56:45.0126 0x1698 UxTuneUp - ok
11:56:45.0146 0x1698 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc C:\Windows\system32\lsass.exe
11:56:45.0146 0x1698 VaultSvc - ok
11:56:45.0166 0x1698 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:56:45.0166 0x1698 vdrvroot - ok
11:56:45.0186 0x1698 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
11:56:45.0206 0x1698 vds - ok
11:56:45.0216 0x1698 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:56:45.0216 0x1698 vga - ok
11:56:45.0236 0x1698 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:56:45.0236 0x1698 VgaSave - ok
11:56:45.0276 0x1698 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:56:45.0276 0x1698 vhdmp - ok
11:56:45.0286 0x1698 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
11:56:45.0286 0x1698 viaide - ok
11:56:45.0316 0x1698 VideoAcceleratorService - ok
11:56:45.0326 0x1698 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:56:45.0336 0x1698 volmgr - ok
11:56:45.0376 0x1698 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:56:45.0386 0x1698 volmgrx - ok
11:56:45.0436 0x1698 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:56:45.0436 0x1698 volsnap - ok
11:56:45.0456 0x1698 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:56:45.0466 0x1698 vsmraid - ok
11:56:45.0586 0x1698 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
11:56:45.0636 0x1698 VSS - ok
11:56:45.0656 0x1698 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:56:45.0666 0x1698 vwifibus - ok
11:56:45.0676 0x1698 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
11:56:45.0692 0x1698 W32Time - ok
11:56:45.0739 0x1698 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:56:45.0739 0x1698 WacomPen - ok
11:56:45.0754 0x1698 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:56:45.0770 0x1698 WANARP - ok
11:56:45.0770 0x1698 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:56:45.0770 0x1698 Wanarpv6 - ok
11:56:45.0832 0x1698 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
11:56:45.0879 0x1698 wbengine - ok
11:56:45.0895 0x1698 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:56:45.0895 0x1698 WbioSrvc - ok
11:56:45.0973 0x1698 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
11:56:45.0988 0x1698 WcesComm - ok
11:56:46.0004 0x1698 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:56:46.0019 0x1698 wcncsvc - ok
11:56:46.0019 0x1698 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:56:46.0019 0x1698 WcsPlugInService - ok
11:56:46.0035 0x1698 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
11:56:46.0035 0x1698 Wd - ok
11:56:46.0129 0x1698 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:56:46.0160 0x1698 Wdf01000 - ok
11:56:46.0207 0x1698 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:56:46.0207 0x1698 WdiServiceHost - ok
11:56:46.0207 0x1698 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:56:46.0222 0x1698 WdiSystemHost - ok
11:56:46.0269 0x1698 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
11:56:46.0300 0x1698 WebClient - ok
11:56:46.0409 0x1698 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:56:46.0425 0x1698 Wecsvc - ok
11:56:46.0456 0x1698 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:56:46.0456 0x1698 wercplsupport - ok
11:56:46.0472 0x1698 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:56:46.0472 0x1698 WerSvc - ok
11:56:46.0487 0x1698 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:56:46.0487 0x1698 WfpLwf - ok
11:56:46.0503 0x1698 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:56:46.0503 0x1698 WIMMount - ok
11:56:46.0534 0x1698 WinDefend - ok
11:56:46.0550 0x1698 WinHttpAutoProxySvc - ok
11:56:46.0643 0x1698 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:56:46.0659 0x1698 Winmgmt - ok
11:56:46.0799 0x1698 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
11:56:46.0893 0x1698 WinRM - ok
11:56:46.0971 0x1698 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
11:56:46.0971 0x1698 WINUSB - ok
11:56:47.0049 0x1698 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:56:47.0080 0x1698 Wlansvc - ok
11:56:47.0096 0x1698 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:56:47.0096 0x1698 WmiAcpi - ok
11:56:47.0111 0x1698 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:56:47.0111 0x1698 wmiApSrv - ok
11:56:47.0127 0x1698 WMPNetworkSvc - ok
11:56:47.0127 0x1698 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:56:47.0143 0x1698 WPCSvc - ok
11:56:47.0158 0x1698 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:56:47.0158 0x1698 WPDBusEnum - ok
11:56:47.0174 0x1698 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:56:47.0174 0x1698 ws2ifsl - ok
11:56:47.0189 0x1698 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
11:56:47.0189 0x1698 wscsvc - ok
11:56:47.0189 0x1698 WSearch - ok
11:56:47.0330 0x1698 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
11:56:47.0408 0x1698 wuauserv - ok
11:56:47.0439 0x1698 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:56:47.0439 0x1698 WudfPf - ok
11:56:47.0455 0x1698 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:56:47.0470 0x1698 WUDFRd - ok
11:56:47.0470 0x1698 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:56:47.0486 0x1698 wudfsvc - ok
11:56:47.0517 0x1698 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:56:47.0533 0x1698 WwanSvc - ok
11:56:47.0548 0x1698 ================ Scan global ===============================
11:56:47.0579 0x1698 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:56:47.0611 0x1698 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:56:47.0642 0x1698 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:56:47.0689 0x1698 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:56:47.0735 0x1698 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:56:47.0767 0x1698 [ Global ] - ok
11:56:47.0767 0x1698 ================ Scan MBR ==================================
11:56:47.0782 0x1698 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:56:48.0079 0x1698 \Device\Harddisk0\DR0 - ok
11:56:48.0110 0x1698 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:56:48.0110 0x1698 \Device\Harddisk1\DR1 - ok
11:56:48.0110 0x1698 ================ Scan VBR ==================================
11:56:48.0125 0x1698 [ F6E7A47FFCD6127538C5F49E09D7824B ] \Device\Harddisk0\DR0\Partition1
11:56:48.0125 0x1698 \Device\Harddisk0\DR0\Partition1 - ok
11:56:48.0125 0x1698 [ 463D0D2A22BFCBA0CF91A5E133E380C5 ] \Device\Harddisk0\DR0\Partition2
11:56:48.0125 0x1698 \Device\Harddisk0\DR0\Partition2 - ok
11:56:48.0125 0x1698 [ 92850CECA0DEE3995D3D02D544E918DA ] \Device\Harddisk1\DR1\Partition1
11:56:48.0141 0x1698 \Device\Harddisk1\DR1\Partition1 - ok
11:56:48.0141 0x1698 ================ Scan generic autorun ======================
11:56:48.0203 0x1698 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
11:56:48.0219 0x1698 Windows Mobile Device Center - ok
11:56:48.0375 0x1698 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:56:48.0422 0x1698 Sidebar - ok
11:56:48.0469 0x1698 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:56:48.0484 0x1698 mctadmin - ok
11:56:48.0547 0x1698 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:56:48.0578 0x1698 Sidebar - ok
11:56:48.0687 0x1698 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:56:48.0703 0x1698 mctadmin - ok
11:56:48.0796 0x1698 [ 23345F9256FFB4C68A75F2127DD6C21D, 97B029E75C2C4774C0893FB4D274A6F6CE28719842E4842FE3ABA445B5769916 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
11:56:48.0812 0x1698 Firefox - ok
11:56:48.0983 0x1698 Win FW state via NFP2: enabled ( trusted )
11:56:48.0983 0x1698 ============================================================
11:56:48.0983 0x1698 Scan finished
11:56:48.0983 0x1698 ============================================================
11:56:48.0999 0x109c Detected object count: 0
11:56:48.0999 0x109c Actual detected object count: 0
|
|
29.12.2016, 12:06
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Eset findet 6 TrojanerZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.12.2016, 12:23
| #11 |
| | Windows 7: Eset findet 6 TrojanerCode:
ATTFilter 12:08:57.0068 0x126c TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
12:09:25.0195 0x126c ============================================================
12:09:25.0195 0x126c Current date / time: 2016/12/29 12:09:25.0195
12:09:25.0195 0x126c SystemInfo:
12:09:25.0195 0x126c
12:09:25.0210 0x126c OS Version: 6.1.7601 ServicePack: 1.0
12:09:25.0210 0x126c Product type: Workstation
12:09:25.0210 0x126c ComputerName: PC-PC
12:09:25.0210 0x126c UserName: PC
12:09:25.0210 0x126c Windows directory: C:\Windows
12:09:25.0210 0x126c System windows directory: C:\Windows
12:09:25.0210 0x126c Running under WOW64
12:09:25.0210 0x126c Processor architecture: Intel x64
12:09:25.0210 0x126c Number of processors: 2
12:09:25.0210 0x126c Page size: 0x1000
12:09:25.0210 0x126c Boot type: Normal boot
12:09:25.0210 0x126c CodeIntegrityOptions = 0x00000001
12:09:25.0210 0x126c ============================================================
12:09:27.0223 0x126c KLMD registered as C:\Windows\system32\drivers\14141630.sys
12:09:27.0223 0x126c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
12:09:27.0457 0x126c System UUID: {77787518-603C-CF7E-04A7-C99401041361}
12:09:27.0971 0x126c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:09:27.0987 0x126c Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:09:28.0018 0x126c ============================================================
12:09:28.0018 0x126c \Device\Harddisk0\DR0:
12:09:28.0018 0x126c MBR partitions:
12:09:28.0018 0x126c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A6E6000
12:09:28.0018 0x126c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A6E6800, BlocksNum 0x38224800
12:09:28.0018 0x126c \Device\Harddisk1\DR1:
12:09:28.0018 0x126c MBR partitions:
12:09:28.0018 0x126c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:09:28.0018 0x126c ============================================================
12:09:28.0034 0x126c C: <-> \Device\Harddisk0\DR0\Partition1
12:09:28.0065 0x126c D: <-> \Device\Harddisk0\DR0\Partition2
12:09:28.0081 0x126c J: <-> \Device\Harddisk1\DR1\Partition1
12:09:28.0081 0x126c ============================================================
12:09:28.0081 0x126c Initialize success
12:09:28.0081 0x126c ============================================================
12:18:15.0689 0x13c4 ============================================================
12:18:15.0689 0x13c4 Scan started
12:18:15.0705 0x13c4 Mode: Manual; SigCheck; TDLFS;
12:18:15.0705 0x13c4 ============================================================
12:18:15.0705 0x13c4 KSN ping started
12:18:15.0720 0x13c4 KSN ping finished: false
12:18:16.0391 0x13c4 ================ Scan system memory ========================
12:18:16.0391 0x13c4 System memory - ok
12:18:16.0391 0x13c4 ================ Scan services =============================
12:18:16.0563 0x13c4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:18:16.0750 0x13c4 1394ohci - ok
12:18:16.0781 0x13c4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:18:16.0797 0x13c4 ACPI - ok
12:18:16.0812 0x13c4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:18:16.0875 0x13c4 AcpiPmi - ok
12:18:16.0984 0x13c4 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:18:17.0015 0x13c4 AdobeARMservice - ok
12:18:17.0140 0x13c4 [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:18:17.0171 0x13c4 AdobeFlashPlayerUpdateSvc - ok
12:18:17.0187 0x13c4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:18:17.0218 0x13c4 adp94xx - ok
12:18:17.0233 0x13c4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:18:17.0249 0x13c4 adpahci - ok
12:18:17.0249 0x13c4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:18:17.0265 0x13c4 adpu320 - ok
12:18:17.0311 0x13c4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:18:17.0327 0x13c4 AeLookupSvc - ok
12:18:17.0374 0x13c4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
12:18:17.0436 0x13c4 AFD - ok
12:18:17.0452 0x13c4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:18:17.0467 0x13c4 agp440 - ok
12:18:17.0514 0x13c4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:18:17.0608 0x13c4 ALG - ok
12:18:17.0639 0x13c4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:18:17.0670 0x13c4 aliide - ok
12:18:17.0733 0x13c4 [ 5EC60409BD50953BD4F892B18840039E, E02B6646E4A6A965DF9FB0A226487733F16D68EB88AE7D263A40067279190A9D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:18:17.0779 0x13c4 AMD External Events Utility - ok
12:18:17.0873 0x13c4 AMD FUEL Service - ok
12:18:17.0920 0x13c4 [ 30BFEEE0DFFD5BD79D29157CF080DEED, D3176AA5CFD43CAE7180E9E51A2C76DC2AC02897CA730391A54F647D263ED4E0 ] amdhub30 C:\Windows\system32\DRIVERS\amdhub30.sys
12:18:17.0998 0x13c4 amdhub30 - ok
12:18:18.0029 0x13c4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:18:18.0045 0x13c4 amdide - ok
12:18:18.0060 0x13c4 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
12:18:18.0076 0x13c4 amdiox64 - ok
12:18:18.0091 0x13c4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:18:18.0107 0x13c4 AmdK8 - ok
12:18:18.0450 0x13c4 [ 322E5C178990F116F00E3D923F4E6B1C, 1D39F9C371C7988299D7183C31641971E0398191287D72CE87ECC38398890B50 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:18:18.0715 0x13c4 amdkmdag - ok
12:18:18.0762 0x13c4 [ 961A81A84FDD700E361E8294528A37BA, B0F1F6479EE607C4BEEF624375BF01F766EBAD3403E503714848DD5546A2DF64 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:18:18.0778 0x13c4 amdkmdap - ok
12:18:18.0809 0x13c4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:18:18.0825 0x13c4 AmdPPM - ok
12:18:18.0903 0x13c4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:18:18.0918 0x13c4 amdsata - ok
12:18:18.0934 0x13c4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:18:18.0949 0x13c4 amdsbs - ok
12:18:18.0965 0x13c4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:18:18.0981 0x13c4 amdxata - ok
12:18:19.0027 0x13c4 [ 321533578132C811EC834A1B741C994C, 82B62C52018655B8A596E1E503CB31F0FA581780425A9FF44BE1248C0F3D4B3E ] amdxhc C:\Windows\system32\DRIVERS\amdxhc.sys
12:18:19.0043 0x13c4 amdxhc - ok
12:18:19.0074 0x13c4 [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID C:\Windows\system32\drivers\appid.sys
12:18:19.0152 0x13c4 AppID - ok
12:18:19.0168 0x13c4 [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:18:19.0199 0x13c4 AppIDSvc - ok
12:18:19.0215 0x13c4 [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
12:18:19.0261 0x13c4 Appinfo - ok
12:18:19.0261 0x13c4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:18:19.0277 0x13c4 arc - ok
12:18:19.0293 0x13c4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:18:19.0293 0x13c4 arcsas - ok
12:18:19.0449 0x13c4 [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:18:19.0480 0x13c4 aspnet_state - ok
12:18:19.0511 0x13c4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:18:19.0636 0x13c4 AsyncMac - ok
12:18:19.0667 0x13c4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:18:19.0667 0x13c4 atapi - ok
12:18:19.0761 0x13c4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:18:19.0807 0x13c4 AudioEndpointBuilder - ok
12:18:19.0839 0x13c4 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:18:19.0854 0x13c4 AudioSrv - ok
12:18:19.0995 0x13c4 [ 77886F050DE9D0296B4BA7D7AD13A0BA, 132DADE478A11207984AF96A7049C872AFB02E46A5B4149050D3BC1A96F995ED ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
12:18:20.0041 0x13c4 avgsvc - ok
12:18:20.0166 0x13c4 [ 14FCA1D1720A68C2D586940ABBE2DB3C, 274DB01CFD3024357602748FE36882ACE6BB3764A9FB62B2B40F9232B84A9B3E ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:18:20.0213 0x13c4 Avira.ServiceHost - ok
12:18:20.0275 0x13c4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:18:20.0369 0x13c4 AxInstSV - ok
12:18:20.0447 0x13c4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:18:20.0541 0x13c4 b06bdrv - ok
12:18:20.0603 0x13c4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:18:20.0650 0x13c4 b57nd60a - ok
12:18:20.0681 0x13c4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:18:20.0728 0x13c4 BDESVC - ok
12:18:20.0743 0x13c4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:18:20.0806 0x13c4 Beep - ok
12:18:20.0884 0x13c4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:18:20.0931 0x13c4 BFE - ok
12:18:20.0993 0x13c4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:18:21.0102 0x13c4 BITS - ok
12:18:21.0133 0x13c4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:18:21.0180 0x13c4 blbdrive - ok
12:18:21.0211 0x13c4 [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:18:21.0274 0x13c4 bowser - ok
12:18:21.0289 0x13c4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:18:21.0305 0x13c4 BrFiltLo - ok
12:18:21.0321 0x13c4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:18:21.0352 0x13c4 BrFiltUp - ok
12:18:21.0383 0x13c4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:18:21.0414 0x13c4 Browser - ok
12:18:21.0430 0x13c4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:18:21.0461 0x13c4 Brserid - ok
12:18:21.0477 0x13c4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:18:21.0492 0x13c4 BrSerWdm - ok
12:18:21.0508 0x13c4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:18:21.0539 0x13c4 BrUsbMdm - ok
12:18:21.0555 0x13c4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:18:21.0570 0x13c4 BrUsbSer - ok
12:18:21.0570 0x13c4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:18:21.0601 0x13c4 BTHMODEM - ok
12:18:21.0648 0x13c4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:18:21.0679 0x13c4 bthserv - ok
12:18:21.0695 0x13c4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:18:21.0726 0x13c4 cdfs - ok
12:18:21.0757 0x13c4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:18:21.0773 0x13c4 cdrom - ok
12:18:21.0804 0x13c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:18:21.0835 0x13c4 CertPropSvc - ok
12:18:21.0835 0x13c4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:18:21.0851 0x13c4 circlass - ok
12:18:21.0913 0x13c4 [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
12:18:21.0945 0x13c4 CLFS - ok
12:18:22.0038 0x13c4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:18:22.0069 0x13c4 clr_optimization_v2.0.50727_32 - ok
12:18:22.0116 0x13c4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:18:22.0132 0x13c4 clr_optimization_v2.0.50727_64 - ok
12:18:22.0257 0x13c4 [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:18:22.0288 0x13c4 clr_optimization_v4.0.30319_32 - ok
12:18:22.0303 0x13c4 [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:18:22.0319 0x13c4 clr_optimization_v4.0.30319_64 - ok
12:18:22.0335 0x13c4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:18:22.0366 0x13c4 CmBatt - ok
12:18:22.0381 0x13c4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:18:22.0381 0x13c4 cmdide - ok
12:18:22.0428 0x13c4 [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
12:18:22.0444 0x13c4 CNG - ok
12:18:22.0444 0x13c4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:18:22.0459 0x13c4 Compbatt - ok
12:18:22.0475 0x13c4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:18:22.0491 0x13c4 CompositeBus - ok
12:18:22.0506 0x13c4 COMSysApp - ok
12:18:22.0537 0x13c4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:18:22.0537 0x13c4 crcdisk - ok
12:18:22.0600 0x13c4 [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:18:22.0647 0x13c4 CryptSvc - ok
12:18:22.0693 0x13c4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
12:18:22.0740 0x13c4 DcomLaunch - ok
12:18:22.0803 0x13c4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:18:22.0865 0x13c4 defragsvc - ok
12:18:22.0896 0x13c4 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:18:22.0959 0x13c4 DfsC - ok
12:18:22.0990 0x13c4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:18:23.0052 0x13c4 Dhcp - ok
12:18:23.0161 0x13c4 [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
12:18:23.0224 0x13c4 DiagTrack - ok
12:18:23.0239 0x13c4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:18:23.0317 0x13c4 discache - ok
12:18:23.0364 0x13c4 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
12:18:23.0380 0x13c4 Disk - ok
12:18:23.0427 0x13c4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:18:23.0473 0x13c4 Dnscache - ok
12:18:23.0505 0x13c4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:18:23.0551 0x13c4 dot3svc - ok
12:18:23.0583 0x13c4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:18:23.0614 0x13c4 DPS - ok
12:18:23.0676 0x13c4 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:18:23.0707 0x13c4 drmkaud - ok
12:18:23.0801 0x13c4 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:18:23.0848 0x13c4 DXGKrnl - ok
12:18:23.0863 0x13c4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:18:23.0895 0x13c4 EapHost - ok
12:18:24.0004 0x13c4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:18:24.0082 0x13c4 ebdrv - ok
12:18:24.0129 0x13c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS C:\Windows\System32\lsass.exe
12:18:24.0160 0x13c4 EFS - ok
12:18:24.0285 0x13c4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:18:24.0363 0x13c4 ehRecvr - ok
12:18:24.0378 0x13c4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:18:24.0425 0x13c4 ehSched - ok
12:18:24.0472 0x13c4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:18:24.0503 0x13c4 elxstor - ok
12:18:24.0519 0x13c4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:18:24.0534 0x13c4 ErrDev - ok
12:18:24.0581 0x13c4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:18:24.0628 0x13c4 EventSystem - ok
12:18:24.0659 0x13c4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:18:24.0690 0x13c4 exfat - ok
12:18:24.0706 0x13c4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:18:24.0753 0x13c4 fastfat - ok
12:18:24.0799 0x13c4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:18:24.0831 0x13c4 Fax - ok
12:18:24.0846 0x13c4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:18:24.0862 0x13c4 fdc - ok
12:18:24.0877 0x13c4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:18:24.0909 0x13c4 fdPHost - ok
12:18:24.0924 0x13c4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:18:24.0955 0x13c4 FDResPub - ok
12:18:24.0987 0x13c4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:18:24.0987 0x13c4 FileInfo - ok
12:18:25.0002 0x13c4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:18:25.0096 0x13c4 Filetrace - ok
12:18:25.0111 0x13c4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:18:25.0127 0x13c4 flpydisk - ok
12:18:25.0143 0x13c4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:18:25.0158 0x13c4 FltMgr - ok
12:18:25.0252 0x13c4 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
12:18:25.0361 0x13c4 FontCache - ok
12:18:25.0486 0x13c4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:18:25.0517 0x13c4 FontCache3.0.0.0 - ok
12:18:25.0517 0x13c4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:18:25.0548 0x13c4 FsDepends - ok
12:18:25.0720 0x13c4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:18:25.0751 0x13c4 Fs_Rec - ok
12:18:25.0813 0x13c4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:18:25.0845 0x13c4 fvevol - ok
12:18:25.0845 0x13c4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:18:25.0860 0x13c4 gagp30kx - ok
12:18:25.0938 0x13c4 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
12:18:26.0001 0x13c4 gpsvc - ok
12:18:26.0094 0x13c4 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:18:26.0125 0x13c4 gupdate - ok
12:18:26.0157 0x13c4 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:18:26.0157 0x13c4 gupdatem - ok
12:18:26.0172 0x13c4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:18:26.0250 0x13c4 hcw85cir - ok
12:18:26.0313 0x13c4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:18:26.0359 0x13c4 HdAudAddService - ok
12:18:26.0391 0x13c4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:18:26.0406 0x13c4 HDAudBus - ok
12:18:26.0406 0x13c4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:18:26.0422 0x13c4 HidBatt - ok
12:18:26.0437 0x13c4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:18:26.0453 0x13c4 HidBth - ok
12:18:26.0484 0x13c4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:18:26.0500 0x13c4 HidIr - ok
12:18:26.0547 0x13c4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:18:26.0593 0x13c4 hidserv - ok
12:18:26.0625 0x13c4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:18:26.0656 0x13c4 HidUsb - ok
12:18:26.0671 0x13c4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:18:26.0703 0x13c4 hkmsvc - ok
12:18:26.0718 0x13c4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:18:26.0765 0x13c4 HomeGroupListener - ok
12:18:26.0796 0x13c4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:18:26.0827 0x13c4 HomeGroupProvider - ok
12:18:26.0827 0x13c4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:18:26.0843 0x13c4 HpSAMD - ok
12:18:26.0937 0x13c4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:18:27.0030 0x13c4 HTTP - ok
12:18:27.0046 0x13c4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:18:27.0061 0x13c4 hwpolicy - ok
12:18:27.0077 0x13c4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:18:27.0093 0x13c4 i8042prt - ok
12:18:27.0155 0x13c4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:18:27.0186 0x13c4 iaStorV - ok
12:18:27.0264 0x13c4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:18:27.0311 0x13c4 idsvc - ok
12:18:27.0327 0x13c4 IEEtwCollectorService - ok
12:18:27.0327 0x13c4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:18:27.0342 0x13c4 iirsp - ok
12:18:27.0436 0x13c4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:18:27.0483 0x13c4 IKEEXT - ok
12:18:27.0607 0x13c4 [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:18:27.0701 0x13c4 IntcAzAudAddService - ok
12:18:27.0717 0x13c4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:18:27.0717 0x13c4 intelide - ok
12:18:27.0732 0x13c4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
12:18:27.0748 0x13c4 intelppm - ok
12:18:27.0779 0x13c4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:18:27.0810 0x13c4 IPBusEnum - ok
12:18:27.0810 0x13c4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:18:27.0857 0x13c4 IpFilterDriver - ok
12:18:27.0919 0x13c4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:18:27.0951 0x13c4 iphlpsvc - ok
12:18:27.0951 0x13c4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:18:27.0966 0x13c4 IPMIDRV - ok
12:18:27.0982 0x13c4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:18:28.0029 0x13c4 IPNAT - ok
12:18:28.0044 0x13c4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:18:28.0060 0x13c4 IRENUM - ok
12:18:28.0075 0x13c4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:18:28.0091 0x13c4 isapnp - ok
12:18:28.0122 0x13c4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:18:28.0138 0x13c4 iScsiPrt - ok
12:18:28.0153 0x13c4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:18:28.0169 0x13c4 kbdclass - ok
12:18:28.0185 0x13c4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:18:28.0185 0x13c4 kbdhid - ok
12:18:28.0200 0x13c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso C:\Windows\system32\lsass.exe
12:18:28.0216 0x13c4 KeyIso - ok
12:18:28.0263 0x13c4 [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:18:28.0278 0x13c4 KSecDD - ok
12:18:28.0294 0x13c4 [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:18:28.0294 0x13c4 KSecPkg - ok
12:18:28.0309 0x13c4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:18:28.0341 0x13c4 ksthunk - ok
12:18:28.0387 0x13c4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:18:28.0434 0x13c4 KtmRm - ok
12:18:28.0512 0x13c4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:18:28.0575 0x13c4 LanmanServer - ok
12:18:28.0590 0x13c4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:18:28.0637 0x13c4 LanmanWorkstation - ok
12:18:28.0668 0x13c4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:18:28.0699 0x13c4 lltdio - ok
12:18:28.0731 0x13c4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:18:28.0777 0x13c4 lltdsvc - ok
12:18:28.0793 0x13c4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:18:28.0840 0x13c4 lmhosts - ok
12:18:28.0855 0x13c4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:18:28.0871 0x13c4 LSI_FC - ok
12:18:28.0887 0x13c4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:18:28.0902 0x13c4 LSI_SAS - ok
12:18:28.0918 0x13c4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:18:28.0918 0x13c4 LSI_SAS2 - ok
12:18:28.0933 0x13c4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:18:28.0949 0x13c4 LSI_SCSI - ok
12:18:28.0965 0x13c4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:18:28.0996 0x13c4 luafv - ok
12:18:29.0027 0x13c4 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:18:29.0043 0x13c4 MBAMProtector - ok
12:18:29.0199 0x13c4 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
12:18:29.0245 0x13c4 MBAMScheduler - ok
12:18:29.0308 0x13c4 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
12:18:29.0355 0x13c4 MBAMService - ok
12:18:29.0417 0x13c4 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:18:29.0448 0x13c4 MBAMSwissArmy - ok
12:18:29.0464 0x13c4 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:18:29.0479 0x13c4 MBAMWebAccessControl - ok
12:18:29.0604 0x13c4 [ 429E9838454921D860277C4F164ED2B4, B45F9A9035DEB22AB3FC958278539647561B364FF8F9F2F12C590866927B6EB8 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe
12:18:29.0651 0x13c4 McComponentHostService - ok
12:18:29.0698 0x13c4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:18:29.0713 0x13c4 Mcx2Svc - ok
12:18:29.0729 0x13c4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:18:29.0729 0x13c4 megasas - ok
12:18:29.0760 0x13c4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:18:29.0776 0x13c4 MegaSR - ok
12:18:29.0823 0x13c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:18:29.0901 0x13c4 MMCSS - ok
12:18:29.0916 0x13c4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:18:29.0947 0x13c4 Modem - ok
12:18:29.0979 0x13c4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:18:29.0979 0x13c4 monitor - ok
12:18:29.0994 0x13c4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:18:30.0010 0x13c4 mouclass - ok
12:18:30.0025 0x13c4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:18:30.0057 0x13c4 mouhid - ok
12:18:30.0088 0x13c4 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:18:30.0103 0x13c4 mountmgr - ok
12:18:30.0150 0x13c4 [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:18:30.0166 0x13c4 MozillaMaintenance - ok
12:18:30.0181 0x13c4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:18:30.0197 0x13c4 mpio - ok
12:18:30.0213 0x13c4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:18:30.0259 0x13c4 mpsdrv - ok
12:18:30.0306 0x13c4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:18:30.0353 0x13c4 MpsSvc - ok
12:18:30.0384 0x13c4 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:18:30.0415 0x13c4 MRxDAV - ok
12:18:30.0462 0x13c4 [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:18:30.0478 0x13c4 mrxsmb - ok
12:18:30.0509 0x13c4 [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:18:30.0540 0x13c4 mrxsmb10 - ok
12:18:30.0587 0x13c4 [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:18:30.0618 0x13c4 mrxsmb20 - ok
12:18:30.0665 0x13c4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:18:30.0681 0x13c4 msahci - ok
12:18:30.0681 0x13c4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:18:30.0696 0x13c4 msdsm - ok
12:18:30.0727 0x13c4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:18:30.0743 0x13c4 MSDTC - ok
12:18:30.0774 0x13c4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:18:30.0805 0x13c4 Msfs - ok
12:18:30.0821 0x13c4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:18:30.0868 0x13c4 mshidkmdf - ok
12:18:30.0868 0x13c4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:18:30.0883 0x13c4 msisadrv - ok
12:18:30.0915 0x13c4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:18:30.0961 0x13c4 MSiSCSI - ok
12:18:30.0961 0x13c4 msiserver - ok
12:18:30.0993 0x13c4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:18:31.0024 0x13c4 MSKSSRV - ok
12:18:31.0039 0x13c4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:18:31.0117 0x13c4 MSPCLOCK - ok
12:18:31.0133 0x13c4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:18:31.0227 0x13c4 MSPQM - ok
12:18:31.0273 0x13c4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:18:31.0289 0x13c4 MsRPC - ok
12:18:31.0305 0x13c4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:18:31.0320 0x13c4 mssmbios - ok
12:18:31.0320 0x13c4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:18:31.0351 0x13c4 MSTEE - ok
12:18:31.0367 0x13c4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:18:31.0398 0x13c4 MTConfig - ok
12:18:31.0414 0x13c4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:18:31.0429 0x13c4 Mup - ok
12:18:31.0476 0x13c4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:18:31.0523 0x13c4 napagent - ok
12:18:31.0554 0x13c4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:18:31.0570 0x13c4 NativeWifiP - ok
12:18:31.0663 0x13c4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:18:31.0695 0x13c4 NDIS - ok
12:18:31.0710 0x13c4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:18:31.0741 0x13c4 NdisCap - ok
12:18:31.0773 0x13c4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:18:31.0804 0x13c4 NdisTapi - ok
12:18:31.0819 0x13c4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:18:31.0866 0x13c4 Ndisuio - ok
12:18:31.0897 0x13c4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:18:31.0929 0x13c4 NdisWan - ok
12:18:31.0944 0x13c4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:18:31.0975 0x13c4 NDProxy - ok
12:18:31.0991 0x13c4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:18:32.0022 0x13c4 NetBIOS - ok
12:18:32.0069 0x13c4 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:18:32.0131 0x13c4 NetBT - ok
12:18:32.0147 0x13c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon C:\Windows\system32\lsass.exe
12:18:32.0147 0x13c4 Netlogon - ok
12:18:32.0178 0x13c4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:18:32.0225 0x13c4 Netman - ok
12:18:32.0287 0x13c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0334 0x13c4 NetMsmqActivator - ok
12:18:32.0350 0x13c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0381 0x13c4 NetPipeActivator - ok
12:18:32.0397 0x13c4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:18:32.0443 0x13c4 netprofm - ok
12:18:32.0459 0x13c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0459 0x13c4 NetTcpActivator - ok
12:18:32.0475 0x13c4 [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0490 0x13c4 NetTcpPortSharing - ok
12:18:32.0506 0x13c4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:18:32.0537 0x13c4 nfrd960 - ok
12:18:32.0568 0x13c4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:18:32.0615 0x13c4 NlaSvc - ok
12:18:32.0646 0x13c4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:18:32.0662 0x13c4 Npfs - ok
12:18:32.0693 0x13c4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:18:32.0724 0x13c4 nsi - ok
12:18:32.0740 0x13c4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:18:32.0771 0x13c4 nsiproxy - ok
12:18:32.0880 0x13c4 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:18:32.0958 0x13c4 Ntfs - ok
12:18:32.0974 0x13c4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:18:33.0005 0x13c4 Null - ok
12:18:33.0067 0x13c4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:18:33.0067 0x13c4 nvraid - ok
12:18:33.0114 0x13c4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:18:33.0145 0x13c4 nvstor - ok
12:18:33.0161 0x13c4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:18:33.0177 0x13c4 nv_agp - ok
12:18:33.0192 0x13c4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:18:33.0208 0x13c4 ohci1394 - ok
12:18:33.0286 0x13c4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:18:33.0317 0x13c4 ose - ok
12:18:33.0551 0x13c4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:18:33.0676 0x13c4 osppsvc - ok
12:18:33.0723 0x13c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:18:33.0754 0x13c4 p2pimsvc - ok
12:18:33.0785 0x13c4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:18:33.0801 0x13c4 p2psvc - ok
12:18:33.0816 0x13c4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:18:33.0832 0x13c4 Parport - ok
12:18:33.0879 0x13c4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:18:33.0879 0x13c4 partmgr - ok
12:18:33.0941 0x13c4 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
12:18:33.0988 0x13c4 PcaSvc - ok
12:18:34.0003 0x13c4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:18:34.0019 0x13c4 pci - ok
12:18:34.0066 0x13c4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:18:34.0097 0x13c4 pciide - ok
12:18:34.0097 0x13c4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:18:34.0128 0x13c4 pcmcia - ok
12:18:34.0144 0x13c4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:18:34.0144 0x13c4 pcw - ok
12:18:34.0175 0x13c4 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:18:34.0206 0x13c4 PEAUTH - ok
12:18:34.0300 0x13c4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:18:34.0331 0x13c4 PerfHost - ok
12:18:34.0409 0x13c4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:18:34.0456 0x13c4 pla - ok
12:18:34.0518 0x13c4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:18:34.0596 0x13c4 PlugPlay - ok
12:18:34.0612 0x13c4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:18:34.0627 0x13c4 PNRPAutoReg - ok
12:18:34.0674 0x13c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:18:34.0705 0x13c4 PNRPsvc - ok
12:18:34.0768 0x13c4 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:18:34.0799 0x13c4 PolicyAgent - ok
12:18:34.0815 0x13c4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:18:34.0861 0x13c4 Power - ok
12:18:34.0939 0x13c4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:18:34.0986 0x13c4 PptpMiniport - ok
12:18:35.0002 0x13c4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:18:35.0002 0x13c4 Processor - ok
12:18:35.0049 0x13c4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:18:35.0080 0x13c4 ProfSvc - ok
12:18:35.0095 0x13c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:18:35.0111 0x13c4 ProtectedStorage - ok
12:18:35.0127 0x13c4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:18:35.0158 0x13c4 Psched - ok
12:18:35.0220 0x13c4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:18:35.0267 0x13c4 ql2300 - ok
12:18:35.0283 0x13c4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:18:35.0298 0x13c4 ql40xx - ok
12:18:35.0345 0x13c4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:18:35.0376 0x13c4 QWAVE - ok
12:18:35.0392 0x13c4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:18:35.0423 0x13c4 QWAVEdrv - ok
12:18:35.0548 0x13c4 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
12:18:35.0579 0x13c4 RapiMgr - ok
12:18:35.0579 0x13c4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:18:35.0626 0x13c4 RasAcd - ok
12:18:35.0673 0x13c4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:18:35.0704 0x13c4 RasAgileVpn - ok
12:18:35.0704 0x13c4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:18:35.0766 0x13c4 RasAuto - ok
12:18:35.0782 0x13c4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:18:35.0829 0x13c4 Rasl2tp - ok
12:18:35.0860 0x13c4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:18:35.0907 0x13c4 RasMan - ok
12:18:35.0922 0x13c4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:18:35.0985 0x13c4 RasPppoe - ok
12:18:36.0031 0x13c4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:18:36.0078 0x13c4 RasSstp - ok
12:18:36.0109 0x13c4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:18:36.0141 0x13c4 rdbss - ok
12:18:36.0141 0x13c4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:18:36.0156 0x13c4 rdpbus - ok
12:18:36.0187 0x13c4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:18:36.0250 0x13c4 RDPCDD - ok
12:18:36.0265 0x13c4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:18:36.0297 0x13c4 RDPENCDD - ok
12:18:36.0312 0x13c4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:18:36.0406 0x13c4 RDPREFMP - ok
12:18:36.0499 0x13c4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:18:36.0577 0x13c4 RdpVideoMiniport - ok
12:18:36.0624 0x13c4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:18:36.0655 0x13c4 RDPWD - ok
12:18:36.0671 0x13c4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:18:36.0687 0x13c4 rdyboost - ok
12:18:36.0718 0x13c4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:18:36.0765 0x13c4 RemoteAccess - ok
12:18:36.0796 0x13c4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:18:36.0827 0x13c4 RemoteRegistry - ok
12:18:36.0843 0x13c4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:18:36.0889 0x13c4 RpcEptMapper - ok
12:18:36.0905 0x13c4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:18:36.0921 0x13c4 RpcLocator - ok
12:18:36.0983 0x13c4 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
12:18:36.0999 0x13c4 RpcSs - ok
12:18:37.0030 0x13c4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:18:37.0092 0x13c4 rspndr - ok
12:18:37.0170 0x13c4 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:18:37.0217 0x13c4 RTL8167 - ok
12:18:37.0217 0x13c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs C:\Windows\system32\lsass.exe
12:18:37.0233 0x13c4 SamSs - ok
12:18:37.0233 0x13c4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:18:37.0248 0x13c4 sbp2port - ok
12:18:37.0279 0x13c4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:18:37.0326 0x13c4 SCardSvr - ok
12:18:37.0326 0x13c4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:18:37.0357 0x13c4 scfilter - ok
12:18:37.0451 0x13c4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
12:18:37.0498 0x13c4 Schedule - ok
12:18:37.0545 0x13c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:18:37.0591 0x13c4 SCPolicySvc - ok
12:18:37.0607 0x13c4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:18:37.0654 0x13c4 SDRSVC - ok
12:18:37.0685 0x13c4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:18:37.0732 0x13c4 secdrv - ok
12:18:37.0779 0x13c4 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
12:18:37.0794 0x13c4 seclogon - ok
12:18:37.0810 0x13c4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:18:37.0857 0x13c4 SENS - ok
12:18:37.0888 0x13c4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:18:37.0950 0x13c4 SensrSvc - ok
12:18:37.0966 0x13c4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:18:37.0981 0x13c4 Serenum - ok
12:18:37.0997 0x13c4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:18:38.0013 0x13c4 Serial - ok
12:18:38.0028 0x13c4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:18:38.0059 0x13c4 sermouse - ok
12:18:38.0091 0x13c4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:18:38.0137 0x13c4 SessionEnv - ok
12:18:38.0153 0x13c4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:18:38.0169 0x13c4 sffdisk - ok
12:18:38.0169 0x13c4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:18:38.0200 0x13c4 sffp_mmc - ok
12:18:38.0231 0x13c4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:18:38.0231 0x13c4 sffp_sd - ok
12:18:38.0247 0x13c4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:18:38.0247 0x13c4 sfloppy - ok
12:18:38.0309 0x13c4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:18:38.0371 0x13c4 SharedAccess - ok
12:18:38.0418 0x13c4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:18:38.0449 0x13c4 ShellHWDetection - ok
12:18:38.0465 0x13c4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:18:38.0481 0x13c4 SiSRaid2 - ok
12:18:38.0481 0x13c4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:18:38.0496 0x13c4 SiSRaid4 - ok
12:18:38.0496 0x13c4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:18:38.0527 0x13c4 Smb - ok
12:18:38.0559 0x13c4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:18:38.0574 0x13c4 SNMPTRAP - ok
12:18:38.0699 0x13c4 [ 97F08F8E5CB913E3DF467A35767866B6, F75C1D157D7AF5C2B691D8495D38C5A65944C93F5D4A3EA9813B07E4AF3E3E68 ] SpeedupService C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
12:18:38.0730 0x13c4 SpeedupService - ok
12:18:38.0746 0x13c4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:18:38.0761 0x13c4 spldr - ok
12:18:38.0839 0x13c4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:18:38.0886 0x13c4 Spooler - ok
12:18:39.0027 0x13c4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:18:39.0120 0x13c4 sppsvc - ok
12:18:39.0151 0x13c4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:18:39.0198 0x13c4 sppuinotify - ok
12:18:39.0245 0x13c4 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:18:39.0292 0x13c4 srv - ok
12:18:39.0339 0x13c4 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:18:39.0370 0x13c4 srv2 - ok
12:18:39.0401 0x13c4 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:18:39.0417 0x13c4 srvnet - ok
12:18:39.0432 0x13c4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:18:39.0463 0x13c4 SSDPSRV - ok
12:18:39.0495 0x13c4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:18:39.0541 0x13c4 SstpSvc - ok
12:18:39.0573 0x13c4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:18:39.0573 0x13c4 stexstor - ok
12:18:39.0619 0x13c4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:18:39.0651 0x13c4 stisvc - ok
12:18:39.0666 0x13c4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:18:39.0682 0x13c4 swenum - ok
12:18:39.0729 0x13c4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:18:39.0775 0x13c4 swprv - ok
12:18:39.0853 0x13c4 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
12:18:39.0947 0x13c4 SysMain - ok
12:18:39.0978 0x13c4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:18:39.0994 0x13c4 TabletInputService - ok
12:18:40.0009 0x13c4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:18:40.0072 0x13c4 TapiSrv - ok
12:18:40.0212 0x13c4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:18:40.0259 0x13c4 Tcpip - ok
12:18:40.0368 0x13c4 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:18:40.0415 0x13c4 TCPIP6 - ok
12:18:40.0462 0x13c4 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:18:40.0524 0x13c4 tcpipreg - ok
12:18:40.0555 0x13c4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:18:40.0602 0x13c4 TDPIPE - ok
12:18:40.0665 0x13c4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:18:40.0711 0x13c4 TDTCP - ok
12:18:40.0743 0x13c4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:18:40.0758 0x13c4 tdx - ok
12:18:40.0945 0x13c4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:18:40.0977 0x13c4 TermDD - ok
12:18:41.0023 0x13c4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:18:41.0101 0x13c4 TermService - ok
12:18:41.0117 0x13c4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:18:41.0164 0x13c4 Themes - ok
12:18:41.0211 0x13c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:18:41.0242 0x13c4 THREADORDER - ok
12:18:41.0273 0x13c4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:18:41.0304 0x13c4 TrkWks - ok
12:18:41.0413 0x13c4 [ 6D8B6AFF929CFEBD77EE8CC1D03857A7, D40B630A31BBAE97EFA09E6DC59C1C20B0563CF1E38BE207BB577705B5A09159 ] TrueKey C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
12:18:41.0460 0x13c4 TrueKey - ok
12:18:41.0507 0x13c4 [ 050BDF54D8D89C14971FA7A928A8C781, B05FA95082FE1AD0DA8613C01E9AACD18005104353E1584519754DB1D2F2323D ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
12:18:41.0538 0x13c4 TrueKeyScheduler - ok
12:18:41.0554 0x13c4 [ A954D5B1BC55BCA1308CA001C08DCB8F, F5BC1FD813B9D276DD61C3AEAFD76D07405F70AA6691A340B70D53E1D2F9753A ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
12:18:41.0585 0x13c4 TrueKeyServiceHelper - ok
12:18:41.0647 0x13c4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:18:41.0757 0x13c4 TrustedInstaller - ok
12:18:41.0803 0x13c4 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:18:41.0850 0x13c4 tssecsrv - ok
12:18:41.0897 0x13c4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:18:41.0928 0x13c4 TsUsbFlt - ok
12:18:41.0959 0x13c4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:18:42.0006 0x13c4 TsUsbGD - ok
12:18:42.0240 0x13c4 [ 2F09E7B063C0DB79A8CA4EDB66429F6B, D3525F064D796544F7EAF9D5C37EDF33E08A19A7C13E2ABD4FD7119CF0C8E5E4 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
12:18:42.0381 0x13c4 TuneUp.UtilitiesSvc - ok
12:18:42.0443 0x13c4 [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
12:18:42.0505 0x13c4 TuneUpUtilitiesDrv - ok
12:18:42.0537 0x13c4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:18:42.0583 0x13c4 tunnel - ok
12:18:42.0583 0x13c4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:18:42.0599 0x13c4 uagp35 - ok
12:18:42.0615 0x13c4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:18:42.0646 0x13c4 udfs - ok
12:18:42.0693 0x13c4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:18:42.0693 0x13c4 UI0Detect - ok
12:18:42.0708 0x13c4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:18:42.0708 0x13c4 uliagpkx - ok
12:18:42.0724 0x13c4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:18:42.0739 0x13c4 umbus - ok
12:18:42.0739 0x13c4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:18:42.0755 0x13c4 UmPass - ok
12:18:42.0786 0x13c4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:18:42.0817 0x13c4 upnphost - ok
12:18:42.0849 0x13c4 [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
12:18:42.0927 0x13c4 usbccgp - ok
12:18:42.0973 0x13c4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:18:43.0005 0x13c4 usbcir - ok
12:18:43.0036 0x13c4 [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:18:43.0067 0x13c4 usbehci - ok
12:18:43.0114 0x13c4 [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
12:18:43.0129 0x13c4 usbhub - ok
12:18:43.0176 0x13c4 [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:18:43.0207 0x13c4 usbohci - ok
12:18:43.0223 0x13c4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:18:43.0285 0x13c4 usbprint - ok
12:18:43.0317 0x13c4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:18:43.0332 0x13c4 usbscan - ok
12:18:43.0379 0x13c4 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:18:43.0410 0x13c4 USBSTOR - ok
12:18:43.0457 0x13c4 [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:18:43.0504 0x13c4 usbuhci - ok
12:18:43.0535 0x13c4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:18:43.0566 0x13c4 UxSms - ok
12:18:43.0644 0x13c4 [ D4070827C8EE4039FD65532CED62C0B0, 03270B9F74F48C92F1DFA15BD9F451CD19AE78D390717E2C2B8B0A2810454916 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
12:18:43.0660 0x13c4 UxTuneUp - ok
12:18:43.0675 0x13c4 [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc C:\Windows\system32\lsass.exe
12:18:43.0691 0x13c4 VaultSvc - ok
12:18:43.0691 0x13c4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:18:43.0707 0x13c4 vdrvroot - ok
12:18:43.0738 0x13c4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:18:43.0785 0x13c4 vds - ok
12:18:43.0800 0x13c4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:18:43.0816 0x13c4 vga - ok
12:18:43.0831 0x13c4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:18:43.0878 0x13c4 VgaSave - ok
12:18:43.0894 0x13c4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:18:43.0909 0x13c4 vhdmp - ok
12:18:43.0941 0x13c4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:18:43.0941 0x13c4 viaide - ok
12:18:43.0987 0x13c4 VideoAcceleratorService - ok
12:18:44.0003 0x13c4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:18:44.0034 0x13c4 volmgr - ok
12:18:44.0050 0x13c4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:18:44.0065 0x13c4 volmgrx - ok
12:18:44.0081 0x13c4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:18:44.0097 0x13c4 volsnap - ok
12:18:44.0128 0x13c4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:18:44.0128 0x13c4 vsmraid - ok
12:18:44.0190 0x13c4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:18:44.0253 0x13c4 VSS - ok
12:18:44.0268 0x13c4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:18:44.0284 0x13c4 vwifibus - ok
12:18:44.0299 0x13c4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:18:44.0346 0x13c4 W32Time - ok
12:18:44.0393 0x13c4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:18:44.0440 0x13c4 WacomPen - ok
12:18:44.0471 0x13c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:18:44.0502 0x13c4 WANARP - ok
12:18:44.0502 0x13c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:18:44.0533 0x13c4 Wanarpv6 - ok
12:18:44.0596 0x13c4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:18:44.0658 0x13c4 wbengine - ok
12:18:44.0674 0x13c4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:18:44.0689 0x13c4 WbioSrvc - ok
12:18:44.0783 0x13c4 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
12:18:44.0814 0x13c4 WcesComm - ok
12:18:44.0846 0x13c4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:18:44.0877 0x13c4 wcncsvc - ok
12:18:44.0908 0x13c4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:18:44.0955 0x13c4 WcsPlugInService - ok
12:18:44.0970 0x13c4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:18:44.0986 0x13c4 Wd - ok
12:18:45.0033 0x13c4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:18:45.0064 0x13c4 Wdf01000 - ok
12:18:45.0095 0x13c4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:18:45.0126 0x13c4 WdiServiceHost - ok
12:18:45.0126 0x13c4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:18:45.0142 0x13c4 WdiSystemHost - ok
12:18:45.0189 0x13c4 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
12:18:45.0204 0x13c4 WebClient - ok
12:18:45.0220 0x13c4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:18:45.0251 0x13c4 Wecsvc - ok
12:18:45.0267 0x13c4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:18:45.0314 0x13c4 wercplsupport - ok
12:18:45.0345 0x13c4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:18:45.0376 0x13c4 WerSvc - ok
12:18:45.0392 0x13c4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:18:45.0423 0x13c4 WfpLwf - ok
12:18:45.0438 0x13c4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:18:45.0438 0x13c4 WIMMount - ok
12:18:45.0485 0x13c4 WinDefend - ok
12:18:45.0485 0x13c4 WinHttpAutoProxySvc - ok
12:18:45.0579 0x13c4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:18:45.0626 0x13c4 Winmgmt - ok
12:18:45.0735 0x13c4 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
12:18:45.0782 0x13c4 WinRM - ok
12:18:45.0875 0x13c4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
12:18:45.0891 0x13c4 WINUSB - ok
12:18:45.0984 0x13c4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:18:46.0031 0x13c4 Wlansvc - ok
12:18:46.0031 0x13c4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:18:46.0047 0x13c4 WmiAcpi - ok
12:18:46.0062 0x13c4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:18:46.0094 0x13c4 wmiApSrv - ok
12:18:46.0094 0x13c4 WMPNetworkSvc - ok
12:18:46.0125 0x13c4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:18:46.0172 0x13c4 WPCSvc - ok
12:18:46.0187 0x13c4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:18:46.0218 0x13c4 WPDBusEnum - ok
12:18:46.0234 0x13c4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:18:46.0265 0x13c4 ws2ifsl - ok
12:18:46.0296 0x13c4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:18:46.0328 0x13c4 wscsvc - ok
12:18:46.0328 0x13c4 WSearch - ok
12:18:46.0484 0x13c4 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
12:18:46.0577 0x13c4 wuauserv - ok
12:18:46.0608 0x13c4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:18:46.0640 0x13c4 WudfPf - ok
12:18:46.0655 0x13c4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:18:46.0671 0x13c4 WUDFRd - ok
12:18:46.0702 0x13c4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:18:46.0733 0x13c4 wudfsvc - ok
12:18:46.0780 0x13c4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:18:46.0796 0x13c4 WwanSvc - ok
12:18:46.0811 0x13c4 ================ Scan global ===============================
12:18:46.0858 0x13c4 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
12:18:46.0905 0x13c4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:18:46.0936 0x13c4 [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:18:46.0983 0x13c4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:18:47.0045 0x13c4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:18:47.0061 0x13c4 [ Global ] - ok
12:18:47.0061 0x13c4 ================ Scan MBR ==================================
12:18:47.0076 0x13c4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:18:47.0420 0x13c4 \Device\Harddisk0\DR0 - ok
12:18:47.0435 0x13c4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:18:47.0544 0x13c4 \Device\Harddisk1\DR1 - ok
12:18:47.0544 0x13c4 ================ Scan VBR ==================================
12:18:47.0544 0x13c4 [ F6E7A47FFCD6127538C5F49E09D7824B ] \Device\Harddisk0\DR0\Partition1
12:18:47.0544 0x13c4 \Device\Harddisk0\DR0\Partition1 - ok
12:18:47.0560 0x13c4 [ 463D0D2A22BFCBA0CF91A5E133E380C5 ] \Device\Harddisk0\DR0\Partition2
12:18:47.0560 0x13c4 \Device\Harddisk0\DR0\Partition2 - ok
12:18:47.0560 0x13c4 [ 92850CECA0DEE3995D3D02D544E918DA ] \Device\Harddisk1\DR1\Partition1
12:18:47.0576 0x13c4 \Device\Harddisk1\DR1\Partition1 - ok
12:18:47.0576 0x13c4 ================ Scan generic autorun ======================
12:18:47.0669 0x13c4 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
12:18:47.0700 0x13c4 Windows Mobile Device Center - ok
12:18:47.0841 0x13c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:18:47.0966 0x13c4 Sidebar - ok
12:18:48.0012 0x13c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:18:48.0059 0x13c4 mctadmin - ok
12:18:48.0122 0x13c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:18:48.0153 0x13c4 Sidebar - ok
12:18:48.0168 0x13c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:18:48.0184 0x13c4 mctadmin - ok
12:18:48.0278 0x13c4 [ 23345F9256FFB4C68A75F2127DD6C21D, 97B029E75C2C4774C0893FB4D274A6F6CE28719842E4842FE3ABA445B5769916 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
12:18:48.0324 0x13c4 Firefox - ok
12:18:48.0356 0x13c4 Win FW state via NFP2: enabled ( trusted )
12:18:48.0356 0x13c4 ============================================================
12:18:48.0356 0x13c4 Scan finished
12:18:48.0356 0x13c4 ============================================================
12:18:48.0371 0x10a8 Detected object count: 0
12:18:48.0371 0x10a8 Actual detected object count: 0
|
|
31.12.2016, 10:08
| #12 |
| | Windows 7: Eset findet 6 Trojaner Hallo Cosinus, ich verstehe, dass Ihr nicht alle Anfragen sofort bearbeiten könnt und es nicht mögt, wenn jemand drängelt. Am Montagmorgen muss ich allerdings meinen Vater verlassen und werde ihn einige Wochen nicht sehen. Ich muss seinen PC so hinbekommen, dass er wieder online gehen kann. Vielleicht kannst Du noch Empfehlungen für Virenscanner geben? |
|
31.12.2016, 12:58
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Eset findet 6 Trojaner Trotzdem machst du dir hier mit der Drängelei keine Freunde!  Wenn du zeitkritische Sachen hast geht das nicht über ein Forum, da musst du in einen PC-Service-Laden rennen und da hast du auch das Recht dich zu beschweren wenn es länger dauert als vereinbart. Aber nicht hier. Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.12.2016, 15:22
| #14 |
| | Windows 7: Eset findet 6 Trojaner Danke fürs Verständnis! Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 31/12/2016 um 15:13:51
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-15.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : PC - PC-PC
# Gestartet von : C:\Users\PC\Downloads\msvcp120\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\PC\AppData\LocalLow\Speedbit
[-] Ordner gelöscht: C:\Users\PC\AppData\Roaming\DriverCure
[-] Ordner gelöscht: C:\Users\PC\AppData\Roaming\ParetoLogic
[-] Ordner gelöscht: C:\Program Files\Common Files\Speedbit
[-] Ordner gelöscht: C:\ProgramData\ParetoLogic
[-] Ordner gelöscht: C:\ProgramData\Speedbit
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\ParetoLogic
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Speedbit
[-] Ordner gelöscht: C:\Users\Public\Documents\Speedbit
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\ParetoLogic
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\Speedbit
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: paretologic registration3
[-] Aufgabe gelöscht: paretologic update version3
[-] Aufgabe gelöscht: ParetoLogic Update Version3 Startup Task
[-] Aufgabe gelöscht: ParetoLogic Registration3
[-] Aufgabe gelöscht: ParetoLogic Update Version3
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\uus3url-pl
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\uus3url-pl
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\SpeedBit
[-] Schlüssel gelöscht: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\distromatic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\ParetoLogic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\SpeedBit
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\SpeedBit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\distromatic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ParetoLogic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SpeedBit
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ParetoLogic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SpeedBit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\distromatic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\ParetoLogic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SpeedBit
[-] Daten wiederhergestellt: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.search.defaulturl" - "hxxp://go.speedbit.com/search.aspx?s=G3Ib&q="
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "Speedbit Search"
[-] Firefox Einstellungen bereinigt: "browser.startup.homepage_override_url" - "hxxp://go.speedbit.com/?s=G3Ib"
[-] Firefox Einstellungen bereinigt: "keyword.URL" - "hxxp://go.speedbit.com/search.aspx?s=G3Ib&q="
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4716 Bytes] - [31/12/2016 15:13:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [5017 Bytes] - [31/12/2016 15:13:11]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4862 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64
Ran by PC (Administrator) on 31.12.2016 at 15:17:27,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 26
Successfully deleted: C:\Users\PC\AppData\Roaming\dll-files.com (Folder)
Successfully deleted: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\user.js (File)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0AY5X4ON (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MTWO6S1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5R0E1YKT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99F1URJ9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I916TUYB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXSJI1TN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZ6SCMIE (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZE1J2U76 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0AY5X4ON (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MTWO6S1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5R0E1YKT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99F1URJ9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I916TUYB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXSJI1TN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZ6SCMIE (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZE1J2U76 (Temporary Internet Files Folder)
Deleted the following from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\prefs.js
user_pref(browser.urlbar.suggest.searches, true);
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.12.2016 at 15:19:33,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
31.12.2016, 23:23
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Eset findet 6 Trojaner Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows 7: Eset findet 6 Trojaner |
| antivirus, avira, computer, desktop, email, festplatte, firefox, flash player, google, helper, home, homepage, langsam, mozilla, popup, problem, problem gelöst, registry, scan, security, software, svchost.exe, system, trojaner, usb, windows |
Linear-Darstellung
