| |
| |||||||
Log-Analyse und Auswertung: WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
05.03.2015, 12:21
| #1 |
 |  WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Hallo liebe Leute beim Trojaner-Board, ich habe mir wohl was eingfangen, und bitte um Hilfe: - AVIRA meldet Funde: TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Ferner habe ich Meldungen erhalten, dass auf ominöse Laufwerke nicht zugegriffen werden konnte. - Der Rechner fährt nicht immer sauber runter, sonderen bleibt hängen - generell ist er langsamer - zwischenzeitlcih habe ich, bevor ich Eure Startanleitung gelsen und durchgeführt habe, Malwarebeits installiert und laufen lassen, Malwarebytes hat ständig den Zugriff auf verdächtige Webseiten gemeldet und geblockt. Den Log-File von Malwarebytes habe ich beigefügt. Malwarebytes habe ich in er Zwischenzeit wieder deinstalliert, um Konflikte mit Avira zu vermeiden. - Beim ersten Durchlauf von GMER ist das Programm hängen geblieben. Beim 2ten mal nach Neustart ist GMER dann aber durchgelaufen. Folgende Logs anbei. Log-Files waren zu gross. Darum als Anhnag anbei. Sorry dafür! Defogger: defogger_disable.log FRST: FRST.txt und Addition.txt Gmer: Gmer.txt Malwarebytes: Malwarebyte-Scan_2015-03-05_08uhr40.txt Avira: Avira-Log_1_AVSCAN-20150305-081017-54F26CC4 und Avira-Log_2_AVSCAN-20150305-081017-54F26CC4 Ganz vielen Dank im voraus ewo defogger_disable.log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:13 on 05/03/2015 (Wolf)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
|
|
05.03.2015, 13:05
| #2 |
| /// the machine /// TB-Ausbilder    | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Hi,
__________________Logs bitte immer in den thread posten, in codetags. Logs zur Not aufteilen.
__________________ |
|
05.03.2015, 13:29
| #3 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Hallo Schrauber,
__________________danke für die schnelle Antwort. Die Logs schicke ich folgend in separaten Beiträgen. FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01 Ran by Wolf (administrator) on WOLF-PC on 05-03-2015 10:18:10 Running from C:\Users\Wolf\Desktop Loaded Profiles: Wolf (Available profiles: Wolf & Lars) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (DeviceVM) C:\ASUS.SYS\CONFIG\DVMExportService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\Six Engine\SixEngine.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Microsoft Corporation) C:\Program Files (x86)\EMET\EMET_notifier.exe (CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\Windows\SysWOW64\sort.exe (Microsoft Corporation) C:\Windows\splwow64.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8317472 2009-11-03] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation) HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.) HKLM\...\Run: [Easy-PrintToolBox] => C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [398944 2006-10-17] (CANON INC.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-15] (CANON INC.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10464536 2014-07-02] (Logitech Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704248 2015-03-04] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521464 2012-06-08] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [EMET Notifier] => C:\Program Files (x86)\EMET\EMET_notifier.exe [152152 2012-05-09] (Microsoft Corporation) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [41472 2012-04-03] () HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432 2012-06-08] () HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [Google Update] => C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.) HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [xlnsxpuw] => C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe [130560 2015-03-04] (ttamoSoft1) <===== ATTENTION HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [pipe-according] => C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe [111104 2015-03-04] () HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Run: [transition-collect] => C:\Users\Wolf\AppData\Roaming\Transitionreduce\transition_feel.exe [197120 2015-03-05] () HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\RunOnce: [pipe-according] => C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe [111104 2015-03-04] () HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\RunOnce: [transition-collect] => C:\Users\Wolf\AppData\Roaming\Transitionreduce\transition_feel.exe [197120 2015-03-05] () HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\MountPoints2: Q - Q:\AutoRun.exe HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\MountPoints2: {24915f21-5a68-11e3-8125-bcaec50efa68} - F:\Startme.exe HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\MountPoints2: {5eff72d0-09f8-11e1-b92d-bcaec50efa68} - Q:\AutoRun.exe HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\MountPoints2: {5eff72ec-09f8-11e1-b92d-bcaec50efa68} - Q:\AutoRun.exe Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk.disabled ShortcutTarget: OpenOffice.org 3.3.lnk.disabled -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll () BootExecute: autocheck autochk * sdnclean64.exe GroupPolicyUsers\S-1-5-21-16447771-1256991811-2654833542-1003\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=D021915-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp URLSearchHook: HKU\S-1-5-21-16447771-1256991811-2654833542-1001 - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File SearchScopes: HKU\S-1-5-21-16447771-1256991811-2654833542-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D021915-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms} SearchScopes: HKU\S-1-5-21-16447771-1256991811-2654833542-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D021915-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms} SearchScopes: HKU\S-1-5-21-16447771-1256991811-2654833542-1001 -> {71D1E031-4DCE-4ACE-82C5-356849DBADBE} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GGLD_de BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-16447771-1256991811-2654833542-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKU\S-1-5-21-16447771-1256991811-2654833542-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default FF DefaultSearchEngine: DuckDuckGo de FF SelectedSearchEngine: Bing FF Homepage: hxxp://www.adfc-frankfurt.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF Plugin HKU\S-1-5-21-16447771-1256991811-2654833542-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( ) FF Plugin HKU\S-1-5-21-16447771-1256991811-2654833542-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-16447771-1256991811-2654833542-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-16447771-1256991811-2654833542-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Wolf\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-16447771-1256991811-2654833542-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Wolf\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation) FF SearchPlugin: C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\searchplugins\duckduckgo-de.xml FF SearchPlugin: C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\searchplugins\googlede.xml FF Extension: DOM Inspector - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\inspector@mozilla.org [2014-12-16] FF Extension: Windows Media Player Extension for Firefox - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\jid0-nRwp7VvCqZcSRTppwWz2npqGEKw@jetpack [2012-04-20] FF Extension: WebRank SEO Toolbar - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\webrank-toolbar@probcomp.com [2013-12-03] FF Extension: WOT - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26] FF Extension: Firebug - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\firebug@software.joehewitt.com.xpi [2013-04-26] FF Extension: Awesome screenshot: Capture and Annotate - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2013-10-26] FF Extension: Google search link fix - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2013-10-26] FF Extension: PixelZoomer - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\pixelzoomer@matthiasschuetz.com.xpi [2012-03-28] FF Extension: Pure URL - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\pure-url@jetpack.xpi [2013-09-16] FF Extension: Saved Password Editor - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\savedpasswordeditor@daniel.dawson.xpi [2014-06-03] FF Extension: Tile Tabs - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\tiletabs@DW-dev.xpi [2014-08-22] FF Extension: All-in-One Sidebar - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2012-02-29] FF Extension: Flagfox - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08] FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2012-03-01] FF Extension: NoScript - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-19] FF Extension: Web Developer - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-01-27] FF Extension: Adblock Plus - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-04-22] FF Extension: DownThemAll! - C:\Users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-02-29] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-04-03] Chrome: ======= CHR Profile: C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-26] CHR Extension: (Google Wallet) - C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-03] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-02-15] (Adobe Systems Incorporated) R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [806192 2015-03-04] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-04] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992048 2015-03-04] (Avira Operations GmbH & Co. KG) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-04] () S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-04-23] (Macrovision Europe Ltd.) [File not signed] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation) S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-04-26] (Google) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MDES; C:\ASUS.SYS\CONFIG\DVMExportService.exe [319488 2009-03-24] (DeviceVM) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-10-09] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] () R3 auusb; C:\Windows\System32\DRIVERS\auusb.sys [208616 2013-07-01] (Auerswald GmbH & Co.KG ) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-04] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG) S3 BioNTDrv; C:\Program Files (x86)\Paragon Software\Festplatten Manager 12 Professional\program\BioNTDrv.SYS [19760 2012-03-01] (Paragon Software GmbH) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.) S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-03-05] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-05] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors) S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () R1 uigxrdr; C:\Windows\System32\DRIVERS\uigxrdr.sys [199752 2011-11-16] (1&1 Mail & Media GmbH) R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90928 2012-03-01] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [632752 2012-03-01] (Paragon) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X] S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-05 10:18 - 2015-03-05 10:18 - 00031717 _____ () C:\Users\Wolf\Desktop\FRST.txt 2015-03-05 10:17 - 2015-03-05 10:18 - 00000000 ____D () C:\FRST 2015-03-05 10:17 - 2015-03-05 10:17 - 02092544 _____ (Farbar) C:\Users\Wolf\Desktop\FRST64.exe 2015-03-05 10:13 - 2015-03-05 10:13 - 00000470 _____ () C:\Users\Wolf\Desktop\defogger_disable.log 2015-03-05 10:13 - 2015-03-05 10:13 - 00000000 _____ () C:\Users\Wolf\defogger_reenable 2015-03-05 10:11 - 2015-03-05 10:11 - 00050477 _____ () C:\Users\Wolf\Desktop\Defogger.exe 2015-03-05 09:23 - 2015-03-05 09:23 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Wolf\Desktop\mbar-1.09.1.1004.exe 2015-03-05 09:23 - 2015-03-05 09:23 - 00000000 ____D () C:\Users\Wolf\Desktop\mbar 2015-03-05 08:40 - 2015-03-05 08:40 - 00004439 _____ () C:\Users\Wolf\Desktop\Malwarebyte-Scan_2015-03-05_08uhr40.txt 2015-03-05 08:33 - 2015-03-05 08:33 - 00000000 ___HD () C:\Users\Wolf\AppData\Roaming\Transitionreduce 2015-03-05 08:29 - 2015-03-05 09:31 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-05 08:28 - 2015-03-05 09:26 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-05 08:28 - 2015-03-05 08:28 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-05 08:28 - 2015-03-05 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-05 08:28 - 2015-03-05 08:28 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-05 08:28 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-05 08:28 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-04 18:22 - 2015-03-04 18:22 - 00000000 ___HD () C:\Users\Wolf\AppData\Local\Pipenose 2015-03-04 15:19 - 2015-03-04 15:19 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2015-03-04 15:19 - 2015-03-04 15:19 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2015-03-04 15:15 - 2015-03-04 15:15 - 00000000 ____D () C:\Users\Wolf\Desktop\adobe_apps_manager 2015-03-04 15:14 - 2015-03-04 15:14 - 68350688 _____ (Adobe Systems Incorporated) C:\Users\Wolf\Downloads\ApplicationManager8.0_all.exe 2015-03-04 14:46 - 2015-03-04 14:58 - 00000000 ____D () C:\Users\Wolf\Desktop\Adobe CS6 Design and Web Premium 2015-03-04 13:52 - 2015-03-04 13:52 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\PACE Anti-Piracy 2015-03-04 13:52 - 2015-03-04 13:52 - 00000000 ____D () C:\Users\Wolf\AppData\Local\PACE Anti-Piracy 2015-03-04 13:52 - 2015-03-04 13:52 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy 2015-03-04 13:28 - 2015-03-05 08:15 - 00000000 ____D () C:\Users\Wolf\AppData\Local\CrashDumps 2015-03-04 13:25 - 2015-03-04 13:25 - 00000000 ____D () C:\ProgramData\nppeja 2015-03-03 20:57 - 2015-03-03 20:58 - 06208736 _____ (Tim Kosse) C:\Users\Wolf\Downloads\FileZilla_3.10.2_win32-setup.exe 2015-03-01 19:33 - 2015-03-01 19:33 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Steam 2015-03-01 00:48 - 2015-03-01 00:48 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Windows Live Writer 2015-03-01 00:48 - 2015-03-01 00:48 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Windows Live Writer 2015-02-28 22:01 - 2015-02-28 22:01 - 00000224 _____ () C:\Users\Wolf\Desktop\▶ Making your first Jalbum album - YouTube.URL 2015-02-28 21:58 - 2015-02-28 22:20 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\jAlbum 2015-02-28 21:58 - 2015-02-28 22:19 - 00000000 ____D () C:\Users\Wolf\Documents\My Albums 2015-02-28 21:58 - 2015-02-28 21:58 - 00001027 _____ () C:\Users\Public\Desktop\jAlbum.lnk 2015-02-28 21:58 - 2015-02-28 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jAlbum 2015-02-28 21:58 - 2015-02-28 21:58 - 00000000 ____D () C:\Program Files (x86)\jAlbum 2015-02-25 21:47 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 21:47 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-25 21:00 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-25 21:00 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-25 21:00 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-25 21:00 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-25 12:34 - 2015-02-25 17:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-02-25 10:01 - 2015-02-25 10:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-23 21:43 - 2015-02-23 21:43 - 00000222 _____ () C:\Users\Lars\Desktop\Far Cry 3.url 2015-02-23 21:43 - 2015-02-23 21:43 - 00000222 _____ () C:\Users\Lars\Desktop\Dishonored.url 2015-02-23 21:42 - 2015-02-23 21:42 - 00000222 _____ () C:\Users\Lars\Desktop\DayZ.url 2015-02-23 13:55 - 2015-02-23 20:24 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-02-22 13:34 - 2015-02-22 13:34 - 00000234 _____ () C:\Users\Wolf\Desktop\view-sourcehttpwww.adfc-tour.deimagesmarker.png.URL 2015-02-21 16:07 - 2015-02-21 16:07 - 00000000 ____D () C:\Users\Lars\AppData\Local\Steam 2015-02-19 19:54 - 2015-02-19 20:08 - 00002888 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini 2015-02-19 19:54 - 2015-02-19 20:08 - 00002888 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini 2015-02-19 19:54 - 2015-02-19 19:54 - 00000000 ____D () C:\Users\Wolf\AppData\Local\CrystalDiskMark 2015-02-19 19:54 - 2015-02-18 11:55 - 00372264 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll 2015-02-19 19:54 - 2015-02-18 11:55 - 00326240 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll 2015-02-15 22:37 - 2015-03-01 10:21 - 00014240 _____ () C:\Users\Lars\Desktop\DesktopOK.ini 2015-02-15 22:37 - 2015-02-15 21:19 - 00430592 _____ (Nenad Hrg SoftwareOK) C:\Users\Lars\Desktop\DesktopOK_x64.exe 2015-02-13 10:57 - 2015-02-25 07:54 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1423821448 2015-02-13 10:57 - 2015-02-13 10:57 - 00001129 _____ () C:\Users\Public\Desktop\Opera 27.lnk 2015-02-13 10:57 - 2015-02-13 10:57 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Opera Software 2015-02-13 10:57 - 2015-02-13 10:57 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Opera Software 2015-02-12 07:58 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-12 07:58 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-12 07:58 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-12 07:58 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-11 20:20 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-02-11 20:19 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-02-11 20:19 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-02-11 20:19 - 2015-02-05 22:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-02-11 13:13 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-11 13:13 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-11 13:13 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-11 13:13 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-11 13:13 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-11 13:13 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-11 13:13 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-11 13:13 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-11 13:13 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-11 13:13 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-11 13:13 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-11 13:13 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-11 13:13 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-11 13:13 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-11 13:13 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-11 13:13 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-11 13:13 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-11 13:13 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-11 13:13 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-11 13:13 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-11 13:13 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-11 13:13 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-11 13:13 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-11 13:13 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-11 13:13 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-11 13:13 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-11 13:13 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-11 13:13 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-11 13:13 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-11 13:13 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-11 13:13 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-11 13:13 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-11 13:13 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-11 13:13 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-11 13:13 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-11 13:13 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-11 13:13 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-11 13:13 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-11 13:13 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-11 13:13 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-11 13:13 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-11 13:13 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-11 13:13 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-11 13:13 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-11 13:13 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-11 13:13 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-11 13:13 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-11 13:13 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-11 13:13 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-11 13:13 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-11 13:13 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-11 13:13 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-11 13:13 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-11 13:13 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-11 13:13 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-11 13:13 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-11 13:13 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-11 13:13 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-11 13:13 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-11 13:13 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-11 13:13 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-11 13:13 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-11 13:13 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-11 13:13 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-11 13:13 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-11 13:13 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-11 13:13 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-11 13:13 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-11 13:13 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-11 13:13 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-11 13:13 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-11 13:13 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-11 13:13 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-11 13:13 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-11 13:13 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-11 13:13 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-11 13:13 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-11 13:13 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-11 13:13 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-11 13:13 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-11 13:13 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-11 13:13 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-11 13:13 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-11 13:13 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-11 13:13 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-11 13:13 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-11 13:13 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-11 13:13 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-11 13:13 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-11 13:13 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-11 13:13 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-11 13:13 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-11 13:13 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-11 13:13 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-11 13:13 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-11 13:13 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-11 13:13 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-11 13:13 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-11 13:13 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-11 13:13 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-11 13:13 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-11 13:12 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-11 13:12 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-11 13:12 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-11 13:12 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-11 13:12 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-11 13:12 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-11 13:12 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-11 13:12 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-11 13:12 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-11 13:12 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-10 10:12 - 2015-02-10 10:12 - 00001733 _____ () C:\Users\Wolf\Desktop\UDK Editor.lnk 2015-02-09 20:36 - 2015-02-09 20:38 - 00001107 _____ () C:\Users\Lars\Desktop\Adobe Photoshop CS6 (64 Bit).lnk 2015-02-09 20:32 - 2015-02-09 20:32 - 00001733 _____ () C:\Users\Lars\Desktop\UDK Editor.lnk 2015-02-09 20:25 - 2015-02-09 20:25 - 00000000 ____D () C:\UDK 2015-02-09 13:14 - 2015-02-09 13:14 - 00000257 _____ () C:\Users\Wolf\Desktop\▶ Unreal Development Kit UDK Tutorial - 59 - Matinee Interface - YouTube.URL 2015-02-08 17:32 - 2015-02-08 17:32 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2015-02-08 13:10 - 2015-02-08 13:10 - 00003723 _____ () C:\Users\Wolf\Desktop\Feiertage_Hessen_2015.ics 2015-02-08 13:06 - 2015-02-08 13:06 - 00001397 _____ () C:\Users\Wolf\Desktop\Ferien_Hessen_2015.ics 2015-02-08 13:03 - 2015-02-08 13:03 - 00014879 _____ () C:\Users\Wolf\Desktop\Feiertage_2015(1).ics 2015-02-08 12:58 - 2015-02-08 12:57 - 00002399 _____ () C:\Users\Wolf\Desktop\20150208125753.ics 2015-02-08 12:54 - 2015-02-08 12:51 - 00024793 _____ () C:\Users\Wolf\Desktop\feiertage.ics 2015-02-07 16:40 - 2015-02-07 16:40 - 00003152 _____ () C:\Windows\System32\Tasks\{2BD0681E-C618-4630-AB55-5BA99ED5217E} 2015-02-06 14:41 - 2015-02-06 14:46 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\IrfanView 2015-02-06 14:41 - 2015-02-06 14:41 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 2015-02-06 14:41 - 2015-02-06 14:41 - 00000000 ____D () C:\Program Files (x86)\IrfanView 2015-02-03 14:08 - 2015-02-04 19:43 - 12626886 _____ () C:\Users\Wolf\Desktop\MyriadPro-SemiboldIt.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-05 10:14 - 2011-04-23 20:32 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001UA.job 2015-03-05 10:13 - 2014-10-19 08:35 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-05 10:13 - 2011-04-25 08:56 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\EditPlus 3 2015-03-05 10:13 - 2011-04-19 17:17 - 00000000 ____D () C:\Users\Wolf 2015-03-05 09:44 - 2011-07-19 08:55 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-05 09:44 - 2010-11-21 07:50 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2015-03-05 09:44 - 2010-11-21 07:50 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2015-03-05 09:44 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-05 09:38 - 2009-07-14 05:45 - 00027360 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-05 09:38 - 2009-07-14 05:45 - 00027360 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-05 09:35 - 2011-04-19 17:17 - 01826626 _____ () C:\Windows\WindowsUpdate.log 2015-03-05 09:33 - 2011-04-22 15:28 - 00000474 _____ () C:\Windows\BRWMARK.INI 2015-03-05 09:31 - 2011-07-19 08:55 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-05 09:30 - 2014-10-03 09:36 - 00044058 _____ () C:\Windows\setupact.log 2015-03-05 09:30 - 2013-12-24 13:10 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-03-05 09:30 - 2010-11-21 04:47 - 00541856 _____ () C:\Windows\PFRO.log 2015-03-05 09:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-05 09:29 - 2011-04-19 17:32 - 00000038 _____ () C:\dvmaccounts.ini 2015-03-05 08:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\TAPI 2015-03-05 08:39 - 2012-05-31 08:52 - 00000000 ____D () C:\Users\Wolf\AppData\Local\CRE 2015-03-05 08:28 - 2012-03-29 09:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-05 08:13 - 2014-06-15 07:20 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Adobe 2015-03-04 21:11 - 2012-03-27 09:38 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\FileZilla 2015-03-04 15:20 - 2014-04-03 15:16 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\Adobe 2015-03-04 15:20 - 2011-04-23 08:31 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-04 15:19 - 2014-07-28 13:09 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-04 15:17 - 2014-04-03 15:22 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-04 14:14 - 2011-04-23 20:32 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001Core.job 2015-03-04 13:52 - 2014-08-09 07:00 - 00000000 ___HD () C:\Users\Wolf\AppData\Local\ztJxkh1dpIS 2015-03-04 10:24 - 2013-08-05 15:52 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-03-04 10:24 - 2013-08-05 15:52 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-03-04 10:24 - 2013-08-05 15:52 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2015-03-04 09:17 - 2011-12-15 16:36 - 00000600 _____ () C:\Users\Wolf\AppData\Local\PUTTY.RND 2015-03-03 21:26 - 2014-03-30 14:42 - 00002000 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk 2015-03-03 21:26 - 2014-03-30 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-03-03 21:26 - 2014-03-30 14:42 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2015-03-03 19:10 - 2012-12-25 10:43 - 00000000 ____D () C:\Program Files (x86)\Steam 2015-03-03 18:59 - 2013-07-04 18:12 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\.minecraft 2015-03-03 14:46 - 2012-06-05 09:22 - 00000000 ____D () C:\Users\Wolf\AppData\Roaming\vlc 2015-03-02 19:26 - 2014-11-13 15:08 - 00000000 ____D () C:\Users\Lars\Documents\Assassin's Creed Unity 2015-03-02 19:24 - 2011-04-23 11:35 - 00000000 ____D () C:\Users\Lars\AppData\Local\Adobe 2015-03-01 15:47 - 2015-01-27 17:11 - 00205119 _____ () C:\Users\Lars\Documents\Praktikumsbericht.odt 2015-03-01 00:48 - 2011-05-09 08:18 - 00000000 ____D () C:\Users\Wolf\AppData\Local\Windows Live 2015-02-28 16:20 - 2014-08-02 10:58 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Spotify 2015-02-28 12:18 - 2014-08-02 10:58 - 00000000 ____D () C:\Users\Lars\AppData\Local\Spotify 2015-02-26 13:45 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2015-02-26 08:05 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\tracing 2015-02-25 10:10 - 2012-10-12 13:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-02-25 07:54 - 2011-04-23 20:30 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-02-23 15:55 - 2014-02-23 11:05 - 00000000 ____D () C:\Users\Lars\Documents\My Games 2015-02-21 21:05 - 2011-04-25 18:59 - 00077776 _____ () C:\Users\Wolf\Desktop\DesktopOK.ini 2015-02-21 11:51 - 2014-07-07 08:13 - 00000132 _____ () C:\Users\Wolf\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2015-02-20 20:19 - 2011-04-23 20:32 - 00002350 _____ () C:\Users\Wolf\Desktop\Google Chrome.lnk 2015-02-19 20:05 - 2011-04-25 18:46 - 00000000 ___RD () C:\Users\Wolf\Desktop\Tools 2015-02-19 19:53 - 2011-04-23 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark 2015-02-19 19:53 - 2011-04-23 21:32 - 00000000 ____D () C:\Program Files\CrystalDiskMark 2015-02-19 17:27 - 2011-11-29 15:45 - 00000000 ____D () C:\Windows\Minidump 2015-02-15 22:27 - 2011-11-08 13:52 - 00016764 _____ () C:\Windows\TdiInstall.log 2015-02-15 22:27 - 2011-11-08 13:52 - 00000000 ____D () C:\ProgramData\Birdstep Technology 2015-02-15 22:27 - 2011-04-19 17:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-15 22:22 - 2011-04-23 21:32 - 00000079 _____ () C:\Users\Wolf\AppData\Local\CrystalDiskMark30.ini 2015-02-15 22:10 - 2011-04-23 08:36 - 00000000 ___RD () C:\Users\Wolf\Desktop\Bildbearbeitung 2015-02-15 22:03 - 2014-04-03 15:31 - 00000000 ___RD () C:\Users\Wolf\Desktop\Adobe CS 6 2015-02-15 21:57 - 2011-12-09 22:46 - 00000600 _____ () C:\Users\Wolf\AppData\Roaming\winscp.rnd 2015-02-15 21:54 - 2011-04-23 09:43 - 00000000 ___RD () C:\Users\Wolf\Desktop\Hausverwaltung 2015-02-15 21:19 - 2011-04-09 12:16 - 00430592 _____ (Nenad Hrg SoftwareOK) C:\Users\Wolf\Desktop\DesktopOK_x64.exe 2015-02-14 21:41 - 2014-05-26 17:46 - 00001456 _____ () C:\Users\Wolf\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2015-02-14 20:23 - 2014-05-11 10:39 - 00000132 _____ () C:\Users\Wolf\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen 2015-02-13 12:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-12 12:45 - 2011-04-19 17:28 - 00000000 ____D () C:\temp 2015-02-12 07:52 - 2009-07-14 05:45 - 05040544 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 07:50 - 2014-12-12 08:33 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-12 07:50 - 2014-05-06 21:24 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-12 07:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-02-11 22:57 - 2012-05-13 10:08 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-11 22:56 - 2013-08-08 17:39 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-11 22:52 - 2011-04-22 09:12 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-11 20:20 - 2013-12-24 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-02-09 20:28 - 2014-12-14 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Development Kit 2015-02-09 20:26 - 2014-10-09 17:05 - 00019520 _____ () C:\Windows\DirectX.log 2015-02-08 17:32 - 2011-04-23 11:35 - 00000000 ____D () C:\Users\Lars\AppData\Roaming\Adobe 2015-02-06 14:39 - 2011-07-19 08:55 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-06 14:39 - 2011-07-19 08:55 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-05 22:01 - 2015-01-22 17:35 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-02-05 22:01 - 2014-11-20 10:42 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-02-05 22:01 - 2013-12-24 13:08 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-02-05 22:01 - 2013-12-24 13:08 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-02-05 22:01 - 2013-12-24 13:08 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-02-05 22:01 - 2013-12-24 13:08 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-02-05 22:01 - 2013-12-24 13:08 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-02-05 22:01 - 2013-12-24 13:08 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-02-05 20:07 - 2013-12-24 13:09 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-02-05 20:07 - 2013-12-24 13:09 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-02-05 20:07 - 2013-12-24 13:09 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-02-05 20:07 - 2013-12-24 13:09 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-02-05 20:07 - 2013-12-24 13:09 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-02-05 20:06 - 2013-12-24 13:09 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-02-05 13:50 - 2013-12-24 13:09 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin 2015-02-05 10:13 - 2014-10-19 08:35 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-05 10:13 - 2014-10-19 08:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-05 10:13 - 2014-10-19 08:35 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-04 14:09 - 2011-04-23 20:32 - 00004084 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001UA 2015-02-04 14:09 - 2011-04-23 20:32 - 00003688 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001Core 2015-02-04 08:54 - 2011-04-23 08:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2015-02-03 16:37 - 2011-04-22 10:28 - 00104064 _____ () C:\Users\Lars\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-03 14:38 - 2011-04-20 08:19 - 00104064 _____ () C:\Users\Wolf\AppData\Local\GDIPFONTCACHEV1.DAT ==================== Files in the root of some directories ======= 2015-02-02 12:06 - 2015-02-02 12:06 - 0000132 _____ () C:\Users\Wolf\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen 2014-05-11 10:39 - 2015-02-14 20:23 - 0000132 _____ () C:\Users\Wolf\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen 2014-07-07 08:13 - 2015-02-21 11:51 - 0000132 _____ () C:\Users\Wolf\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2011-04-24 13:45 - 2014-01-30 16:52 - 0000132 _____ () C:\Users\Wolf\AppData\Roaming\Adobe GIF Format CS5 Prefs 2011-12-09 22:46 - 2015-02-15 21:57 - 0000600 _____ () C:\Users\Wolf\AppData\Roaming\winscp.rnd 2014-05-26 17:46 - 2015-02-14 21:41 - 0001456 _____ () C:\Users\Wolf\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2011-04-23 21:32 - 2015-02-15 22:22 - 0000079 _____ () C:\Users\Wolf\AppData\Local\CrystalDiskMark30.ini 2011-05-09 09:49 - 2011-05-09 09:49 - 0003584 _____ () C:\Users\Wolf\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-12-15 16:36 - 2015-03-04 09:17 - 0000600 _____ () C:\Users\Wolf\AppData\Local\PUTTY.RND 2013-11-01 17:32 - 2014-05-27 20:34 - 0007609 _____ () C:\Users\Wolf\AppData\Local\Resmon.ResmonCfg 2011-09-15 07:20 - 2011-09-15 07:20 - 0000000 _____ () C:\Users\Wolf\AppData\Local\{1A0B66EC-162B-4D9D-A5EB-EC4FD18DE52C} 2012-06-22 13:16 - 2012-06-22 13:26 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt 2012-03-22 15:05 - 2012-03-22 15:05 - 0000336 _____ () C:\ProgramData\McrckyYASttRj1 2012-03-22 15:05 - 2012-03-22 15:05 - 0000264 _____ () C:\ProgramData\~McrckyYASttRj1 2012-03-22 15:05 - 2012-03-22 15:05 - 0000176 _____ () C:\ProgramData\~McrckyYASttRj1r Files to move or delete: ==================== C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe C:\Users\Wolf\FileZilla_3.5.2_win32-setup.exe Some content of TEMP: ==================== C:\Users\Drop\AppData\Local\Temp\avgnt.exe C:\Users\Lars\AppData\Local\Temp\avgnt.exe C:\Users\Test-Admin\AppData\Local\Temp\avgnt.exe C:\Users\Wolf\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\Wolf\AppData\Local\Temp\avgnt.exe C:\Users\Wolf\AppData\Local\Temp\SpOrder.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 11:28 ==================== End Of Log ============================ |
|
05.03.2015, 13:30
| #4 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Addition.txt FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Wolf at 2015-03-05 10:18:36
Running from C:\Users\Wolf\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe CS6 Design and Web Premium (HKLM-x32\...\{402F6F2E-5683-491C-977D-0CA599A07CAF}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
ALDI Bestellsoftware 4.12.2 (HKLM-x32\...\ALDI Bestellsoftware) (Version: 4.12.2 - ORWO Net)
Alternate HASH-Generator 1.001 (HKLM-x32\...\Alternate HASH-Generator_is1) (Version: - Alternate Tools)
Alternate Password DB 1.411 (HKLM-x32\...\Alternate Password DB_is1) (Version: - Alternate Tools)
Alternate Pic View 1.421 (HKLM-x32\...\Alternate Pic View_is1) (Version: - Alternate Tools)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.644 - Avira)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Assassin’s Creed Unity (HKLM-x32\...\Steam App 289650) (Version: - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version: - Ubisoft Montreal)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Auerswald COMlist 2.5.2 (HKLM-x32\...\{F7B74F3E-8B6C-4826-802E-B907BAAE4E4B}) (Version: 2.5.2 - Auerswald GmbH & Co.KG)
Auerswald COMset 2.7.2 (HKLM-x32\...\{B1D2A138-D53E-4D3F-B547-EA2277007746}) (Version: 2.7.2 - Auerswald GmbH & Co.KG)
Auerswald COMtools 2.3.2 (HKLM-x32\...\{CEDE5E8A-37C3-40C7-8F9C-7D0E70DA0C9E}) (Version: 2.3.2 - Auerswald GmbH & Co.KG)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
bcTester 4.9 (de) (HKLM-x32\...\{CD27A577-BD77-481D-9E07-314AE9059A77}) (Version: 4.9.0 - QS QualitySoft GmbH)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Brother MFL-Pro Suite MFC-9840CDW (HKLM-x32\...\{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Burnout(TM) Paradise The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.1.0.0 - Electronic Arts)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - Infinity Ward)
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version: - Infinity Ward)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon iP4300 Benutzerregistrierung (HKLM-x32\...\Canon iP4300 Benutzerregistrierung) (Version: - )
Canon iP4900 series Benutzerregistrierung (HKLM-x32\...\Canon iP4900 series Benutzerregistrierung) (Version: - )
Canon iP4900 series On-screen Manual (HKLM-x32\...\Canon iP4900 series On-screen Manual) (Version: - )
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Setup Utility 2.3 (HKLM-x32\...\Canon Setup Utility 2.3) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Canon Utilities Easy-PhotoPrint (HKLM-x32\...\Easy-PhotoPrint) (Version: - )
Canon Utilities Easy-PrintToolBox (HKLM-x32\...\Easy-PrintToolBox) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2523 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CrystalDiskMark 3.0.3b (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3b - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Democracy 3 (HKLM-x32\...\Steam App 245470) (Version: - Positech Games)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version: - )
Easy GIF Animator 5.5 (HKLM-x32\...\Easy GIF Animator_is1) (Version: Easy GIF Animator 5.0 - Karlis Blumentals)
easyFly 3 (HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\{D6F241BA-6CAC-4973-B510-A3B60DF56F76}) (Version: 3.0.1.1 - IPACS)
EditPlus 3 (HKLM-x32\...\EditPlus 3) (Version: - ES-Computing)
EMET (HKLM-x32\...\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}) (Version: 3.0.0 - Microsoft)
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.03.02 - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EXIFeditor (HKLM-x32\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Express Gate Tools (HKLM-x32\...\{32394A59-A39C-4C90-A9A5-F16B0C7442E1}) (Version: 1.0.0.9 - DeviceVM)
Far Cry 4 (HKLM-x32\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freez FLV to AVI/MPEG/WMV Converter (HKLM-x32\...\Freez FLV to AVI/MPEG/WMV Converter v1.6_is1) (Version: 1.6 - www.smallvideosoft.com)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version: - Telltale Games)
GeoGebra 4.4 (HKLM-x32\...\GeoGebra 4.4) (Version: 4.4.44.0 - International GeoGebra Institute)
GermaniX Transcoder (HKLM-x32\...\{BF29BDFC-4DF0-4C00-BE14-B326D0BA84B6}_is1) (Version: 4.2 - GermaniXSoft)
GMX SMS-Manager (HKLM-x32\...\com.unitedinternet.ums.sms-mms-manager) (Version: 3.3 - 1 und 1 Internet AG)
GMX SMS-Manager (x32 Version: 3.3 - 1 und 1 Internet AG) Hidden
GMX Upload-Manager (HKLM-x32\...\GMX Upload-Manager) (Version: 2.0.670 - 1&1 Mail & Media GmbH)
Google Chrome (HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Desktop (HKLM-x32\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Haunt 1.0 64bit (HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Haunt 1.0 64bit) (Version: - )
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version: - IO Interactive)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
jAlbum (HKLM-x32\...\{F4002488-B369-4640-B40A-0C65126BE784}) (Version: 12.5.3 - Jalbum AB)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 2 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.240 - Oracle)
JRE 1.6.1 (HKLM-x32\...\{B256C380-AC47-4681-8342-7F42E4F0F434}) (Version: 1.6.1 - Auerswald GmbH & Co.KG)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
LibreOffice 4.2 Help Pack (German) (HKLM-x32\...\{2EC623B7-3559-4058-B4AC-14DC018FC0B7}) (Version: 4.2.6.3 - The Document Foundation)
LibreOffice 4.2.6.3 (HKLM-x32\...\{14DB1822-00B5-4820-86B5-EF893CA46B53}) (Version: 4.2.6.3 - The Document Foundation)
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.186 - Logitech Inc.)
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1042 - Marvell)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)
Mediaport (HKLM-x32\...\Mediaport) (Version: - )
Metro: Last Light Redux (HKLM-x32\...\Steam App 287390) (Version: - 4A Games)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft OpenType Font File Properties Extension (HKLM-x32\...\{45EA11B5-874D-480E-89B9-2545505BBE3E}) (Version: 2.30.0000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.1.0 - Electronic Arts)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MPEG4E VFW - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\MPEG4E) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEF Codec (HKLM-x32\...\{A89768CF-CD21-44FD-A723-16D5A8557415}) (Version: 1.00.0000 - Nikon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera 11.61 (HKLM-x32\...\Opera 11.61.1250) (Version: 11.61.1250 - Opera Software ASA)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Paragon Festplatten Manager™ 12 Professional (HKLM-x32\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peter's XML Editor (HKLM-x32\...\{5E770B51-820C-402E-8569-E02D12C212D2}) (Version: 2.00.0000 - Peter Reynolds)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
phonostar-Player Version 3.02.6 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PuTTY version 0.62 (HKLM-x32\...\PuTTY_is1) (Version: 0.62 - Simon Tatham)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5973 - Realtek Semiconductor Corp.)
Roberts File Renamer 1.8.2 (HKLM-x32\...\RobertsFileRenamer_is1) (Version: 1.8.2 - Robert Bliem)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12054_20 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12054_20 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.3.90903 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (x32 Version: 3.0.0.90903 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (HKLM-x32\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.5.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Spotify (HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version: - Hinterland Studio Inc.)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly)
TurboV (HKLM-x32\...\{A31951C5-DCD8-4DFE-A525-CFC701F54792}) (Version: 1.03.00 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity (HKLM-x32\...\Unity) (Version: 4.5.4f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-16447771-1256991811-2654833542-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unreal Development Kit: 2014-08 (HKLM\...\UDK-a5e9ce78-76bc-4ecb-95e7-f238051a0f3c) (Version: - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Vallen JPegger (HKLM-x32\...\{73182AC3-5CC3-4161-AE97-F23E09B13147}) (Version: V5.62 (Build: 9.1221) - Vallen Systeme GmbH)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Steam App 243470) (Version: - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinSCP 4.3.5 (HKLM-x32\...\winscp3_is1) (Version: 4.3.5 - Martin Prikryl)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-16447771-1256991811-2654833542-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Wolf\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
19-02-2015 19:54:10 LavasoftWeCompanion
19-02-2015 20:07:54 LavasoftWeCompanion
25-02-2015 21:46:45 Windows Update
04-03-2015 15:18:00 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
04-03-2015 15:18:14 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
04-03-2015 15:18:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
04-03-2015 15:19:18 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-06-17 12:37 - 00438443 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 google-analytics.com
127.0.0.1 www.google-analytics.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14B4200A-5012-4F3C-95C1-EA20D67F4B40} - System32\Tasks\{2BD0681E-C618-4630-AB55-5BA99ED5217E} => pcalua.exe -a "D:\Eigene Dateien\Downloads\wlsetup-web(2).exe" -d "D:\Eigene Dateien\Downloads"
Task: {3A0F7365-E05D-4161-99C4-F177BC4AC0EE} - System32\Tasks\Opera scheduled Autoupdate 1423821448 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software)
Task: {3AAC76C9-04D2-4EA8-8ADF-A77052D973A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-03] (Google Inc.)
Task: {3F4CF6B6-1945-4870-A224-7FD83DA7368A} - System32\Tasks\AdobeAAMUpdater-1.0-Wolf-PC-Lars => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {4603851A-156A-4FA9-AE9E-27CBC24058D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {47521FEB-7C82-44B4-B674-6EF27A91FFDF} - System32\Tasks\{0E72EB27-0017-4C0B-848C-20236FAED281} => pcalua.exe -a "D:\Eigene Dateien\Downloads\MFC-9840CDW-inst-win7-A2.EXE" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {53A8D6BA-76AB-4CAF-B289-294320FE5F84} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6466287B-DB42-4657-A8B4-52B25B80A2E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {64E063C6-5849-47B9-AA7D-1E070545263F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-03] (Google Inc.)
Task: {72DC5A46-68C8-4AD8-8257-6DA2FD15CFBF} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files\ASUS\Six Engine\SixEngine.exe [2009-11-26] (ASUSTeK Computer Inc.)
Task: {7D1BFF9C-6CCE-4997-80F0-EE94C19504FE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {8618997D-E043-47DF-AE7F-7B481DBAE2F5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {903157E9-49A6-449C-A2B7-1BD28B2EDC84} - System32\Tasks\{925FD6F2-CB1D-45AD-9C5D-38A3A5BDC97C} => pcalua.exe -a "C:\Program Files (x86)\Canon\IJEREG\iP4300\UNINST.EXE"
Task: {997E9D8B-67FE-4CD8-902A-8CB9798C39BB} - System32\Tasks\AdobeAAMUpdater-1.0-Wolf-PC-Wolf => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {9DF24F9C-2AF9-4A8F-A410-1F243B25BBA0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001Core => C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {9FC4011C-D38F-4870-8D25-DFAB2C6AE62F} - System32\Tasks\{12921978-53E0-492B-B722-D1E352282C8D} => pcalua.exe -a "C:\Users\Wolf\AppData\Local\Mozilla Firefox\uninstall\helper.exe" -d "C:\Users\Wolf\AppData\Local\Mozilla Firefox" -c /UAC:10490 /NCRC /SetAsDefaultAppUser
Task: {A750409C-34CE-49D3-8165-AA56BF989C28} - System32\Tasks\{77496AE1-A949-45A8-8D89-E32813F461B1} => pcalua.exe -a "D:\Eigene Dateien\Downloads\Sunbird Setup 1.0 Beta 1(1).exe" -d "D:\Eigene Dateien\Downloads"
Task: {B2120535-02F0-4DE5-8AFF-C5FD4E5B2561} - System32\Tasks\{D7601978-1575-48FE-819A-F191ABD9B94B} => pcalua.exe -a "D:\Eigene Dateien\Downloads\Shockwave_Installer_Slim(1).exe" -d "D:\Eigene Dateien\Downloads"
Task: {B30A6508-1DEE-4E08-B7F0-4CDA5BA10F6B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {C6FAFD50-7507-4996-A9C3-D914900F1D17} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001UA => C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {EA54F679-281E-48E5-8B0B-626D67EEEE59} - System32\Tasks\{D9026554-620B-44BF-BF79-8EBBF604037C} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe [2014-12-03] (Adobe Systems Incorporated)
Task: {EF5CCFA2-AD57-48BF-A47F-D39C22D5BBBC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001Core.job => C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001UA.job => C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-12-24 13:09 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-20 17:35 - 2014-10-09 17:06 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-04-22 15:28 - 2005-04-22 12:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2015-02-11 15:13 - 2015-02-11 15:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-02 15:43 - 2015-03-02 15:43 - 00099288 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-02-09 01:56 - 2011-02-09 01:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2011-04-25 08:55 - 2011-04-16 10:33 - 00060512 _____ () C:\Program Files (x86)\EditPlus 3\eppshell64.dll
2011-10-07 10:39 - 2011-10-07 10:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2014-07-02 22:54 - 2014-07-02 22:54 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-02 22:59 - 2014-07-02 22:59 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-02 22:54 - 2014-07-02 22:54 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-02 22:59 - 2014-07-02 22:59 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-08-17 14:29 - 2012-04-03 16:14 - 00041472 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2012-06-08 03:02 - 2012-06-08 03:02 - 00021432 _____ () C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
2015-02-11 15:12 - 2015-02-11 15:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-28 16:31 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-28 16:31 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-28 16:31 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-28 16:31 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-28 16:31 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-04-19 17:28 - 2009-04-22 19:20 - 00179712 _____ () C:\Program Files\ASUS\Six Engine\ASUSSERVICE.DLL
2011-04-19 17:28 - 2009-08-27 18:41 - 00565248 _____ () C:\Program Files\ASUS\Six Engine\pngio.dll
2011-04-19 17:28 - 2009-08-27 18:41 - 00053248 _____ () C:\Program Files\ASUS\Six Engine\AsSpindownTimeout.dll
2015-02-19 18:07 - 2015-02-19 18:07 - 00115137 _____ () C:\Users\Wolf\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
2015-03-02 21:30 - 2015-03-02 21:30 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2011-04-22 15:28 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-12-03 19:07 - 2014-12-03 19:07 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2015-02-15 14:58 - 2015-02-15 14:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-02-15 14:58 - 2015-02-15 14:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-02-15 14:58 - 2015-02-15 14:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Wolf\Lokale Einstellungen:o5qgJGkVviISGsC8WdKekxV
AlternateDataStreams: C:\Users\Wolf\AppData\Local:o5qgJGkVviISGsC8WdKekxV
AlternateDataStreams: C:\Users\Wolf\AppData\Local\Anwendungsdaten:o5qgJGkVviISGsC8WdKekxV
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Google Update => "C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe" /c
==================== Accounts: =============================
Administrator (S-1-5-21-16447771-1256991811-2654833542-500 - Administrator - Disabled)
Gast (S-1-5-21-16447771-1256991811-2654833542-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-16447771-1256991811-2654833542-1002 - Limited - Enabled)
Lars (S-1-5-21-16447771-1256991811-2654833542-1003 - Limited - Enabled) => C:\Users\Lars
Wolf (S-1-5-21-16447771-1256991811-2654833542-1001 - Administrator - Enabled) => C:\Users\Wolf
==================== Faulty Device Manager Devices =============
Name: Conrad WS 777
Description: Conrad WS 777
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/05/2015 09:30:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/05/2015 08:42:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/05/2015 08:28:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (03/05/2015 08:15:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Dreamweaver.exe, Version: 12.0.3.5861, Zeitstempel: 0x50be54e4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x26ec
Startzeit der fehlerhaften Anwendung: 0xDreamweaver.exe0
Pfad der fehlerhaften Anwendung: Dreamweaver.exe1
Pfad des fehlerhaften Moduls: Dreamweaver.exe2
Berichtskennung: Dreamweaver.exe3
Error: (03/05/2015 08:04:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/04/2015 03:20:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (03/04/2015 03:10:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PDApp.exe, Version: 6.2.136.0, Zeitstempel: 0x505604c9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x1a64
Startzeit der fehlerhaften Anwendung: 0xPDApp.exe0
Pfad der fehlerhaften Anwendung: PDApp.exe1
Pfad des fehlerhaften Moduls: PDApp.exe2
Berichtskennung: PDApp.exe3
Error: (03/04/2015 03:00:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PDApp.exe, Version: 6.2.136.0, Zeitstempel: 0x505604c9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x2a60
Startzeit der fehlerhaften Anwendung: 0xPDApp.exe0
Pfad der fehlerhaften Anwendung: PDApp.exe1
Pfad des fehlerhaften Moduls: PDApp.exe2
Berichtskennung: PDApp.exe3
Error: (03/04/2015 01:50:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: InDesign.exe, Version: 8.1.0.420, Zeitstempel: 0x54aaae3e
Name des fehlerhaften Moduls: Public.dll, Version: 8.1.0.420, Zeitstempel: 0x54aaadca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0006d8f1
ID des fehlerhaften Prozesses: 0x2628
Startzeit der fehlerhaften Anwendung: 0xInDesign.exe0
Pfad der fehlerhaften Anwendung: InDesign.exe1
Pfad des fehlerhaften Moduls: InDesign.exe2
Berichtskennung: InDesign.exe3
Error: (03/04/2015 01:50:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Fireworks.exe, Version: 12.0.1.273, Zeitstempel: 0x518a1f57
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000212b3
ID des fehlerhaften Prozesses: 0x2528
Startzeit der fehlerhaften Anwendung: 0xFireworks.exe0
Pfad der fehlerhaften Anwendung: Fireworks.exe1
Pfad des fehlerhaften Moduls: Fireworks.exe2
Berichtskennung: Fireworks.exe3
System errors:
=============
Error: (03/05/2015 10:03:49 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (03/05/2015 10:03:44 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (03/05/2015 10:03:36 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (03/05/2015 10:03:32 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (03/05/2015 10:03:28 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (03/05/2015 09:31:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (03/05/2015 09:30:39 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/05/2015 08:43:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
StarOpen
Error: (03/05/2015 08:41:58 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (03/05/2015 08:40:40 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Microsoft Office Sessions:
=========================
Error: (03/05/2015 09:30:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/05/2015 08:42:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/05/2015 08:28:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\phonostar-Player\phonostar.exe
Error: (03/05/2015 08:15:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dreamweaver.exe12.0.3.586150be54e4ntdll.dll6.1.7601.18247521ea8e7c000000500038e1926ec01d0571425c6920bC:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exeC:\Windows\SysWOW64\ntdll.dll65f489a8-c307-11e4-9971-bcaec50efa68
Error: (03/05/2015 08:04:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/04/2015 03:20:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\phonostar-Player\phonostar.exe
Error: (03/04/2015 03:10:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PDApp.exe6.2.136.0505604c9ntdll.dll6.1.7601.18247521ea8e7c000000500038e191a6401d05684e74988e4C:\Users\Wolf\AppData\Local\Adobe\OOBE\PDApp\core\PDApp.exeC:\Windows\SysWOW64\ntdll.dll2c1ef9f3-c278-11e4-9b3c-bcaec50efa68
Error: (03/04/2015 03:00:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PDApp.exe6.2.136.0505604c9ntdll.dll6.1.7601.18247521ea8e7c000000500038e192a6001d056835168f89bC:\Users\Wolf\AppData\Local\Adobe\OOBE\PDApp\core\PDApp.exeC:\Windows\SysWOW64\ntdll.dllc384e391-c276-11e4-9b3c-bcaec50efa68
Error: (03/04/2015 01:50:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: InDesign.exe8.1.0.42054aaae3ePublic.dll8.1.0.42054aaadcac00000050006d8f1262801d05679cb2b377fC:\Program Files (x86)\Adobe\Adobe InDesign CS6\InDesign.exeC:\Program Files (x86)\Adobe\Adobe InDesign CS6\Public.dll1a13ffc3-c26d-11e4-9b3c-bcaec50efa68
Error: (03/04/2015 01:50:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fireworks.exe12.0.1.273518a1f57KERNELBASE.dll6.1.7601.1840953159a86c0000005000212b3252801d05679bcf0bc49C:\Program Files (x86)\Adobe\Adobe Fireworks CS6\Fireworks.exeC:\Windows\syswow64\KERNELBASE.dllfc1ea546-c26c-11e4-9b3c-bcaec50efa68
CodeIntegrity Errors:
===================================
Date: 2013-04-20 15:45:26.795
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.711
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.627
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.543
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_f0780c78ec8773db\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.440
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.355
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.272
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.188
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_ee8c936cef65a88f\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:26.079
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-20 15:45:25.986
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\winsxs\x86_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6000.16386_none_ec55d170f27a97bb\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU 960 @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 12279.11 MB
Available physical RAM: 8788.72 MB
Total Pagefile: 24556.41 MB
Available Pagefile: 20663.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:708.51 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:683.67 GB) NTFS
Drive e: (Daten alter Medion-PC) (Fixed) (Total:445.76 GB) (Free:283.32 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Daten #1) (Fixed) (Total:485.75 GB) (Free:228.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 8B23CBD2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 4D96EC3E)
Partition 1: (Active) - (Size=445.8 GB) - (Type=42)
Partition 2: (Not Active) - (Size=485.8 GB) - (Type=42)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 044AD521)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gmer.txt GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-05 10:47:22
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk2\DR2 -> \Device\Scsi\mv91xx1Port1Path0Target0Lun0 Samsung_ rev.EXT0 931,51GB
Running: o440z2ih.exe; Driver: C:\Users\Wolf\AppData\Local\Temp\kxldqpob.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[2440] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82 00000000724e17fa 2 bytes CALL 759811a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2440] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88 00000000724e1860 2 bytes CALL 759811a9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2440] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98 00000000724e1942 2 bytes JMP 76207089 C:\Windows\syswow64\WS2_32.dll
.text C:\Windows\SysWOW64\PnkBstrA.exe[2440] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109 00000000724e194d 2 bytes JMP 7620cba6 C:\Windows\syswow64\WS2_32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4320] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 0000000077b7f8ea 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[5400] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[6040] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe[5164] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[5980] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\sort.exe[5012] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[5304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Windows\SysWOW64\relog.exe[8116] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[7756] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075ee1401 2 bytes JMP 759ab21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075ee1419 2 bytes JMP 759ab346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075ee1431 2 bytes JMP 75a28ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000075ee144a 2 bytes CALL 759848ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000075ee14dd 2 bytes JMP 75a287a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000075ee14f5 2 bytes JMP 75a28978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000075ee150d 2 bytes JMP 75a28698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075ee1525 2 bytes JMP 75a28a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000075ee153d 2 bytes JMP 7599fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075ee1555 2 bytes JMP 759a68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000075ee156d 2 bytes JMP 75a28f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075ee1585 2 bytes JMP 75a28ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000075ee159d 2 bytes JMP 75a2865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000075ee15b5 2 bytes JMP 7599fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000075ee15cd 2 bytes JMP 759ab2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000075ee16b2 2 bytes JMP 75a28e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe[6876] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000075ee16bd 2 bytes JMP 75a285f1 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Windows\SysWOW64\sort.exe [5012:5360] 000000007ef98c53
Thread C:\Windows\SysWOW64\sort.exe [5012:5532] 000000007ef98c05
Thread C:\Windows\SysWOW64\sort.exe [5012:5296] 000000007ef9a204
Thread C:\Windows\SysWOW64\sort.exe [5012:6368] 000000007ef9fa41
Thread C:\Windows\SysWOW64\sort.exe [5012:6524] 000000007efa3d76
Thread C:\Windows\SysWOW64\relog.exe [8116:7284] 000000007ef98c53
Thread C:\Windows\SysWOW64\relog.exe [8116:8176] 000000007ef98c05
Thread C:\Windows\SysWOW64\relog.exe [8116:7644] 000000007ef9a204
Thread C:\Windows\SysWOW64\relog.exe [8116:7860] 000000007ef9fa41
Thread C:\Windows\SysWOW64\relog.exe [8116:2820] 000000007efa3d76
---- Processes - GMER 2.1 ----
Process C:\ASUS.SYS\CONFIG\DVMExportService.exe (*** suspicious ***) @ C:\ASUS.SYS\CONFIG\DVMExportService.exe [2276] (DVMExport Application/DeviceVM)(2009-03- 0000000000400000
---- EOF - GMER 2.1 ----
|
|
05.03.2015, 13:33
| #5 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Avira-Log_1_AVSCAN-20150305-081017-54F26CC4.LOG Code:
ATTFilter
Antivirus Pro
Erstellungsdatum der Reportdatei: Donnerstag, 5. März 2015 08:10
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Eckehard Wolf
Seriennummer : 2216206382-PEPWE-0000001
Plattform : Windows 7 Ultimate
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : WOLF-PC
Versionsinformationen:
BUILD.DAT : 15.0.8.644 94169 Bytes 24.02.2015 09:56:00
AVSCAN.EXE : 15.0.8.644 1015032 Bytes 04.03.2015 09:24:13
AVSCANRC.DLL : 15.0.8.480 64304 Bytes 04.03.2015 09:24:13
LUKE.DLL : 15.0.8.644 60664 Bytes 04.03.2015 09:24:19
AVSCPLR.DLL : 15.0.8.538 93488 Bytes 04.03.2015 09:24:13
REPAIR.DLL : 15.0.8.644 366328 Bytes 04.03.2015 09:24:13
REPAIR.RDF : 1.0.5.84 775322 Bytes 04.03.2015 09:24:21
AVREG.DLL : 15.0.8.644 265464 Bytes 04.03.2015 09:24:13
AVLODE.DLL : 15.0.8.644 645368 Bytes 04.03.2015 09:24:12
AVLODE.RDF : 14.0.4.54 78895 Bytes 28.01.2015 15:24:28
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:48
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:48
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:48
XBV00056.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00057.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00058.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00059.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00060.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00061.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00062.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00063.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00064.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00065.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00066.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00067.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00068.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00069.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00070.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00071.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00072.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00073.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00074.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00075.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00076.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00077.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00078.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00079.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00080.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00081.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00082.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00083.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00084.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00085.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00086.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00087.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00088.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00089.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00090.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00091.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00092.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00093.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00094.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00095.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00096.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00097.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00098.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00099.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00100.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00101.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00102.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00103.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00104.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00105.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00106.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00107.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00108.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00109.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00110.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00111.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00112.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00113.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00114.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00115.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00116.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00117.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00118.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00119.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00120.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00121.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00122.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00123.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00124.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00125.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00126.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00127.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00128.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00129.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00130.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00131.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00132.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00133.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00134.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00135.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00136.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00137.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00138.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00139.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00140.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00141.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00142.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00143.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00144.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00145.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00146.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00147.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00148.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00149.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00150.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00151.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00152.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00153.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00154.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00155.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00156.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00157.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00158.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00159.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00160.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00161.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00162.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00163.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00164.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00165.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00166.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00167.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00168.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00169.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00170.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00171.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00172.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00173.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00174.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00175.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00176.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00177.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00178.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00179.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00180.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00181.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00182.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00183.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00184.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00185.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00186.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00187.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00188.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00189.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00190.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00191.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00192.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00193.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00194.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00195.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00196.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00197.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00198.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00199.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00200.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00201.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00202.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00203.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00204.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00205.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00206.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00207.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00208.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00209.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00210.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00211.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00212.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00213.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00214.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00215.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00216.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00217.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00218.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00219.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00220.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00221.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00222.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00223.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00224.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00225.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00226.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00227.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00228.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00229.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00230.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00231.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00232.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00233.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00234.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00235.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00236.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00237.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00238.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00239.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00240.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00241.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00242.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00243.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00244.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00245.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00246.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00247.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00248.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00249.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00250.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00251.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00252.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00253.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00254.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00255.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 16:46:17
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:57:44
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 14:19:59
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 15:46:43
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 14:20:51
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 10:06:19
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 13:28:12
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 11:58:11
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 12:40:47
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 11:44:06
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 10:48:13
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 17:01:09
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 15:24:29
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 15:24:29
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 11:46:08
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 07:24:03
XBV00042.VDF : 8.11.213.86 2048 Bytes 03.03.2015 07:24:03
XBV00043.VDF : 8.11.213.90 2048 Bytes 03.03.2015 07:24:03
XBV00044.VDF : 8.11.213.94 24064 Bytes 03.03.2015 07:24:03
XBV00045.VDF : 8.11.213.100 23552 Bytes 04.03.2015 07:24:03
XBV00046.VDF : 8.11.213.102 10240 Bytes 04.03.2015 09:24:20
XBV00047.VDF : 8.11.213.106 7680 Bytes 04.03.2015 11:19:45
XBV00048.VDF : 8.11.213.110 2048 Bytes 04.03.2015 11:19:45
XBV00049.VDF : 8.11.213.114 12800 Bytes 04.03.2015 07:08:10
XBV00050.VDF : 8.11.213.118 2048 Bytes 04.03.2015 07:08:10
XBV00051.VDF : 8.11.213.126 35328 Bytes 04.03.2015 07:08:10
XBV00052.VDF : 8.11.213.128 24064 Bytes 04.03.2015 07:08:10
XBV00053.VDF : 8.11.213.132 10752 Bytes 04.03.2015 07:08:10
XBV00054.VDF : 8.11.213.136 14848 Bytes 04.03.2015 07:08:10
XBV00055.VDF : 8.11.213.138 2048 Bytes 04.03.2015 07:08:10
LOCAL001.VDF : 8.11.213.138 123466240 Bytes 04.03.2015 07:08:22
Engineversion : 8.3.28.30
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 13:55:22
AESCRIPT.DLL : 8.2.2.56 554920 Bytes 13.02.2015 09:17:28
AESCN.DLL : 8.3.2.2 139456 Bytes 21.07.2014 12:01:27
AESBX.DLL : 8.2.20.34 1615784 Bytes 04.03.2015 11:19:45
AERDL.DLL : 8.2.1.20 731040 Bytes 11.02.2015 15:04:24
AEPACK.DLL : 8.4.0.62 793456 Bytes 20.02.2015 16:20:25
AEOFFICE.DLL : 8.3.1.12 350120 Bytes 19.02.2015 17:11:47
AEMOBILE.DLL : 8.1.2.0 277360 Bytes 28.01.2015 15:24:28
AEHEUR.DLL : 8.1.4.1568 8182640 Bytes 04.03.2015 11:19:45
AEHELP.DLL : 8.3.1.0 278728 Bytes 28.05.2014 14:42:02
AEGEN.DLL : 8.1.7.40 456608 Bytes 28.01.2015 15:24:27
AEEXP.DLL : 8.4.2.70 255904 Bytes 06.02.2015 12:09:58
AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 14:40:46
AEDROID.DLL : 8.4.3.6 850800 Bytes 28.01.2015 15:24:28
AECORE.DLL : 8.3.4.0 243624 Bytes 28.01.2015 15:24:27
AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 14:40:46
AVWINLL.DLL : 15.0.8.644 25904 Bytes 04.03.2015 09:24:10
AVPREF.DLL : 15.0.8.644 52016 Bytes 04.03.2015 09:24:13
AVREP.DLL : 15.0.8.644 220464 Bytes 04.03.2015 09:24:13
AVARKT.DLL : 15.0.8.644 227120 Bytes 04.03.2015 09:24:11
AVEVTLOG.DLL : 15.0.8.644 184568 Bytes 04.03.2015 09:24:11
SQLITE3.DLL : 15.0.8.644 455472 Bytes 04.03.2015 09:24:20
AVSMTP.DLL : 15.0.8.644 78128 Bytes 04.03.2015 09:24:13
NETNT.DLL : 15.0.8.644 16120 Bytes 04.03.2015 09:24:19
RCIMAGE.DLL : 15.0.8.480 4887856 Bytes 04.03.2015 09:24:10
RCTEXT.DLL : 15.0.8.614 76536 Bytes 04.03.2015 09:24:10
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_54f7ffaf\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Beginn des Suchlaufs: Donnerstag, 5. März 2015 08:10
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '169' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeUpdateService.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsSysCtrlService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'GfExperienceService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'DVMExportService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDFSSvc.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDUpdSvc.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc7.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAANTMon.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWSCSvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'sppsvc.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'WMIADAP.EXE' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'SixEngine.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '178' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvOAWrapperCache.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAAnotif.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'BJMYPRT.EXE' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'KHALMNPR.EXE' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'LCore.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'phonostarTimer.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesPDLR.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesTrayAgent.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'EMET_notifier.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNSEMAIN.EXE' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'acrotray.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDTray.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'Creative Cloud.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '167' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'runas.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeIPCBroker.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'splwow64.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'PrintIsolationHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'tracerpt.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'CoreSync.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'Adobe CEF Helper.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'Adobe CEF Helper.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '37' Modul(e) wurden durchsucht
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\ProgramData\Adobe\CameraRaw\CameraProfiles\specific_gravity\kirchhoffs_equations.exe'
C:\ProgramData\Adobe\CameraRaw\CameraProfiles\specific_gravity\kirchhoffs_equations.exe
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.128114
Beginne mit der Suche in 'C:\ProgramData\Apple\Installer Cache\Apple Mobile Device Support 6.1.0.13\delta_robot\focus.exe'
C:\ProgramData\Apple\Installer Cache\Apple Mobile Device Support 6.1.0.13\delta_robot\focus.exe
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.128114
Beginne mit der Suche in 'C:\Users\Wolf\AppData\Local\Temp\Transition-collect\transition-vacation.exe'
C:\Users\Wolf\AppData\Local\Temp\Transition-collect\transition-vacation.exe
[FUND] Ist das Trojanische Pferd TR/Trustezeb.118784
Beginne mit der Desinfektion:
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> wurde erfolgreich entfernt.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> wurde erfolgreich entfernt.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> wurde erfolgreich entfernt.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> wurde erfolgreich entfernt.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> wurde erfolgreich entfernt.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnIntranet> wurde erfolgreich repariert.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\transition-collect> wurde erfolgreich entfernt.
C:\Users\Wolf\AppData\Local\Temp\Transition-collect\transition-vacation.exe
[FUND] Ist das Trojanische Pferd TR/Trustezeb.118784
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5049ade3.qua' verschoben!
[HINWEIS] Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\transition-collect> wurde erfolgreich repariert.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\current_sense_amplifier> wurde erfolgreich entfernt.
C:\ProgramData\Apple\Installer Cache\Apple Mobile Device Support 6.1.0.13\delta_robot\focus.exe
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.128114
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '48dc8241.qua' verschoben!
[HINWEIS] Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\current_sense_amplifier> wurde erfolgreich repariert.
Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\input_voltage_range> wurde erfolgreich entfernt.
C:\ProgramData\Adobe\CameraRaw\CameraProfiles\specific_gravity\kirchhoffs_equations.exe
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.128114
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1ab2d8d3.qua' verschoben!
[HINWEIS] Der Registrierungseintrag <HKEY_USERS\S-1-5-21-16447771-1256991811-2654833542-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\input_voltage_range> wurde erfolgreich repariert.
Ende des Suchlaufs: Donnerstag, 5. März 2015 08:14
Benötigte Zeit: 00:06 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
1151 Dateien wurden geprüft
3 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
3 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1148 Dateien ohne Befall
1 Archive wurden durchsucht
0 Warnungen
3 Hinweise
Die Suchergebnisse werden an den Guard übermittelt.
Code:
ATTFilter
Antivirus Pro
Erstellungsdatum der Reportdatei: Donnerstag, 5. März 2015 08:52
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Eckehard Wolf
Seriennummer : 2216206382-PEPWE-0000001
Plattform : Windows 7 Ultimate
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : WOLF-PC
Versionsinformationen:
BUILD.DAT : 15.0.8.644 94169 Bytes 24.02.2015 09:56:00
AVSCAN.EXE : 15.0.8.644 1015032 Bytes 04.03.2015 09:24:13
AVSCANRC.DLL : 15.0.8.480 64304 Bytes 04.03.2015 09:24:13
LUKE.DLL : 15.0.8.644 60664 Bytes 04.03.2015 09:24:19
AVSCPLR.DLL : 15.0.8.538 93488 Bytes 04.03.2015 09:24:13
REPAIR.DLL : 15.0.8.644 366328 Bytes 04.03.2015 09:24:13
REPAIR.RDF : 1.0.5.84 775322 Bytes 04.03.2015 09:24:21
AVREG.DLL : 15.0.8.644 265464 Bytes 04.03.2015 09:24:13
AVLODE.DLL : 15.0.8.644 645368 Bytes 04.03.2015 09:24:12
AVLODE.RDF : 14.0.4.54 78895 Bytes 28.01.2015 15:24:28
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:47
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:48
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:48
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:40:48
XBV00056.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00057.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00058.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00059.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00060.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00061.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00062.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00063.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00064.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00065.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00066.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00067.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00068.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00069.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00070.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00071.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00072.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00073.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00074.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00075.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00076.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00077.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00078.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00079.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00080.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00081.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00082.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00083.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00084.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00085.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00086.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00087.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00088.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00089.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00090.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00091.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00092.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00093.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:04
XBV00094.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00095.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00096.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00097.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00098.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00099.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00100.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00101.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00102.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00103.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00104.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00105.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00106.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00107.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00108.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00109.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00110.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00111.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00112.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00113.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00114.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00115.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00116.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00117.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00118.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00119.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00120.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00121.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00122.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00123.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00124.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00125.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00126.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00127.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00128.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00129.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00130.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00131.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00132.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00133.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00134.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00135.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:05
XBV00136.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00137.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00138.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00139.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00140.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00141.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00142.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00143.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00144.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00145.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00146.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00147.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00148.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00149.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00150.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00151.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00152.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00153.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00154.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00155.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00156.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00157.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00158.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00159.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00160.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00161.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00162.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00163.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00164.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00165.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00166.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00167.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00168.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00169.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00170.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00171.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00172.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00173.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00174.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00175.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00176.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00177.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:06
XBV00178.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00179.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00180.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00181.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00182.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00183.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00184.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00185.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00186.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00187.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00188.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00189.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00190.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00191.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00192.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00193.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00194.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00195.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00196.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00197.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00198.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00199.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00200.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00201.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00202.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00203.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00204.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00205.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00206.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00207.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00208.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00209.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00210.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00211.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00212.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00213.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00214.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00215.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00216.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00217.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00218.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00219.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00220.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:07
XBV00221.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00222.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00223.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00224.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00225.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00226.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00227.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00228.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00229.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00230.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00231.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00232.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00233.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00234.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00235.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00236.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00237.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00238.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00239.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00240.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00241.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00242.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00243.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00244.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00245.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00246.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00247.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00248.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00249.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00250.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00251.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00252.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00253.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00254.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00255.VDF : 8.11.213.84 2048 Bytes 03.03.2015 07:24:08
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 16:46:17
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:57:44
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 14:19:59
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 15:46:43
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 14:20:51
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 10:06:19
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 13:28:12
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 11:58:11
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 12:40:47
XBV00009.VDF : 8.11.172.30 2094080 Bytes 15.09.2014 11:44:06
XBV00010.VDF : 8.11.178.32 1581056 Bytes 14.10.2014 10:48:13
XBV00011.VDF : 8.11.184.50 2178560 Bytes 11.11.2014 17:01:09
XBV00012.VDF : 8.11.190.32 1876992 Bytes 03.12.2014 15:24:29
XBV00013.VDF : 8.11.201.28 2973696 Bytes 14.01.2015 15:24:29
XBV00014.VDF : 8.11.206.252 2695680 Bytes 04.02.2015 11:46:08
XBV00015.VDF : 8.11.213.84 3175936 Bytes 03.03.2015 07:24:03
XBV00042.VDF : 8.11.213.86 2048 Bytes 03.03.2015 07:24:03
XBV00043.VDF : 8.11.213.90 2048 Bytes 03.03.2015 07:24:03
XBV00044.VDF : 8.11.213.94 24064 Bytes 03.03.2015 07:24:03
XBV00045.VDF : 8.11.213.100 23552 Bytes 04.03.2015 07:24:03
XBV00046.VDF : 8.11.213.102 10240 Bytes 04.03.2015 09:24:20
XBV00047.VDF : 8.11.213.106 7680 Bytes 04.03.2015 11:19:45
XBV00048.VDF : 8.11.213.110 2048 Bytes 04.03.2015 11:19:45
XBV00049.VDF : 8.11.213.114 12800 Bytes 04.03.2015 07:08:10
XBV00050.VDF : 8.11.213.118 2048 Bytes 04.03.2015 07:08:10
XBV00051.VDF : 8.11.213.126 35328 Bytes 04.03.2015 07:08:10
XBV00052.VDF : 8.11.213.128 24064 Bytes 04.03.2015 07:08:10
XBV00053.VDF : 8.11.213.132 10752 Bytes 04.03.2015 07:08:10
XBV00054.VDF : 8.11.213.136 14848 Bytes 04.03.2015 07:08:10
XBV00055.VDF : 8.11.213.138 2048 Bytes 04.03.2015 07:08:10
LOCAL001.VDF : 8.11.213.138 123466240 Bytes 04.03.2015 07:08:22
Engineversion : 8.3.28.30
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 13:55:22
AESCRIPT.DLL : 8.2.2.56 554920 Bytes 13.02.2015 09:17:28
AESCN.DLL : 8.3.2.2 139456 Bytes 21.07.2014 12:01:27
AESBX.DLL : 8.2.20.34 1615784 Bytes 04.03.2015 11:19:45
AERDL.DLL : 8.2.1.20 731040 Bytes 11.02.2015 15:04:24
AEPACK.DLL : 8.4.0.62 793456 Bytes 20.02.2015 16:20:25
AEOFFICE.DLL : 8.3.1.12 350120 Bytes 19.02.2015 17:11:47
AEMOBILE.DLL : 8.1.2.0 277360 Bytes 28.01.2015 15:24:28
AEHEUR.DLL : 8.1.4.1568 8182640 Bytes 04.03.2015 11:19:45
AEHELP.DLL : 8.3.1.0 278728 Bytes 28.05.2014 14:42:02
AEGEN.DLL : 8.1.7.40 456608 Bytes 28.01.2015 15:24:27
AEEXP.DLL : 8.4.2.70 255904 Bytes 06.02.2015 12:09:58
AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 14:40:46
AEDROID.DLL : 8.4.3.6 850800 Bytes 28.01.2015 15:24:28
AECORE.DLL : 8.3.4.0 243624 Bytes 28.01.2015 15:24:27
AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 14:40:46
AVWINLL.DLL : 15.0.8.644 25904 Bytes 04.03.2015 09:24:10
AVPREF.DLL : 15.0.8.644 52016 Bytes 04.03.2015 09:24:13
AVREP.DLL : 15.0.8.644 220464 Bytes 04.03.2015 09:24:13
AVARKT.DLL : 15.0.8.644 227120 Bytes 04.03.2015 09:24:11
AVEVTLOG.DLL : 15.0.8.644 184568 Bytes 04.03.2015 09:24:11
SQLITE3.DLL : 15.0.8.644 455472 Bytes 04.03.2015 09:24:20
AVSMTP.DLL : 15.0.8.644 78128 Bytes 04.03.2015 09:24:13
NETNT.DLL : 15.0.8.644 16120 Bytes 04.03.2015 09:24:19
RCIMAGE.DLL : 15.0.8.480 4887856 Bytes 04.03.2015 09:24:10
RCTEXT.DLL : 15.0.8.614 76536 Bytes 04.03.2015 09:24:10
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_54f808d7\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Reparieren
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Beginn des Suchlaufs: Donnerstag, 5. März 2015 08:52
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeUpdateService.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '147' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsSysCtrlService.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'GfExperienceService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamscheduler.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbamservice.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'DVMExportService.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDFSSvc.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDUpdSvc.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAANTMon.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDWSCSvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc7.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'SixEngine.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAAnotif.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'BJMYPRT.EXE' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'LCore.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'KHALMNPR.EXE' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'phonostarTimer.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesPDLR.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesTrayAgent.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'EMET_notifier.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNSEMAIN.EXE' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'acrotray.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDTray.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'Creative Cloud.exe' - '142' Modul(e) wurden durchsucht
Durchsuche Prozess 'rasautou.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'splwow64.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'rasdial.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '208' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeIPCBroker.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'CoreSync.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'iexpress.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'Adobe CEF Helper.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'Adobe CEF Helper.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '37' Modul(e) wurden durchsucht
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\Users\Wolf\AppData\Local\Temp\{00002C71-5BB3-55C5}'
C:\Users\Wolf\AppData\Local\Temp\{00002C71-5BB3-55C5}
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.128114
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '53ec9d76.qua' verschoben!
Ende des Suchlaufs: Donnerstag, 5. März 2015 08:52
Benötigte Zeit: 00:12 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
0 Verzeichnisse wurden überprüft
1213 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1212 Dateien ohne Befall
2 Archive wurden durchsucht
0 Warnungen
1 Hinweise
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 05.03.2015 Scan Time: 08:30:15 Logfile: Malwarebyte-Scan_2015-03-05_08uhr40.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.03.05.01 Rootkit Database: v2015.02.25.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Wolf Scan Type: Threat Scan Result: Completed Objects Scanned: 538824 Time Elapsed: 8 min, 0 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 4 Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\frequency_hopping, Quarantined, [6283271abdcd80b66ac34be02bd749b7], Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\low_voltage_emitter, Quarantined, [ae37360bbbcf0432f43934f74fb3fa06], Trojan.Agent.ED, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vacuole, Quarantined, [d411b58c6129f14588a538f35da58977], PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\RollAround, Quarantined, [ca1bf64b4a40f93dd3d73a68c83b5da3], Registry Values: 2 Trojan.Agent.ED, HKU\S-1-5-21-16447771-1256991811-2654833542-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|ultra_high_frequency, C:\ProgramData\Adobe\ARM\Reader_11.0.00\4491\shadow_matter\infrared_data_association.exe, Delete-on-Reboot, [9e47251c74169b9b138ecc4213efd42c] Trojan.Agent.ED, HKU\S-1-5-21-16447771-1256991811-2654833542-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|general_packet_radio, C:\ProgramData\Apple\Installer Cache\AppleApplicationSupport 2.3.6\alpha_particle\signal_to_noise_ratio.exe, Delete-on-Reboot, [1cc91928c1c9c175455cd737ba48817f] Registry Data: 0 (No malicious items detected) Folders: 3 PUP.Optional.OpenCandy, C:\Users\Wolf\AppData\Roaming\OpenCandy, Quarantined, [38ada9984a40c670674f293c8380c838], PUP.Optional.OpenCandy, C:\Users\Wolf\AppData\Roaming\OpenCandy\1D488037214549B39668C5C8E09009BE, Quarantined, [38ada9984a40c670674f293c8380c838], PUP.Optional.OpenCandy, C:\Users\Wolf\AppData\Roaming\OpenCandy\B1BE1AF28BDF4C558DA4D5555478A940, Quarantined, [38ada9984a40c670674f293c8380c838], Files: 11 Trojan.Agent.ED, C:\ProgramData\Adobe\ARM\Reader_11.0.00\4491\shadow_matter\infrared_data_association.exe, Quarantined, [9e47251c74169b9b138ecc4213efd42c], Trojan.Agent.ED, C:\ProgramData\Apple\Installer Cache\AppleApplicationSupport 2.3.6\alpha_particle\signal_to_noise_ratio.exe, Quarantined, [1cc91928c1c9c175455cd737ba48817f], Trojan.Agent.ED, C:\Windows\AppPatch\AppPatch64\ampacity\input_cmvr_v.exe, Quarantined, [6283271abdcd80b66ac34be02bd749b7], Trojan.Agent.ED, C:\Windows\AppPatch\AppPatch64\ampacity\forward_error_correction.exe, Quarantined, [ae37360bbbcf0432f43934f74fb3fa06], Trojan.Agent.ED, C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\scalar_mathematics\comp_prop_delay.exe, Quarantined, [d411b58c6129f14588a538f35da58977], PUP.Optional.RollAround.C, C:\Users\Wolf\AppData\Roaming\OpenCandy\B1BE1AF28BDF4C558DA4D5555478A940\setup0213.exe, Quarantined, [85603c05d4b6ed49c6f097936b9739c7], PUP.Optional.Conduit.A, C:\Users\Wolf\AppData\Local\CRE\nlafpokblfobdnjhhggocaanijghemnd.crx, Quarantined, [4a9bf1501872bc7a748467437b8839c7], PUP.Optional.Conduit.A, C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nlafpokblfobdnjhhggocaanijghemnd_0.localstorage, Quarantined, [92535ce569215adce5166a4063a0f40c], PUP.Optional.Conduit.A, C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nlafpokblfobdnjhhggocaanijghemnd_0.localstorage-journal, Quarantined, [0cd9a69b593164d200fb2f7be0238a76], PUP.Optional.Claro.A, C:\Users\Wolf\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dcillohgikpecbmgioknapdpcjofaafl_0.localstorage, Quarantined, [b233b58cadddc96deb3915a8f40f8977], PUP.Optional.OpenCandy, C:\Users\Wolf\AppData\Roaming\OpenCandy\1D488037214549B39668C5C8E09009BE\WebCompanionInstaller.exe, Quarantined, [38ada9984a40c670674f293c8380c838], Physical Sectors: 0 (No malicious items detected) (end) |
|
05.03.2015, 19:01
| #6 |
| /// the machine /// TB-Ausbilder | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 |
|
05.03.2015, 22:08
| #7 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Hi schrauber, vielen Dank für die Antwort. Ich habe TDSSKiller laufen lassen. Er hat Objekte gefunden. Ich habe alles geskiped wie beschrieben. Hier ist der Logfile von TDSSKiller: Code:
ATTFilter 21:53:46.0243 0x1124 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:53:56.0444 0x1124 ============================================================
21:53:56.0444 0x1124 Current date / time: 2015/03/05 21:53:56.0444
21:53:56.0444 0x1124 SystemInfo:
21:53:56.0444 0x1124
21:53:56.0444 0x1124 OS Version: 6.1.7601 ServicePack: 1.0
21:53:56.0444 0x1124 Product type: Workstation
21:53:56.0444 0x1124 ComputerName: WOLF-PC
21:53:56.0444 0x1124 UserName: Wolf
21:53:56.0444 0x1124 Windows directory: C:\Windows
21:53:56.0444 0x1124 System windows directory: C:\Windows
21:53:56.0444 0x1124 Running under WOW64
21:53:56.0444 0x1124 Processor architecture: Intel x64
21:53:56.0444 0x1124 Number of processors: 8
21:53:56.0444 0x1124 Page size: 0x1000
21:53:56.0444 0x1124 Boot type: Normal boot
21:53:56.0444 0x1124 ============================================================
21:53:56.0605 0x1124 KLMD registered as C:\Windows\system32\drivers\02171147.sys
21:53:56.0686 0x1124 System UUID: {88B87F8C-D652-A2BF-1E0B-C5F3C3E5E959}
21:53:56.0992 0x1124 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
21:53:57.0001 0x1124 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:53:57.0013 0x1124 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:53:57.0025 0x1124 ============================================================
21:53:57.0025 0x1124 \Device\Harddisk2\DR2:
21:53:57.0025 0x1124 MBR partitions:
21:53:57.0025 0x1124 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:53:57.0025 0x1124 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x746D3000
21:53:57.0025 0x1124 \Device\Harddisk0\DR0:
21:53:57.0025 0x1124 MBR partitions:
21:53:57.0025 0x1124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
21:53:57.0025 0x1124 \Device\Harddisk1\DR1:
21:53:57.0025 0x1124 MBR partitions:
21:53:57.0026 0x1124 ============================================================
21:53:57.0026 0x1124 C: <-> \Device\Harddisk2\DR2\Partition2
21:53:57.0055 0x1124 D: <-> \Device\Harddisk0\DR0\Partition1
21:53:57.0056 0x1124 ============================================================
21:53:57.0056 0x1124 Initialize success
21:53:57.0056 0x1124 ============================================================
21:56:28.0129 0x1efc ============================================================
21:56:28.0129 0x1efc Scan started
21:56:28.0129 0x1efc Mode: Manual; SigCheck; TDLFS;
21:56:28.0129 0x1efc ============================================================
21:56:28.0129 0x1efc KSN ping started
21:56:30.0787 0x1efc KSN ping finished: true
21:56:31.0663 0x1efc ================ Scan system memory ========================
21:56:31.0664 0x1efc System memory - ok
21:56:31.0664 0x1efc ================ Scan services =============================
21:56:31.0690 0x1efc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:56:31.0730 0x1efc 1394ohci - ok
21:56:31.0745 0x1efc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:56:31.0761 0x1efc ACPI - ok
21:56:31.0765 0x1efc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:56:31.0782 0x1efc AcpiPmi - ok
21:56:31.0787 0x1efc [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:56:31.0797 0x1efc AdobeARMservice - ok
21:56:31.0816 0x1efc [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:56:31.0829 0x1efc AdobeFlashPlayerUpdateSvc - ok
21:56:31.0846 0x1efc [ E280D3CE9196ED599ED3D6ACA651053B, 9D552A3C67D64A49BDD93BDF534949E9844F839B2F74A15F09A1586B7694C06C ] AdobeUpdateService C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
21:56:31.0866 0x1efc AdobeUpdateService - ok
21:56:31.0877 0x1efc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:56:31.0895 0x1efc adp94xx - ok
21:56:31.0903 0x1efc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:56:31.0918 0x1efc adpahci - ok
21:56:31.0924 0x1efc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:56:31.0935 0x1efc adpu320 - ok
21:56:31.0940 0x1efc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:56:31.0985 0x1efc AeLookupSvc - ok
21:56:31.0996 0x1efc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
21:56:32.0015 0x1efc AFD - ok
21:56:32.0019 0x1efc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:56:32.0028 0x1efc agp440 - ok
21:56:32.0032 0x1efc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:56:32.0046 0x1efc ALG - ok
21:56:32.0049 0x1efc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:56:32.0057 0x1efc aliide - ok
21:56:32.0063 0x1efc [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:56:32.0084 0x1efc AMD External Events Utility - ok
21:56:32.0087 0x1efc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:56:32.0095 0x1efc amdide - ok
21:56:32.0099 0x1efc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:56:32.0108 0x1efc AmdK8 - ok
21:56:32.0342 0x1efc [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:56:32.0618 0x1efc amdkmdag - ok
21:56:32.0640 0x1efc [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:56:32.0660 0x1efc amdkmdap - ok
21:56:32.0664 0x1efc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:56:32.0674 0x1efc AmdPPM - ok
21:56:32.0678 0x1efc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:56:32.0688 0x1efc amdsata - ok
21:56:32.0694 0x1efc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:56:32.0705 0x1efc amdsbs - ok
21:56:32.0708 0x1efc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:56:32.0716 0x1efc amdxata - ok
21:56:32.0736 0x1efc [ 35CCC725A117FD966ADFDE0FDF663C60, 282A07AA3D609E6978E6BF79EF0CDF3FE6A25CFAA433F9F2DD8710F2E4ED4BAA ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
21:56:32.0758 0x1efc AntiVirMailService - ok
21:56:32.0769 0x1efc [ B5975B61C97F4E47C129CDE76AFF84D4, 0494273946B6DEACC6C6F3AF70F90467A07CB127A5CBD223D4F3450A03C259C3 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:56:32.0783 0x1efc AntiVirSchedulerService - ok
21:56:32.0792 0x1efc [ B5975B61C97F4E47C129CDE76AFF84D4, 0494273946B6DEACC6C6F3AF70F90467A07CB127A5CBD223D4F3450A03C259C3 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:56:32.0806 0x1efc AntiVirService - ok
21:56:32.0826 0x1efc [ 90E78AD249819ED06951B5B7C0C010A5, 0C387514BAA3F413040E6A0A6F0BFEF12C63AA484AFC3C238A2677BA51661C5D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
21:56:32.0850 0x1efc AntiVirWebService - ok
21:56:32.0854 0x1efc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
21:56:32.0901 0x1efc AppID - ok
21:56:32.0904 0x1efc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:56:32.0936 0x1efc AppIDSvc - ok
21:56:32.0939 0x1efc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:56:32.0954 0x1efc Appinfo - ok
21:56:32.0959 0x1efc [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:56:32.0966 0x1efc Apple Mobile Device - ok
21:56:32.0972 0x1efc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:56:32.0989 0x1efc AppMgmt - ok
21:56:32.0993 0x1efc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:56:33.0003 0x1efc arc - ok
21:56:33.0007 0x1efc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:56:33.0017 0x1efc arcsas - ok
21:56:33.0020 0x1efc [ F6BDA026E4157DC4E321CA391E9D9BC6, D38774B8F812816DA43A0C52EEC566BBC44F57A6614BC84F1417C4227286B594 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
21:56:33.0031 0x1efc AsIO - ok
21:56:33.0042 0x1efc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:56:33.0057 0x1efc aspnet_state - ok
21:56:33.0061 0x1efc [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
21:56:33.0069 0x1efc AsSysCtrlService - ok
21:56:33.0072 0x1efc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:56:33.0094 0x1efc AsyncMac - ok
21:56:33.0097 0x1efc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:56:33.0105 0x1efc atapi - ok
21:56:33.0110 0x1efc [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
21:56:33.0120 0x1efc AtiHDAudioService - ok
21:56:33.0134 0x1efc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:56:33.0165 0x1efc AudioEndpointBuilder - ok
21:56:33.0179 0x1efc [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:56:33.0197 0x1efc AudioSrv - ok
21:56:33.0204 0x1efc [ DC906FA273A82C48D1F2B633C8CFF2E7, AB9865FA691DA0F8C1A64140941834884EC01867DEBACAD90FC24F0E6AF654B0 ] auusb C:\Windows\system32\DRIVERS\auusb.sys
21:56:33.0215 0x1efc auusb - ok
21:56:33.0219 0x1efc [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:56:33.0229 0x1efc avgntflt - ok
21:56:33.0233 0x1efc [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:56:33.0243 0x1efc avipbb - ok
21:56:33.0246 0x1efc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:56:33.0253 0x1efc avkmgr - ok
21:56:33.0256 0x1efc [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
21:56:33.0264 0x1efc avnetflt - ok
21:56:33.0268 0x1efc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:56:33.0293 0x1efc AxInstSV - ok
21:56:33.0303 0x1efc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:56:33.0321 0x1efc b06bdrv - ok
21:56:33.0328 0x1efc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:56:33.0342 0x1efc b57nd60a - ok
21:56:33.0347 0x1efc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:56:33.0364 0x1efc BDESVC - ok
21:56:33.0366 0x1efc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:56:33.0391 0x1efc Beep - ok
21:56:33.0401 0x1efc [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
21:56:33.0417 0x1efc BEService - ok
21:56:33.0432 0x1efc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:56:33.0461 0x1efc BFE - ok
21:56:33.0466 0x1efc [ 61CF05132598307F56547F027D6B4139, CB1794F37F5F93350C41A3A2F25E20C8A051D02F68A9B84D9429432601FBB3CD ] BioNTDrv C:\Program Files (x86)\Paragon Software\Festplatten Manager 12 Professional\program\BioNTDrv.SYS
21:56:33.0474 0x1efc BioNTDrv - ok
21:56:33.0490 0x1efc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:56:33.0532 0x1efc BITS - ok
21:56:33.0536 0x1efc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:56:33.0545 0x1efc blbdrive - ok
21:56:33.0556 0x1efc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:56:33.0570 0x1efc Bonjour Service - ok
21:56:33.0575 0x1efc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:56:33.0585 0x1efc bowser - ok
21:56:33.0588 0x1efc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:56:33.0598 0x1efc BrFiltLo - ok
21:56:33.0601 0x1efc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:56:33.0610 0x1efc BrFiltUp - ok
21:56:33.0615 0x1efc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:56:33.0633 0x1efc Browser - ok
21:56:33.0640 0x1efc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:56:33.0655 0x1efc Brserid - ok
21:56:33.0658 0x1efc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:56:33.0669 0x1efc BrSerWdm - ok
21:56:33.0672 0x1efc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:56:33.0682 0x1efc BrUsbMdm - ok
21:56:33.0684 0x1efc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:56:33.0693 0x1efc BrUsbSer - ok
21:56:33.0696 0x1efc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:56:33.0707 0x1efc BTHMODEM - ok
21:56:33.0712 0x1efc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:56:33.0742 0x1efc bthserv - ok
21:56:33.0746 0x1efc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:56:33.0770 0x1efc cdfs - ok
21:56:33.0775 0x1efc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:56:33.0786 0x1efc cdrom - ok
21:56:33.0790 0x1efc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:56:33.0818 0x1efc CertPropSvc - ok
21:56:33.0822 0x1efc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:56:33.0832 0x1efc circlass - ok
21:56:33.0841 0x1efc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:56:33.0856 0x1efc CLFS - ok
21:56:33.0861 0x1efc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:56:33.0877 0x1efc clr_optimization_v2.0.50727_32 - ok
21:56:33.0882 0x1efc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:56:33.0896 0x1efc clr_optimization_v2.0.50727_64 - ok
21:56:33.0904 0x1efc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:56:33.0915 0x1efc clr_optimization_v4.0.30319_32 - ok
21:56:33.0919 0x1efc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:56:33.0931 0x1efc clr_optimization_v4.0.30319_64 - ok
21:56:33.0934 0x1efc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:56:33.0942 0x1efc CmBatt - ok
21:56:33.0945 0x1efc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:56:33.0953 0x1efc cmdide - ok
21:56:33.0964 0x1efc [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
21:56:33.0985 0x1efc CNG - ok
21:56:33.0988 0x1efc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:56:33.0997 0x1efc Compbatt - ok
21:56:34.0000 0x1efc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:56:34.0010 0x1efc CompositeBus - ok
21:56:34.0013 0x1efc COMSysApp - ok
21:56:34.0016 0x1efc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:56:34.0024 0x1efc crcdisk - ok
21:56:34.0031 0x1efc [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:56:34.0049 0x1efc CryptSvc - ok
21:56:34.0060 0x1efc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:56:34.0079 0x1efc CSC - ok
21:56:34.0093 0x1efc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:56:34.0115 0x1efc CscService - ok
21:56:34.0127 0x1efc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:56:34.0159 0x1efc DcomLaunch - ok
21:56:34.0167 0x1efc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:56:34.0201 0x1efc defragsvc - ok
21:56:34.0205 0x1efc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:56:34.0229 0x1efc DfsC - ok
21:56:34.0237 0x1efc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:56:34.0252 0x1efc Dhcp - ok
21:56:34.0256 0x1efc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:56:34.0286 0x1efc discache - ok
21:56:34.0290 0x1efc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:56:34.0299 0x1efc Disk - ok
21:56:34.0303 0x1efc [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:56:34.0332 0x1efc dmvsc - ok
21:56:34.0337 0x1efc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:56:34.0355 0x1efc Dnscache - ok
21:56:34.0362 0x1efc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:56:34.0395 0x1efc dot3svc - ok
21:56:34.0401 0x1efc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:56:34.0426 0x1efc DPS - ok
21:56:34.0428 0x1efc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:56:34.0437 0x1efc drmkaud - ok
21:56:34.0456 0x1efc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:56:34.0483 0x1efc DXGKrnl - ok
21:56:34.0488 0x1efc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:56:34.0518 0x1efc EapHost - ok
21:56:34.0576 0x1efc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:56:34.0648 0x1efc ebdrv - ok
21:56:34.0654 0x1efc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
21:56:34.0664 0x1efc EFS - ok
21:56:34.0679 0x1efc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:56:34.0709 0x1efc ehRecvr - ok
21:56:34.0714 0x1efc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:56:34.0730 0x1efc ehSched - ok
21:56:34.0742 0x1efc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:56:34.0760 0x1efc elxstor - ok
21:56:34.0763 0x1efc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:56:34.0771 0x1efc ErrDev - ok
21:56:34.0783 0x1efc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:56:34.0813 0x1efc EventSystem - ok
21:56:34.0816 0x1efc ewusbmbb - ok
21:56:34.0819 0x1efc ew_usbenumfilter - ok
21:56:34.0825 0x1efc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:56:34.0855 0x1efc exfat - ok
21:56:34.0862 0x1efc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:56:34.0892 0x1efc fastfat - ok
21:56:34.0906 0x1efc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:56:34.0929 0x1efc Fax - ok
21:56:34.0932 0x1efc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:56:34.0941 0x1efc fdc - ok
21:56:34.0944 0x1efc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:56:34.0970 0x1efc fdPHost - ok
21:56:34.0973 0x1efc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:56:35.0001 0x1efc FDResPub - ok
21:56:35.0005 0x1efc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:56:35.0014 0x1efc FileInfo - ok
21:56:35.0017 0x1efc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:56:35.0041 0x1efc Filetrace - ok
21:56:35.0054 0x1efc [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:56:35.0072 0x1efc FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
21:56:37.0735 0x1efc Detect skipped due to KSN trusted
21:56:37.0735 0x1efc FLEXnet Licensing Service - ok
21:56:37.0740 0x1efc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:56:37.0756 0x1efc flpydisk - ok
21:56:37.0769 0x1efc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:56:37.0790 0x1efc FltMgr - ok
21:56:37.0812 0x1efc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
21:56:37.0862 0x1efc FontCache - ok
21:56:37.0868 0x1efc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:56:37.0883 0x1efc FontCache3.0.0.0 - ok
21:56:37.0886 0x1efc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:56:37.0897 0x1efc FsDepends - ok
21:56:37.0901 0x1efc [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:56:37.0912 0x1efc fssfltr - ok
21:56:37.0940 0x1efc [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:56:37.0978 0x1efc fsssvc - ok
21:56:37.0983 0x1efc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:56:37.0994 0x1efc Fs_Rec - ok
21:56:37.0997 0x1efc [ FA169871D8FADCC6539C4E8726610286, 14BF1C5225BD736C686FAC6393050BCFC5C43BC9557A78901CC98BC446A3894D ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
21:56:38.0004 0x1efc FTDIBUS - ok
21:56:38.0011 0x1efc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:56:38.0025 0x1efc fvevol - ok
21:56:38.0029 0x1efc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:56:38.0038 0x1efc gagp30kx - ok
21:56:38.0040 0x1efc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys
21:56:38.0047 0x1efc GearAspiWDM - ok
21:56:38.0069 0x1efc [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:56:38.0098 0x1efc GfExperienceService - ok
21:56:38.0103 0x1efc [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F, 6D2B301E77839FFF1C74425B37D02C3F3837CE50E856C21AE4CF7ABABB04ADDC ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
21:56:38.0110 0x1efc GoogleDesktopManager-051210-111108 - ok
21:56:38.0125 0x1efc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:56:38.0162 0x1efc gpsvc - ok
21:56:38.0167 0x1efc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:38.0175 0x1efc gupdate - ok
21:56:38.0178 0x1efc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:38.0185 0x1efc gupdatem - ok
21:56:38.0188 0x1efc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:56:38.0197 0x1efc hcw85cir - ok
21:56:38.0206 0x1efc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:56:38.0222 0x1efc HdAudAddService - ok
21:56:38.0227 0x1efc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:56:38.0240 0x1efc HDAudBus - ok
21:56:38.0242 0x1efc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:56:38.0251 0x1efc HidBatt - ok
21:56:38.0255 0x1efc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:56:38.0267 0x1efc HidBth - ok
21:56:38.0270 0x1efc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:56:38.0281 0x1efc HidIr - ok
21:56:38.0284 0x1efc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:56:38.0312 0x1efc hidserv - ok
21:56:38.0315 0x1efc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:56:38.0324 0x1efc HidUsb - ok
21:56:38.0328 0x1efc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:56:38.0357 0x1efc hkmsvc - ok
21:56:38.0364 0x1efc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:56:38.0385 0x1efc HomeGroupListener - ok
21:56:38.0390 0x1efc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:56:38.0407 0x1efc HomeGroupProvider - ok
21:56:38.0411 0x1efc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:56:38.0420 0x1efc HpSAMD - ok
21:56:38.0435 0x1efc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:56:38.0472 0x1efc HTTP - ok
21:56:38.0474 0x1efc huawei_enumerator - ok
21:56:38.0478 0x1efc hwdatacard - ok
21:56:38.0481 0x1efc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:56:38.0489 0x1efc hwpolicy - ok
21:56:38.0494 0x1efc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:56:38.0504 0x1efc i8042prt - ok
21:56:38.0518 0x1efc [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:56:38.0535 0x1efc IAANTMON - ok
21:56:38.0545 0x1efc [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:56:38.0557 0x1efc iaStor - ok
21:56:38.0567 0x1efc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:56:38.0582 0x1efc iaStorV - ok
21:56:38.0601 0x1efc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:56:38.0637 0x1efc idsvc - ok
21:56:38.0640 0x1efc IEEtwCollectorService - ok
21:56:38.0643 0x1efc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:56:38.0652 0x1efc iirsp - ok
21:56:38.0669 0x1efc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:56:38.0701 0x1efc IKEEXT - ok
21:56:38.0740 0x1efc [ 49A81307E807C0EAAD6510589DD92A3D, 8808652FA2F190274F624111F2CA49E1394E965A2724FC29277E5F80F825D115 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:56:38.0785 0x1efc IntcAzAudAddService - ok
21:56:38.0790 0x1efc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:56:38.0798 0x1efc intelide - ok
21:56:38.0802 0x1efc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:56:38.0811 0x1efc intelppm - ok
21:56:38.0815 0x1efc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:56:38.0845 0x1efc IPBusEnum - ok
21:56:38.0849 0x1efc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:38.0872 0x1efc IpFilterDriver - ok
21:56:38.0884 0x1efc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:56:38.0904 0x1efc iphlpsvc - ok
21:56:38.0908 0x1efc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:56:38.0918 0x1efc IPMIDRV - ok
21:56:38.0923 0x1efc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:56:38.0948 0x1efc IPNAT - ok
21:56:38.0961 0x1efc [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:56:38.0979 0x1efc iPod Service - ok
21:56:38.0983 0x1efc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:56:38.0995 0x1efc IRENUM - ok
21:56:38.0998 0x1efc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:56:39.0006 0x1efc isapnp - ok
21:56:39.0013 0x1efc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:56:39.0026 0x1efc iScsiPrt - ok
21:56:39.0029 0x1efc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:56:39.0038 0x1efc kbdclass - ok
21:56:39.0041 0x1efc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:56:39.0049 0x1efc kbdhid - ok
21:56:39.0052 0x1efc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
21:56:39.0060 0x1efc KeyIso - ok
21:56:39.0064 0x1efc [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:56:39.0074 0x1efc KSecDD - ok
21:56:39.0079 0x1efc [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:56:39.0090 0x1efc KSecPkg - ok
21:56:39.0092 0x1efc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:56:39.0115 0x1efc ksthunk - ok
21:56:39.0124 0x1efc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:56:39.0160 0x1efc KtmRm - ok
21:56:39.0170 0x1efc [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
21:56:39.0184 0x1efc LADF_CaptureOnly - ok
21:56:39.0189 0x1efc [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
21:56:39.0196 0x1efc LADF_RenderOnly - ok
21:56:39.0203 0x1efc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:56:39.0235 0x1efc LanmanServer - ok
21:56:39.0240 0x1efc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:56:39.0270 0x1efc LanmanWorkstation - ok
21:56:39.0279 0x1efc [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
21:56:39.0292 0x1efc LBTServ - ok
21:56:39.0297 0x1efc [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
21:56:39.0304 0x1efc LGBusEnum - ok
21:56:39.0308 0x1efc [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
21:56:39.0314 0x1efc LGSHidFilt - ok
21:56:39.0318 0x1efc [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
21:56:39.0324 0x1efc LGSUsbFilt - ok
21:56:39.0327 0x1efc [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
21:56:39.0333 0x1efc LGVirHid - ok
21:56:39.0336 0x1efc [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:56:39.0344 0x1efc LHidFilt - ok
21:56:39.0347 0x1efc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:56:39.0371 0x1efc lltdio - ok
21:56:39.0379 0x1efc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:56:39.0414 0x1efc lltdsvc - ok
21:56:39.0417 0x1efc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:56:39.0443 0x1efc lmhosts - ok
21:56:39.0447 0x1efc [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:56:39.0454 0x1efc LMouFilt - ok
21:56:39.0460 0x1efc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:56:39.0469 0x1efc LSI_FC - ok
21:56:39.0474 0x1efc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:56:39.0483 0x1efc LSI_SAS - ok
21:56:39.0487 0x1efc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:56:39.0496 0x1efc LSI_SAS2 - ok
21:56:39.0500 0x1efc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:56:39.0510 0x1efc LSI_SCSI - ok
21:56:39.0514 0x1efc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:56:39.0539 0x1efc luafv - ok
21:56:39.0542 0x1efc [ 29C733E1DE824670DC9315CFC9BDBCD3, 8CFC987FEB174D91E415DEC89437D31D7AA5F6B7685641372EF26790E1444610 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
21:56:39.0549 0x1efc LUsbFilt - ok
21:56:39.0551 0x1efc MBAMSwissArmy - ok
21:56:39.0556 0x1efc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:56:39.0571 0x1efc Mcx2Svc - ok
21:56:39.0579 0x1efc [ B0174BBFB541B9BED3FE552C4BF93A9E, FB7EE7E221B542054DD1EF63687BDCFF32954B8D57135A0F33B8EEE5CC0CC069 ] MDES C:\ASUS.SYS\CONFIG\DVMExportService.exe
21:56:39.0588 0x1efc MDES - detected UnsignedFile.Multi.Generic ( 1 )
21:56:42.0243 0x1efc Detect skipped due to KSN trusted
21:56:42.0243 0x1efc MDES - ok
21:56:42.0248 0x1efc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:56:42.0264 0x1efc megasas - ok
21:56:42.0277 0x1efc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:56:42.0300 0x1efc MegaSR - ok
21:56:42.0306 0x1efc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:56:42.0350 0x1efc MMCSS - ok
21:56:42.0353 0x1efc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:56:42.0376 0x1efc Modem - ok
21:56:42.0380 0x1efc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:56:42.0390 0x1efc monitor - ok
21:56:42.0393 0x1efc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:56:42.0402 0x1efc mouclass - ok
21:56:42.0406 0x1efc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:56:42.0415 0x1efc mouhid - ok
21:56:42.0419 0x1efc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:56:42.0428 0x1efc mountmgr - ok
21:56:42.0433 0x1efc [ 5C2B2F10C847834C6DA4E680A4093BA3, 0222EBC8789765613184F47339A1DBD118ED209B72BC5565A8A7D4FB4CCF5418 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:56:42.0443 0x1efc MozillaMaintenance - ok
21:56:42.0448 0x1efc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:56:42.0459 0x1efc mpio - ok
21:56:42.0462 0x1efc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:56:42.0486 0x1efc mpsdrv - ok
21:56:42.0503 0x1efc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:56:42.0548 0x1efc MpsSvc - ok
21:56:42.0554 0x1efc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:56:42.0565 0x1efc MRxDAV - ok
21:56:42.0570 0x1efc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:42.0582 0x1efc mrxsmb - ok
21:56:42.0589 0x1efc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:42.0602 0x1efc mrxsmb10 - ok
21:56:42.0607 0x1efc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:42.0617 0x1efc mrxsmb20 - ok
21:56:42.0620 0x1efc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:56:42.0628 0x1efc msahci - ok
21:56:42.0633 0x1efc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:56:42.0643 0x1efc msdsm - ok
21:56:42.0648 0x1efc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:56:42.0665 0x1efc MSDTC - ok
21:56:42.0670 0x1efc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:56:42.0695 0x1efc Msfs - ok
21:56:42.0698 0x1efc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:56:42.0721 0x1efc mshidkmdf - ok
21:56:42.0723 0x1efc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:56:42.0731 0x1efc msisadrv - ok
21:56:42.0736 0x1efc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:56:42.0767 0x1efc MSiSCSI - ok
21:56:42.0770 0x1efc msiserver - ok
21:56:42.0773 0x1efc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:56:42.0795 0x1efc MSKSSRV - ok
21:56:42.0798 0x1efc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:42.0820 0x1efc MSPCLOCK - ok
21:56:42.0823 0x1efc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:56:42.0845 0x1efc MSPQM - ok
21:56:42.0854 0x1efc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:56:42.0873 0x1efc MsRPC - ok
21:56:42.0877 0x1efc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:56:42.0886 0x1efc mssmbios - ok
21:56:42.0888 0x1efc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:56:42.0911 0x1efc MSTEE - ok
21:56:42.0914 0x1efc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:56:42.0922 0x1efc MTConfig - ok
21:56:42.0925 0x1efc [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:56:42.0931 0x1efc MTsensor - ok
21:56:42.0935 0x1efc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:56:42.0944 0x1efc Mup - ok
21:56:42.0951 0x1efc [ 19CBAAB0B1F214AF834EDD9256F55977, 25C992B6A8E4936A07CBAE7BF247960470A5CD2276E366BFC16ABAD7E338B0AD ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
21:56:42.0962 0x1efc mv91xx - ok
21:56:42.0973 0x1efc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:56:43.0004 0x1efc napagent - ok
21:56:43.0013 0x1efc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:56:43.0030 0x1efc NativeWifiP - ok
21:56:43.0050 0x1efc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:56:43.0076 0x1efc NDIS - ok
21:56:43.0080 0x1efc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:56:43.0103 0x1efc NdisCap - ok
21:56:43.0106 0x1efc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:43.0129 0x1efc NdisTapi - ok
21:56:43.0133 0x1efc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:43.0156 0x1efc Ndisuio - ok
21:56:43.0161 0x1efc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:43.0186 0x1efc NdisWan - ok
21:56:43.0189 0x1efc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:56:43.0215 0x1efc NDProxy - ok
21:56:43.0218 0x1efc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:56:43.0241 0x1efc NetBIOS - ok
21:56:43.0248 0x1efc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:56:43.0275 0x1efc NetBT - ok
21:56:43.0278 0x1efc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
21:56:43.0286 0x1efc Netlogon - ok
21:56:43.0295 0x1efc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:56:43.0324 0x1efc Netman - ok
21:56:43.0329 0x1efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:43.0347 0x1efc NetMsmqActivator - ok
21:56:43.0352 0x1efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:43.0363 0x1efc NetPipeActivator - ok
21:56:43.0373 0x1efc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:56:43.0405 0x1efc netprofm - ok
21:56:43.0410 0x1efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:43.0421 0x1efc NetTcpActivator - ok
21:56:43.0425 0x1efc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:43.0436 0x1efc NetTcpPortSharing - ok
21:56:43.0440 0x1efc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:56:43.0448 0x1efc nfrd960 - ok
21:56:43.0456 0x1efc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:56:43.0471 0x1efc NlaSvc - ok
21:56:43.0477 0x1efc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:56:43.0503 0x1efc Npfs - ok
21:56:43.0506 0x1efc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:56:43.0533 0x1efc nsi - ok
21:56:43.0536 0x1efc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:56:43.0559 0x1efc nsiproxy - ok
21:56:43.0593 0x1efc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:56:43.0642 0x1efc Ntfs - ok
21:56:43.0646 0x1efc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:56:43.0670 0x1efc Null - ok
21:56:43.0674 0x1efc [ 8EBCB9165EE7F1571842F4D9D624A74C, 115F46B8391866762AD41B299F0670D8735D124BD518A53EC73DCDBFCA9C28F9 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
21:56:43.0683 0x1efc nusb3hub - ok
21:56:43.0688 0x1efc [ 5D54DBB12BBFE07CC283FD39F2CD6D63, 3DC3F9121F8892EDABD07ACDE45DB025BA2FC4245A8D3EE343F1FDF7189B391F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:56:43.0698 0x1efc nusb3xhc - ok
21:56:43.0704 0x1efc [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:56:43.0714 0x1efc NVHDA - ok
21:56:43.0912 0x1efc [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:56:44.0119 0x1efc nvlddmkm - ok
21:56:44.0159 0x1efc [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:56:44.0198 0x1efc NvNetworkService - ok
21:56:44.0203 0x1efc [ 30458B18AEA941B1FD3A6A076BE95A71, F3B36E52D63939A89658073E1DEFFCD050EF9B39F643771E846737915012D5FB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
21:56:44.0211 0x1efc nvpciflt - ok
21:56:44.0215 0x1efc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:56:44.0226 0x1efc nvraid - ok
21:56:44.0231 0x1efc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:56:44.0242 0x1efc nvstor - ok
21:56:44.0245 0x1efc [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:56:44.0252 0x1efc NvStreamKms - ok
21:56:44.0253 0x1efc NvStreamSvc - ok
21:56:44.0273 0x1efc [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc C:\Windows\system32\nvvsvc.exe
21:56:44.0298 0x1efc nvsvc - ok
21:56:44.0302 0x1efc [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:56:44.0309 0x1efc nvvad_WaveExtensible - ok
21:56:44.0313 0x1efc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:56:44.0324 0x1efc nv_agp - ok
21:56:44.0327 0x1efc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:56:44.0337 0x1efc ohci1394 - ok
21:56:44.0342 0x1efc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:56:44.0351 0x1efc ose - ok
21:56:44.0436 0x1efc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:56:44.0540 0x1efc osppsvc - ok
21:56:44.0553 0x1efc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:56:44.0568 0x1efc p2pimsvc - ok
21:56:44.0579 0x1efc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:56:44.0602 0x1efc p2psvc - ok
21:56:44.0607 0x1efc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:56:44.0617 0x1efc Parport - ok
21:56:44.0620 0x1efc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:56:44.0630 0x1efc partmgr - ok
21:56:44.0635 0x1efc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
21:56:44.0656 0x1efc PcaSvc - ok
21:56:44.0662 0x1efc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:56:44.0673 0x1efc pci - ok
21:56:44.0676 0x1efc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:56:44.0684 0x1efc pciide - ok
21:56:44.0690 0x1efc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:56:44.0702 0x1efc pcmcia - ok
21:56:44.0705 0x1efc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:56:44.0714 0x1efc pcw - ok
21:56:44.0727 0x1efc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:56:44.0762 0x1efc PEAUTH - ok
21:56:44.0788 0x1efc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:56:44.0823 0x1efc PeerDistSvc - ok
21:56:44.0839 0x1efc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:56:44.0852 0x1efc PerfHost - ok
21:56:44.0886 0x1efc [ 1E81496AFF9D7FA2B4C4032B746DE5B9, C4FEFE1A03EBD6BBB67D22461B67F5D080A32D75A58B5A48F3FE68D306B6D8DA ] Ph3xIB64 C:\Windows\system32\DRIVERS\Ph3xIB64.sys
21:56:44.0925 0x1efc Ph3xIB64 - ok
21:56:44.0953 0x1efc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:56:45.0009 0x1efc pla - ok
21:56:45.0020 0x1efc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:56:45.0037 0x1efc PlugPlay - ok
21:56:45.0039 0x1efc PnkBstrA - ok
21:56:45.0042 0x1efc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:56:45.0055 0x1efc PNRPAutoReg - ok
21:56:45.0063 0x1efc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:56:45.0077 0x1efc PNRPsvc - ok
21:56:45.0088 0x1efc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:56:45.0126 0x1efc PolicyAgent - ok
21:56:45.0133 0x1efc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:56:45.0159 0x1efc Power - ok
21:56:45.0164 0x1efc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:56:45.0188 0x1efc PptpMiniport - ok
21:56:45.0191 0x1efc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:56:45.0201 0x1efc Processor - ok
21:56:45.0207 0x1efc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:56:45.0225 0x1efc ProfSvc - ok
21:56:45.0228 0x1efc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:56:45.0236 0x1efc ProtectedStorage - ok
21:56:45.0241 0x1efc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:56:45.0266 0x1efc Psched - ok
21:56:45.0270 0x1efc [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
21:56:45.0277 0x1efc PxHlpa64 - ok
21:56:45.0306 0x1efc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:56:45.0343 0x1efc ql2300 - ok
21:56:45.0349 0x1efc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:56:45.0359 0x1efc ql40xx - ok
21:56:45.0366 0x1efc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:56:45.0389 0x1efc QWAVE - ok
21:56:45.0392 0x1efc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:56:45.0404 0x1efc QWAVEdrv - ok
21:56:45.0407 0x1efc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:56:45.0430 0x1efc RasAcd - ok
21:56:45.0433 0x1efc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:56:45.0457 0x1efc RasAgileVpn - ok
21:56:45.0462 0x1efc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:56:45.0492 0x1efc RasAuto - ok
21:56:45.0497 0x1efc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:56:45.0521 0x1efc Rasl2tp - ok
21:56:45.0529 0x1efc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:56:45.0565 0x1efc RasMan - ok
21:56:45.0569 0x1efc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:56:45.0594 0x1efc RasPppoe - ok
21:56:45.0598 0x1efc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:56:45.0622 0x1efc RasSstp - ok
21:56:45.0630 0x1efc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:56:45.0658 0x1efc rdbss - ok
21:56:45.0661 0x1efc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:56:45.0672 0x1efc rdpbus - ok
21:56:45.0674 0x1efc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:56:45.0697 0x1efc RDPCDD - ok
21:56:45.0704 0x1efc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:56:45.0716 0x1efc RDPDR - ok
21:56:45.0719 0x1efc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:56:45.0742 0x1efc RDPENCDD - ok
21:56:45.0745 0x1efc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:56:45.0768 0x1efc RDPREFMP - ok
21:56:45.0773 0x1efc [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:56:45.0783 0x1efc RdpVideoMiniport - ok
21:56:45.0789 0x1efc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:56:45.0806 0x1efc RDPWD - ok
21:56:45.0812 0x1efc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:56:45.0824 0x1efc rdyboost - ok
21:56:45.0828 0x1efc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:56:45.0858 0x1efc RemoteAccess - ok
21:56:45.0863 0x1efc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:56:45.0895 0x1efc RemoteRegistry - ok
21:56:45.0899 0x1efc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:56:45.0928 0x1efc RpcEptMapper - ok
21:56:45.0930 0x1efc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:56:45.0942 0x1efc RpcLocator - ok
21:56:45.0953 0x1efc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:56:45.0984 0x1efc RpcSs - ok
21:56:45.0988 0x1efc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:56:46.0013 0x1efc rspndr - ok
21:56:46.0015 0x1efc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:56:46.0024 0x1efc s3cap - ok
21:56:46.0027 0x1efc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
21:56:46.0035 0x1efc SamSs - ok
21:56:46.0039 0x1efc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:56:46.0049 0x1efc sbp2port - ok
21:56:46.0055 0x1efc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:56:46.0088 0x1efc SCardSvr - ok
21:56:46.0091 0x1efc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:56:46.0114 0x1efc scfilter - ok
21:56:46.0135 0x1efc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:56:46.0188 0x1efc Schedule - ok
21:56:46.0193 0x1efc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:56:46.0216 0x1efc SCPolicySvc - ok
21:56:46.0222 0x1efc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:56:46.0241 0x1efc SDRSVC - ok
21:56:46.0274 0x1efc [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:56:46.0313 0x1efc SDScannerService - ok
21:56:46.0352 0x1efc [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:56:46.0399 0x1efc SDUpdateService - ok
21:56:46.0406 0x1efc [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:56:46.0416 0x1efc SDWSCService - ok
21:56:46.0419 0x1efc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:56:46.0445 0x1efc secdrv - ok
21:56:46.0448 0x1efc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:56:46.0475 0x1efc seclogon - ok
21:56:46.0478 0x1efc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:56:46.0503 0x1efc SENS - ok
21:56:46.0506 0x1efc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:56:46.0520 0x1efc SensrSvc - ok
21:56:46.0523 0x1efc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:56:46.0532 0x1efc Serenum - ok
21:56:46.0536 0x1efc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
21:56:46.0546 0x1efc Serial - ok
21:56:46.0549 0x1efc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:56:46.0557 0x1efc sermouse - ok
21:56:46.0565 0x1efc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:56:46.0595 0x1efc SessionEnv - ok
21:56:46.0597 0x1efc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:56:46.0608 0x1efc sffdisk - ok
21:56:46.0610 0x1efc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:56:46.0620 0x1efc sffp_mmc - ok
21:56:46.0623 0x1efc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:56:46.0633 0x1efc sffp_sd - ok
21:56:46.0635 0x1efc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:56:46.0644 0x1efc sfloppy - ok
21:56:46.0652 0x1efc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:56:46.0689 0x1efc SharedAccess - ok
21:56:46.0698 0x1efc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:56:46.0733 0x1efc ShellHWDetection - ok
21:56:46.0737 0x1efc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:56:46.0745 0x1efc SiSRaid2 - ok
21:56:46.0749 0x1efc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:56:46.0758 0x1efc SiSRaid4 - ok
21:56:46.0762 0x1efc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:56:46.0787 0x1efc Smb - ok
21:56:46.0792 0x1efc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:56:46.0803 0x1efc SNMPTRAP - ok
21:56:46.0806 0x1efc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:56:46.0817 0x1efc spldr - ok
21:56:46.0829 0x1efc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:56:46.0849 0x1efc Spooler - ok
21:56:46.0912 0x1efc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:56:47.0004 0x1efc sppsvc - ok
21:56:47.0010 0x1efc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:56:47.0040 0x1efc sppuinotify - ok
21:56:47.0051 0x1efc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:56:47.0068 0x1efc srv - ok
21:56:47.0078 0x1efc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:56:47.0094 0x1efc srv2 - ok
21:56:47.0100 0x1efc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:56:47.0110 0x1efc srvnet - ok
21:56:47.0116 0x1efc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:56:47.0149 0x1efc SSDPSRV - ok
21:56:47.0153 0x1efc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:56:47.0178 0x1efc SstpSvc - ok
21:56:47.0180 0x1efc StarOpen - ok
21:56:47.0197 0x1efc [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:56:47.0219 0x1efc Steam Client Service - ok
21:56:47.0229 0x1efc [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:56:47.0244 0x1efc Stereo Service - ok
21:56:47.0247 0x1efc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:56:47.0256 0x1efc stexstor - ok
21:56:47.0258 0x1efc [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:56:47.0266 0x1efc StillCam - ok
21:56:47.0279 0x1efc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:56:47.0309 0x1efc stisvc - ok
21:56:47.0312 0x1efc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:56:47.0321 0x1efc storflt - ok
21:56:47.0324 0x1efc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:56:47.0333 0x1efc storvsc - ok
21:56:47.0335 0x1efc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:56:47.0343 0x1efc swenum - ok
21:56:47.0355 0x1efc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:56:47.0372 0x1efc SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:56:50.0031 0x1efc Detect skipped due to KSN trusted
21:56:50.0031 0x1efc SwitchBoard - ok
21:56:50.0043 0x1efc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:56:50.0084 0x1efc swprv - ok
21:56:50.0089 0x1efc [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
21:56:50.0098 0x1efc Synth3dVsc - ok
21:56:50.0130 0x1efc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:56:50.0185 0x1efc SysMain - ok
21:56:50.0190 0x1efc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:56:50.0209 0x1efc TabletInputService - ok
21:56:50.0217 0x1efc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:56:50.0251 0x1efc TapiSrv - ok
21:56:50.0255 0x1efc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:56:50.0279 0x1efc TBS - ok
21:56:50.0314 0x1efc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:56:50.0359 0x1efc Tcpip - ok
21:56:50.0395 0x1efc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:56:50.0434 0x1efc TCPIP6 - ok
21:56:50.0440 0x1efc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:56:50.0449 0x1efc tcpipreg - ok
21:56:50.0453 0x1efc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:56:50.0462 0x1efc TDPIPE - ok
21:56:50.0465 0x1efc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:56:50.0473 0x1efc TDTCP - ok
21:56:50.0477 0x1efc [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:56:50.0488 0x1efc tdx - ok
21:56:50.0491 0x1efc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:56:50.0500 0x1efc TermDD - ok
21:56:50.0503 0x1efc [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\drivers\terminpt.sys
21:56:50.0512 0x1efc terminpt - ok
21:56:50.0527 0x1efc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:56:50.0556 0x1efc TermService - ok
21:56:50.0560 0x1efc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:56:50.0578 0x1efc Themes - ok
21:56:50.0581 0x1efc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:56:50.0605 0x1efc THREADORDER - ok
21:56:50.0609 0x1efc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:56:50.0640 0x1efc TrkWks - ok
21:56:50.0645 0x1efc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:56:50.0671 0x1efc TrustedInstaller - ok
21:56:50.0676 0x1efc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:56:50.0684 0x1efc tssecsrv - ok
21:56:50.0687 0x1efc [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:56:50.0697 0x1efc TsUsbFlt - ok
21:56:50.0700 0x1efc [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:56:50.0708 0x1efc TsUsbGD - ok
21:56:50.0712 0x1efc [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
21:56:50.0723 0x1efc tsusbhub - ok
21:56:50.0727 0x1efc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:56:50.0751 0x1efc tunnel - ok
21:56:50.0755 0x1efc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:56:50.0764 0x1efc uagp35 - ok
21:56:50.0772 0x1efc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:56:50.0801 0x1efc udfs - ok
21:56:50.0806 0x1efc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:56:50.0820 0x1efc UI0Detect - ok
21:56:50.0827 0x1efc [ FDB805B2749DACE784BD05125979B478, EEED5D51841C719E9E3A6D0F373418695AA56C248AAA3279F04B6C078407D610 ] uigxrdr C:\Windows\system32\DRIVERS\uigxrdr.sys
21:56:50.0837 0x1efc uigxrdr - ok
21:56:50.0841 0x1efc [ 6D5E0269F2B97011800B788ACCF2EAF6, 1F1B0B161BC85F04863FA4383FCC9A1AAAD939394D39D02F061FA7F314719233 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
21:56:50.0849 0x1efc UimBus - ok
21:56:50.0863 0x1efc [ A30AC921D38E6F3EACFF0D0FF5510F1A, 1888455F4B42A0D183F26B8A1C68E2D6DCB2C5F47B4C6E59B0EA568971510D03 ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
21:56:50.0881 0x1efc Uim_IM - ok
21:56:50.0885 0x1efc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:56:50.0894 0x1efc uliagpkx - ok
21:56:50.0897 0x1efc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:56:50.0906 0x1efc umbus - ok
21:56:50.0909 0x1efc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:56:50.0917 0x1efc UmPass - ok
21:56:50.0923 0x1efc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:56:50.0941 0x1efc UmRdpService - ok
21:56:50.0950 0x1efc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:56:50.0986 0x1efc upnphost - ok
21:56:50.0990 0x1efc [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:56:50.0993 0x1efc USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
21:56:53.0650 0x1efc Detect skipped due to KSN trusted
21:56:53.0651 0x1efc USBAAPL64 - ok
21:56:53.0658 0x1efc [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:56:53.0677 0x1efc usbaudio - ok
21:56:53.0684 0x1efc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:56:53.0695 0x1efc usbccgp - ok
21:56:53.0699 0x1efc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:56:53.0709 0x1efc usbcir - ok
21:56:53.0712 0x1efc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:56:53.0721 0x1efc usbehci - ok
21:56:53.0729 0x1efc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:56:53.0744 0x1efc usbhub - ok
21:56:53.0747 0x1efc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:56:53.0755 0x1efc usbohci - ok
21:56:53.0758 0x1efc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:56:53.0768 0x1efc usbprint - ok
21:56:53.0772 0x1efc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:56:53.0782 0x1efc USBSTOR - ok
21:56:53.0785 0x1efc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:56:53.0793 0x1efc usbuhci - ok
21:56:53.0796 0x1efc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:56:53.0824 0x1efc UxSms - ok
21:56:53.0827 0x1efc [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
21:56:53.0835 0x1efc VaultSvc - ok
21:56:53.0838 0x1efc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:56:53.0846 0x1efc vdrvroot - ok
21:56:53.0857 0x1efc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:56:53.0895 0x1efc vds - ok
21:56:53.0899 0x1efc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:56:53.0909 0x1efc vga - ok
21:56:53.0911 0x1efc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:56:53.0935 0x1efc VgaSave - ok
21:56:53.0937 0x1efc VGPU - ok
21:56:53.0943 0x1efc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:56:53.0956 0x1efc vhdmp - ok
21:56:53.0959 0x1efc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:56:53.0967 0x1efc viaide - ok
21:56:53.0972 0x1efc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:56:53.0984 0x1efc vmbus - ok
21:56:53.0988 0x1efc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:56:54.0011 0x1efc VMBusHID - ok
21:56:54.0015 0x1efc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:56:54.0024 0x1efc volmgr - ok
21:56:54.0033 0x1efc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:56:54.0048 0x1efc volmgrx - ok
21:56:54.0056 0x1efc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:56:54.0069 0x1efc volsnap - ok
21:56:54.0075 0x1efc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:56:54.0086 0x1efc vsmraid - ok
21:56:54.0117 0x1efc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:56:54.0168 0x1efc VSS - ok
21:56:54.0172 0x1efc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:56:54.0183 0x1efc vwifibus - ok
21:56:54.0192 0x1efc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:56:54.0229 0x1efc W32Time - ok
21:56:54.0234 0x1efc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:56:54.0243 0x1efc WacomPen - ok
21:56:54.0247 0x1efc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:56:54.0270 0x1efc WANARP - ok
21:56:54.0274 0x1efc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:56:54.0296 0x1efc Wanarpv6 - ok
21:56:54.0320 0x1efc [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:56:54.0365 0x1efc WatAdminSvc - ok
21:56:54.0394 0x1efc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:56:54.0438 0x1efc wbengine - ok
21:56:54.0445 0x1efc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:56:54.0467 0x1efc WbioSrvc - ok
21:56:54.0476 0x1efc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:56:54.0501 0x1efc wcncsvc - ok
21:56:54.0504 0x1efc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:56:54.0519 0x1efc WcsPlugInService - ok
21:56:54.0522 0x1efc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:56:54.0530 0x1efc Wd - ok
21:56:54.0546 0x1efc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:56:54.0570 0x1efc Wdf01000 - ok
21:56:54.0575 0x1efc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:56:54.0590 0x1efc WdiServiceHost - ok
21:56:54.0593 0x1efc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:56:54.0603 0x1efc WdiSystemHost - ok
21:56:54.0609 0x1efc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
21:56:54.0629 0x1efc WebClient - ok
21:56:54.0635 0x1efc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:56:54.0670 0x1efc Wecsvc - ok
21:56:54.0674 0x1efc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:56:54.0704 0x1efc wercplsupport - ok
21:56:54.0707 0x1efc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:56:54.0737 0x1efc WerSvc - ok
21:56:54.0740 0x1efc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:56:54.0763 0x1efc WfpLwf - ok
21:56:54.0766 0x1efc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:56:54.0774 0x1efc WIMMount - ok
21:56:54.0776 0x1efc WinDefend - ok
21:56:54.0780 0x1efc WinHttpAutoProxySvc - ok
21:56:54.0789 0x1efc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:56:54.0823 0x1efc Winmgmt - ok
21:56:54.0860 0x1efc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
21:56:54.0916 0x1efc WinRM - ok
21:56:54.0923 0x1efc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:56:54.0934 0x1efc WinUsb - ok
21:56:54.0952 0x1efc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:56:54.0981 0x1efc Wlansvc - ok
21:56:55.0023 0x1efc [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:56:55.0075 0x1efc wlidsvc - ok
21:56:55.0079 0x1efc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:56:55.0088 0x1efc WmiAcpi - ok
21:56:55.0095 0x1efc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:56:55.0112 0x1efc wmiApSrv - ok
21:56:55.0114 0x1efc WMPNetworkSvc - ok
21:56:55.0118 0x1efc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:56:55.0130 0x1efc WPCSvc - ok
21:56:55.0135 0x1efc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:56:55.0153 0x1efc WPDBusEnum - ok
21:56:55.0156 0x1efc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:56:55.0179 0x1efc ws2ifsl - ok
21:56:55.0183 0x1efc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
21:56:55.0201 0x1efc wscsvc - ok
21:56:55.0203 0x1efc WSearch - ok
21:56:55.0249 0x1efc [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
21:56:55.0307 0x1efc wuauserv - ok
21:56:55.0313 0x1efc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:56:55.0323 0x1efc WudfPf - ok
21:56:55.0329 0x1efc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:56:55.0340 0x1efc WUDFRd - ok
21:56:55.0344 0x1efc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:56:55.0358 0x1efc wudfsvc - ok
21:56:55.0365 0x1efc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:56:55.0384 0x1efc WwanSvc - ok
21:56:55.0395 0x1efc [ 79D9CE9614C955DD31AA2556B4014662, 2692681268A5DEE2E07B0F848D76B330CD3AB065451EC9E35653066015EEF135 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
21:56:55.0413 0x1efc yukonw7 - ok
21:56:55.0416 0x1efc ================ Scan global ===============================
21:56:55.0419 0x1efc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:56:55.0430 0x1efc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:56:55.0444 0x1efc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:56:55.0450 0x1efc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:56:55.0462 0x1efc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:56:55.0468 0x1efc [ Global ] - ok
21:56:55.0468 0x1efc ================ Scan MBR ==================================
21:56:55.0470 0x1efc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:56:55.0492 0x1efc \Device\Harddisk2\DR2 - ok
21:56:55.0493 0x1efc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:56:55.0538 0x1efc \Device\Harddisk0\DR0 - ok
21:56:55.0539 0x1efc [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
21:56:55.0924 0x1efc \Device\Harddisk1\DR1 - ok
21:56:55.0925 0x1efc ================ Scan VBR ==================================
21:56:55.0926 0x1efc [ ABD464FAFBF7D99B6C6A15E367BA532C ] \Device\Harddisk2\DR2\Partition1
21:56:55.0927 0x1efc \Device\Harddisk2\DR2\Partition1 - ok
21:56:55.0929 0x1efc [ B9F11A2F54486BE6543DDA2D9DF7C44D ] \Device\Harddisk2\DR2\Partition2
21:56:55.0930 0x1efc \Device\Harddisk2\DR2\Partition2 - ok
21:56:55.0932 0x1efc [ 1AC7E4D1253A1C4F2AF881A09EE6A846 ] \Device\Harddisk0\DR0\Partition1
21:56:55.0978 0x1efc \Device\Harddisk0\DR0\Partition1 - ok
21:56:55.0978 0x1efc ================ Scan generic autorun ======================
21:56:55.0982 0x1efc [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:56:55.0999 0x1efc ShadowPlay - ok
21:56:56.0150 0x1efc [ E32AC519D0DE92F91F1AD842936CE0BC, 10CF2A3C9EE21BFD79894BFBA15B77BA1BE6D6457D98B782793DC7D26F743D05 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:56:56.0316 0x1efc RtHDVCpl - ok
21:56:56.0368 0x1efc [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:56:56.0424 0x1efc NvBackend - ok
21:56:56.0432 0x1efc [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
21:56:56.0441 0x1efc IAAnotif - ok
21:56:56.0474 0x1efc [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
21:56:56.0514 0x1efc EvtMgr6 - ok
21:56:56.0525 0x1efc [ 60B7037D9AAADC4E8C809BC71A39F943, 997291AA8CBE9E405F54F08CBC02EDCA66619078514EAA9A89E0AA4F876BE77A ] C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
21:56:56.0538 0x1efc Easy-PrintToolBox - ok
21:56:56.0588 0x1efc [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
21:56:56.0646 0x1efc CanonMyPrinter - ok
21:56:56.0660 0x1efc [ 647A1E2E56F99405D12867F6F8924B3D, 88EAF333EDC47D4A3F02D63688BDDB13F3A5ACD850719A2E8E16C3BAAD6B6191 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:56:56.0677 0x1efc AdobeAAMUpdater-1.0 - ok
21:56:56.0874 0x1efc [ 568AF5AB79BC0CA3FDDD49C03363F605, A9D74EB4B4B063B509CCDECA4E9E988A969E635A608CBFA51B9147719CBF3DE1 ] C:\Program Files\Logitech Gaming Software\LCore.exe
21:56:57.0081 0x1efc Launch LCore - ok
21:56:57.0106 0x1efc [ 182B036928F4C7111A1B7EF4CEE1B40C, 3FA7D5047DE519C1CD40394A51AB715F09A7F914519C81DB28888A21250BC3D4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:56:57.0125 0x1efc avgnt - ok
21:56:57.0141 0x1efc [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:56:57.0162 0x1efc StartCCC - ok
21:56:57.0224 0x1efc [ FEE45AD0B1EBF2C2D295B59BA593F6CD, 7A9B9410E31598F0320104A8874C76EE90E579D4F1719FDF6B11829AA03E5445 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
21:56:57.0295 0x1efc KiesTrayAgent - ok
21:56:57.0302 0x1efc [ A915E9E86853E86AAF0216675556B890, D0579457A225BFEE2740D3AE8C77AD853BD571D20203DF331EBBCF05214DCDDF ] C:\Program Files (x86)\EMET\EMET_notifier.exe
21:56:57.0313 0x1efc EMET Notifier - ok
21:56:57.0342 0x1efc [ 00AB2B491C7037BB219BEB26FAD34C72, 95EDBBE07EB85EEE1376252AA975BAA61235C80FC03036357BD4786E5D6B9703 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
21:56:57.0379 0x1efc CanonSolutionMenuEx - ok
21:56:57.0383 0x1efc [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:56:57.0390 0x1efc APSDaemon - ok
21:56:57.0401 0x1efc [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
21:56:57.0415 0x1efc SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
21:56:57.0415 0x1efc Detect skipped due to KSN trusted
21:56:57.0415 0x1efc SwitchBoard - ok
21:56:57.0435 0x1efc [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
21:56:57.0462 0x1efc AdobeCS6ServiceManager - ok
21:56:57.0490 0x1efc [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:56:57.0526 0x1efc Sidebar - ok
21:56:57.0530 0x1efc [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
21:56:57.0533 0x1efc phonostar-PlayerTimer - detected UnsignedFile.Multi.Generic ( 1 )
21:57:00.0190 0x1efc Detect skipped due to KSN trusted
21:57:00.0190 0x1efc phonostar-PlayerTimer - ok
21:57:00.0193 0x1efc [ 984F6749E0741C3F22D86C91B46177BE, E967A8C4305444D23B6CE423D75065197AF03388879F16251101E1D7380CD927 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
21:57:00.0203 0x1efc KiesPDLR - ok
21:57:00.0210 0x1efc [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe
21:57:00.0223 0x1efc Google Update - ok
21:57:00.0226 0x1efc Web Companion - ok
21:57:00.0233 0x1efc [ C11C16EEDB673972980A9E8B544E43C7, 23CCE12320F2A54A4982F21CAC425EF1B34DE5CE3A8702A9193040735A452381 ] C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe
21:57:00.0233 0x1efc Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe. md5: C11C16EEDB673972980A9E8B544E43C7, sha256: 23CCE12320F2A54A4982F21CAC425EF1B34DE5CE3A8702A9193040735A452381
21:57:00.0236 0x1efc xlnsxpuw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
21:57:03.0043 0x1efc xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - infected
21:57:03.0043 0x1efc Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe
21:57:05.0805 0x1efc Object send P2P result: true
21:57:08.0537 0x1efc [ FBECD699FC49E72AEE1424338459AED9, B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251 ] C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
21:57:08.0538 0x1efc Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe. md5: FBECD699FC49E72AEE1424338459AED9, sha256: B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251
21:57:08.0538 0x1efc pipe-according - detected LockedFile.Multi.Generic ( 1 )
21:57:11.0197 0x1efc Detect turned to UDS exact due to KSN untrusted
21:57:11.0197 0x1efc pipe-according ( UDS:DangerousObject.Multi.Generic ) - infected
21:57:11.0197 0x1efc Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
21:57:13.0948 0x1efc Object send P2P result: true
21:57:16.0607 0x1efc [ 4A0747D756860E0EC80D2EBE0F34CBD4, 0A2BCF1F595C9607DAB09510660106B19D125DE9502B57E99DDCFF6C67A2F632 ] C:\Users\Wolf\AppData\Roaming\Transitionreduce\transition_feel.exe
21:57:16.0607 0x1efc Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Roaming\Transitionreduce\transition_feel.exe. md5: 4A0747D756860E0EC80D2EBE0F34CBD4, sha256: 0A2BCF1F595C9607DAB09510660106B19D125DE9502B57E99DDCFF6C67A2F632
21:57:16.0608 0x1efc transition-collect - detected LockedFile.Multi.Generic ( 1 )
21:57:19.0284 0x1efc transition-collect ( LockedFile.Multi.Generic ) - warning
21:57:19.0284 0x1efc Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Roaming\Transitionreduce\transition_feel.exe
21:57:22.0041 0x1efc Object send P2P result: true
21:57:24.0706 0x1efc [ FBECD699FC49E72AEE1424338459AED9, B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251 ] C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
21:57:24.0706 0x1efc Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe. md5: FBECD699FC49E72AEE1424338459AED9, sha256: B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251
21:57:24.0707 0x1efc pipe-according - detected LockedFile.Multi.Generic ( 1 )
21:57:24.0707 0x1efc Detect turned to UDS exact due to KSN untrusted
21:57:24.0707 0x1efc pipe-according ( UDS:DangerousObject.Multi.Generic ) - infected
21:57:24.0707 0x1efc Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
21:57:27.0441 0x1efc Object send P2P result: true
21:57:30.0106 0x1efc [ 4A0747D756860E0EC80D2EBE0F34CBD4, 0A2BCF1F595C9607DAB09510660106B19D125DE9502B57E99DDCFF6C67A2F632 ] C:\Users\Wolf\AppData\Roaming\Transitionreduce\transition_feel.exe
21:57:30.0106 0x1efc Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Roaming\Transitionreduce\transition_feel.exe. md5: 4A0747D756860E0EC80D2EBE0F34CBD4, sha256: 0A2BCF1F595C9607DAB09510660106B19D125DE9502B57E99DDCFF6C67A2F632
21:57:30.0106 0x1efc transition-collect - detected LockedFile.Multi.Generic ( 1 )
21:57:30.0106 0x1efc transition-collect ( LockedFile.Multi.Generic ) - warning
21:57:32.0805 0x1efc [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:57:32.0837 0x1efc Sidebar - ok
21:57:32.0839 0x1efc swg - ok
21:57:32.0848 0x1efc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.644 ), 0x40000 ( disabled : updated )
21:57:32.0858 0x1efc Win FW state via NFP2: enabled
21:57:35.0510 0x1efc ============================================================
21:57:35.0510 0x1efc Scan finished
21:57:35.0510 0x1efc ============================================================
21:57:35.0521 0x1ad0 Detected object count: 5
21:57:35.0521 0x1ad0 Actual detected object count: 5
22:00:52.0249 0x1ad0 xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
22:00:52.0249 0x1ad0 xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
22:00:52.0249 0x1ad0 pipe-according ( UDS:DangerousObject.Multi.Generic ) - skipped by user
22:00:52.0249 0x1ad0 pipe-according ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
22:00:52.0251 0x1ad0 transition-collect ( LockedFile.Multi.Generic ) - skipped by user
22:00:52.0251 0x1ad0 transition-collect ( LockedFile.Multi.Generic ) - User select action: Skip
22:00:52.0253 0x1ad0 pipe-according ( UDS:DangerousObject.Multi.Generic ) - skipped by user
22:00:52.0253 0x1ad0 pipe-according ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
22:00:52.0255 0x1ad0 transition-collect ( LockedFile.Multi.Generic ) - skipped by user
22:00:52.0255 0x1ad0 transition-collect ( LockedFile.Multi.Generic ) - User select action: Skip
ewo |
|
06.03.2015, 12:00
| #8 |
| /// the machine /// TB-Ausbilder | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.03.2015, 12:44
| #9 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Hi schrauber, danke für die Antwort. Ich habe aber noch ein Rückfrage. Sorry dafür, aber man macht diese Sachen zum Glück nicht so häufig und ich möchte natürlich unnützige Fehler vermeiden: Ich habe, wie in der weiter oben erwähnten Anleitung zu TDSSKiller beschrieben, TDSSKiller als Admin gestartet und unter change parameters bei allen Additional Option ein Häkchen gemacht. Er hat 3 Objekte gefunden, die nicht mit "Cure" sondern in diesem Fall mit "Delete" hätte fixen können. Ich habe dieses mal nochmals mit Skip abgerochen. Darum meine Frage: Soll die Additional Options alle aktivieren und falls nach dem Scan nicht "cure" sondern "delete" angeboten wird entsprechend mit "delete" fortfahren. Danke im voraus. Anbei er Lofile nach dem Fortfahren mit "Skip": Code:
ATTFilter 12:17:57.0759 0x0284 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:18:04.0183 0x0284 ============================================================
12:18:04.0183 0x0284 Current date / time: 2015/03/06 12:18:04.0183
12:18:04.0183 0x0284 SystemInfo:
12:18:04.0183 0x0284
12:18:04.0183 0x0284 OS Version: 6.1.7601 ServicePack: 1.0
12:18:04.0183 0x0284 Product type: Workstation
12:18:04.0183 0x0284 ComputerName: WOLF-PC
12:18:04.0183 0x0284 UserName: Wolf
12:18:04.0183 0x0284 Windows directory: C:\Windows
12:18:04.0183 0x0284 System windows directory: C:\Windows
12:18:04.0183 0x0284 Running under WOW64
12:18:04.0183 0x0284 Processor architecture: Intel x64
12:18:04.0183 0x0284 Number of processors: 8
12:18:04.0183 0x0284 Page size: 0x1000
12:18:04.0183 0x0284 Boot type: Normal boot
12:18:04.0183 0x0284 ============================================================
12:18:04.0480 0x0284 KLMD registered as C:\Windows\system32\drivers\75735359.sys
12:18:04.0566 0x0284 System UUID: {88B87F8C-D652-A2BF-1E0B-C5F3C3E5E959}
12:18:04.0877 0x0284 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
12:18:04.0884 0x0284 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:18:04.0884 0x0284 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:18:04.0896 0x0284 ============================================================
12:18:04.0896 0x0284 \Device\Harddisk2\DR2:
12:18:04.0896 0x0284 MBR partitions:
12:18:04.0896 0x0284 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:18:04.0896 0x0284 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x746D3000
12:18:04.0896 0x0284 \Device\Harddisk0\DR0:
12:18:04.0896 0x0284 MBR partitions:
12:18:04.0896 0x0284 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
12:18:04.0896 0x0284 \Device\Harddisk1\DR1:
12:18:04.0896 0x0284 MBR partitions:
12:18:04.0896 0x0284 ============================================================
12:18:04.0897 0x0284 C: <-> \Device\Harddisk2\DR2\Partition2
12:18:04.0917 0x0284 D: <-> \Device\Harddisk0\DR0\Partition1
12:18:04.0917 0x0284 ============================================================
12:18:04.0917 0x0284 Initialize success
12:18:04.0917 0x0284 ============================================================
12:19:37.0121 0x1050 ============================================================
12:19:37.0121 0x1050 Scan started
12:19:37.0121 0x1050 Mode: Manual; SigCheck; TDLFS;
12:19:37.0121 0x1050 ============================================================
12:19:37.0121 0x1050 KSN ping started
12:19:39.0769 0x1050 KSN ping finished: true
12:19:39.0958 0x1050 ================ Scan system memory ========================
12:19:39.0958 0x1050 System memory - ok
12:19:39.0959 0x1050 ================ Scan services =============================
12:19:39.0985 0x1050 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
12:19:40.0026 0x1050 1394ohci - ok
12:19:40.0039 0x1050 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:19:40.0059 0x1050 ACPI - ok
12:19:40.0062 0x1050 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:19:40.0080 0x1050 AcpiPmi - ok
12:19:40.0085 0x1050 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:19:40.0099 0x1050 AdobeARMservice - ok
12:19:40.0117 0x1050 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:19:40.0137 0x1050 AdobeFlashPlayerUpdateSvc - ok
12:19:40.0153 0x1050 [ E280D3CE9196ED599ED3D6ACA651053B, 9D552A3C67D64A49BDD93BDF534949E9844F839B2F74A15F09A1586B7694C06C ] AdobeUpdateService C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
12:19:40.0178 0x1050 AdobeUpdateService - ok
12:19:40.0190 0x1050 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:19:40.0213 0x1050 adp94xx - ok
12:19:40.0221 0x1050 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:19:40.0240 0x1050 adpahci - ok
12:19:40.0245 0x1050 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:19:40.0261 0x1050 adpu320 - ok
12:19:40.0265 0x1050 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:19:40.0309 0x1050 AeLookupSvc - ok
12:19:40.0320 0x1050 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:19:40.0346 0x1050 AFD - ok
12:19:40.0350 0x1050 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:19:40.0362 0x1050 agp440 - ok
12:19:40.0366 0x1050 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:19:40.0380 0x1050 ALG - ok
12:19:40.0383 0x1050 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:19:40.0393 0x1050 aliide - ok
12:19:40.0400 0x1050 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:19:40.0426 0x1050 AMD External Events Utility - ok
12:19:40.0429 0x1050 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:19:40.0439 0x1050 amdide - ok
12:19:40.0443 0x1050 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:19:40.0456 0x1050 AmdK8 - ok
12:19:40.0685 0x1050 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:19:40.0914 0x1050 amdkmdag - ok
12:19:40.0934 0x1050 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:19:40.0960 0x1050 amdkmdap - ok
12:19:40.0964 0x1050 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:19:40.0977 0x1050 AmdPPM - ok
12:19:40.0981 0x1050 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:19:40.0995 0x1050 amdsata - ok
12:19:41.0001 0x1050 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:19:41.0017 0x1050 amdsbs - ok
12:19:41.0020 0x1050 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:19:41.0030 0x1050 amdxata - ok
12:19:41.0050 0x1050 [ 35CCC725A117FD966ADFDE0FDF663C60, 282A07AA3D609E6978E6BF79EF0CDF3FE6A25CFAA433F9F2DD8710F2E4ED4BAA ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
12:19:41.0070 0x1050 AntiVirMailService - ok
12:19:41.0080 0x1050 [ B5975B61C97F4E47C129CDE76AFF84D4, 0494273946B6DEACC6C6F3AF70F90467A07CB127A5CBD223D4F3450A03C259C3 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:19:41.0098 0x1050 AntiVirSchedulerService - ok
12:19:41.0108 0x1050 [ B5975B61C97F4E47C129CDE76AFF84D4, 0494273946B6DEACC6C6F3AF70F90467A07CB127A5CBD223D4F3450A03C259C3 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:19:41.0125 0x1050 AntiVirService - ok
12:19:41.0145 0x1050 [ 90E78AD249819ED06951B5B7C0C010A5, 0C387514BAA3F413040E6A0A6F0BFEF12C63AA484AFC3C238A2677BA51661C5D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:19:41.0166 0x1050 AntiVirWebService - ok
12:19:41.0170 0x1050 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:19:41.0223 0x1050 AppID - ok
12:19:41.0227 0x1050 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:19:41.0257 0x1050 AppIDSvc - ok
12:19:41.0260 0x1050 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:19:41.0275 0x1050 Appinfo - ok
12:19:41.0279 0x1050 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:19:41.0290 0x1050 Apple Mobile Device - ok
12:19:41.0296 0x1050 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:19:41.0313 0x1050 AppMgmt - ok
12:19:41.0317 0x1050 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:19:41.0331 0x1050 arc - ok
12:19:41.0335 0x1050 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:19:41.0348 0x1050 arcsas - ok
12:19:41.0351 0x1050 [ F6BDA026E4157DC4E321CA391E9D9BC6, D38774B8F812816DA43A0C52EEC566BBC44F57A6614BC84F1417C4227286B594 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:19:41.0363 0x1050 AsIO - ok
12:19:41.0373 0x1050 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:19:41.0391 0x1050 aspnet_state - ok
12:19:41.0395 0x1050 [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
12:19:41.0407 0x1050 AsSysCtrlService - ok
12:19:41.0410 0x1050 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:19:41.0435 0x1050 AsyncMac - ok
12:19:41.0438 0x1050 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:19:41.0448 0x1050 atapi - ok
12:19:41.0453 0x1050 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:19:41.0467 0x1050 AtiHDAudioService - ok
12:19:41.0480 0x1050 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:19:41.0511 0x1050 AudioEndpointBuilder - ok
12:19:41.0525 0x1050 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:19:41.0543 0x1050 AudioSrv - ok
12:19:41.0550 0x1050 [ DC906FA273A82C48D1F2B633C8CFF2E7, AB9865FA691DA0F8C1A64140941834884EC01867DEBACAD90FC24F0E6AF654B0 ] auusb C:\Windows\system32\DRIVERS\auusb.sys
12:19:41.0563 0x1050 auusb - ok
12:19:41.0568 0x1050 [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:19:41.0581 0x1050 avgntflt - ok
12:19:41.0586 0x1050 [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:19:41.0599 0x1050 avipbb - ok
12:19:41.0602 0x1050 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:19:41.0613 0x1050 avkmgr - ok
12:19:41.0616 0x1050 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
12:19:41.0626 0x1050 avnetflt - ok
12:19:41.0631 0x1050 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:19:41.0655 0x1050 AxInstSV - ok
12:19:41.0665 0x1050 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:19:41.0688 0x1050 b06bdrv - ok
12:19:41.0696 0x1050 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:19:41.0714 0x1050 b57nd60a - ok
12:19:41.0719 0x1050 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:19:41.0736 0x1050 BDESVC - ok
12:19:41.0738 0x1050 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:19:41.0763 0x1050 Beep - ok
12:19:41.0773 0x1050 [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
12:19:41.0801 0x1050 BEService - ok
12:19:41.0816 0x1050 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:19:41.0845 0x1050 BFE - ok
12:19:41.0849 0x1050 [ 61CF05132598307F56547F027D6B4139, CB1794F37F5F93350C41A3A2F25E20C8A051D02F68A9B84D9429432601FBB3CD ] BioNTDrv C:\Program Files (x86)\Paragon Software\Festplatten Manager 12 Professional\program\BioNTDrv.SYS
12:19:41.0859 0x1050 BioNTDrv - ok
12:19:41.0876 0x1050 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:19:41.0914 0x1050 BITS - ok
12:19:41.0918 0x1050 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:19:41.0930 0x1050 blbdrive - ok
12:19:41.0940 0x1050 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:19:41.0959 0x1050 Bonjour Service - ok
12:19:41.0964 0x1050 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:19:41.0977 0x1050 bowser - ok
12:19:41.0980 0x1050 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:19:41.0993 0x1050 BrFiltLo - ok
12:19:41.0996 0x1050 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:19:42.0007 0x1050 BrFiltUp - ok
12:19:42.0012 0x1050 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:19:42.0030 0x1050 Browser - ok
12:19:42.0037 0x1050 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:19:42.0057 0x1050 Brserid - ok
12:19:42.0061 0x1050 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:19:42.0074 0x1050 BrSerWdm - ok
12:19:42.0077 0x1050 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:19:42.0089 0x1050 BrUsbMdm - ok
12:19:42.0092 0x1050 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:19:42.0102 0x1050 BrUsbSer - ok
12:19:42.0106 0x1050 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:19:42.0120 0x1050 BTHMODEM - ok
12:19:42.0125 0x1050 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:19:42.0154 0x1050 bthserv - ok
12:19:42.0158 0x1050 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:19:42.0185 0x1050 cdfs - ok
12:19:42.0190 0x1050 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:19:42.0206 0x1050 cdrom - ok
12:19:42.0210 0x1050 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:19:42.0238 0x1050 CertPropSvc - ok
12:19:42.0241 0x1050 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:19:42.0256 0x1050 circlass - ok
12:19:42.0265 0x1050 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:19:42.0285 0x1050 CLFS - ok
12:19:42.0290 0x1050 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:19:42.0304 0x1050 clr_optimization_v2.0.50727_32 - ok
12:19:42.0310 0x1050 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:19:42.0324 0x1050 clr_optimization_v2.0.50727_64 - ok
12:19:42.0332 0x1050 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:19:42.0349 0x1050 clr_optimization_v4.0.30319_32 - ok
12:19:42.0353 0x1050 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:19:42.0366 0x1050 clr_optimization_v4.0.30319_64 - ok
12:19:42.0369 0x1050 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:19:42.0379 0x1050 CmBatt - ok
12:19:42.0382 0x1050 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:19:42.0393 0x1050 cmdide - ok
12:19:42.0403 0x1050 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
12:19:42.0430 0x1050 CNG - ok
12:19:42.0433 0x1050 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:19:42.0444 0x1050 Compbatt - ok
12:19:42.0447 0x1050 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:19:42.0461 0x1050 CompositeBus - ok
12:19:42.0463 0x1050 COMSysApp - ok
12:19:42.0467 0x1050 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:19:42.0478 0x1050 crcdisk - ok
12:19:42.0484 0x1050 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:19:42.0502 0x1050 CryptSvc - ok
12:19:42.0513 0x1050 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:19:42.0537 0x1050 CSC - ok
12:19:42.0551 0x1050 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:19:42.0571 0x1050 CscService - ok
12:19:42.0584 0x1050 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:19:42.0615 0x1050 DcomLaunch - ok
12:19:42.0623 0x1050 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:19:42.0657 0x1050 defragsvc - ok
12:19:42.0661 0x1050 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:19:42.0688 0x1050 DfsC - ok
12:19:42.0696 0x1050 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:19:42.0711 0x1050 Dhcp - ok
12:19:42.0714 0x1050 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:19:42.0740 0x1050 discache - ok
12:19:42.0743 0x1050 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:19:42.0756 0x1050 Disk - ok
12:19:42.0760 0x1050 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:19:42.0774 0x1050 dmvsc - ok
12:19:42.0779 0x1050 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:19:42.0797 0x1050 Dnscache - ok
12:19:42.0803 0x1050 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:19:42.0837 0x1050 dot3svc - ok
12:19:42.0842 0x1050 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:19:42.0867 0x1050 DPS - ok
12:19:42.0869 0x1050 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:19:42.0879 0x1050 drmkaud - ok
12:19:42.0898 0x1050 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:19:42.0927 0x1050 DXGKrnl - ok
12:19:42.0932 0x1050 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:19:42.0962 0x1050 EapHost - ok
12:19:43.0020 0x1050 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:19:43.0099 0x1050 ebdrv - ok
12:19:43.0105 0x1050 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
12:19:43.0117 0x1050 EFS - ok
12:19:43.0132 0x1050 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:19:43.0162 0x1050 ehRecvr - ok
12:19:43.0167 0x1050 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:19:43.0182 0x1050 ehSched - ok
12:19:43.0194 0x1050 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:19:43.0216 0x1050 elxstor - ok
12:19:43.0219 0x1050 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:19:43.0230 0x1050 ErrDev - ok
12:19:43.0241 0x1050 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:19:43.0276 0x1050 EventSystem - ok
12:19:43.0279 0x1050 ewusbmbb - ok
12:19:43.0282 0x1050 ew_usbenumfilter - ok
12:19:43.0288 0x1050 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:19:43.0318 0x1050 exfat - ok
12:19:43.0324 0x1050 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:19:43.0354 0x1050 fastfat - ok
12:19:43.0368 0x1050 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:19:43.0390 0x1050 Fax - ok
12:19:43.0393 0x1050 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:19:43.0404 0x1050 fdc - ok
12:19:43.0407 0x1050 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:19:43.0433 0x1050 fdPHost - ok
12:19:43.0436 0x1050 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:19:43.0464 0x1050 FDResPub - ok
12:19:43.0467 0x1050 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:19:43.0480 0x1050 FileInfo - ok
12:19:43.0483 0x1050 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:19:43.0508 0x1050 Filetrace - ok
12:19:43.0522 0x1050 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:19:43.0549 0x1050 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
12:19:46.0159 0x1050 Detect skipped due to KSN trusted
12:19:46.0159 0x1050 FLEXnet Licensing Service - ok
12:19:46.0164 0x1050 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:19:46.0183 0x1050 flpydisk - ok
12:19:46.0196 0x1050 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:19:46.0230 0x1050 FltMgr - ok
12:19:46.0259 0x1050 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:19:46.0297 0x1050 FontCache - ok
12:19:46.0301 0x1050 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:19:46.0312 0x1050 FontCache3.0.0.0 - ok
12:19:46.0316 0x1050 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:19:46.0328 0x1050 FsDepends - ok
12:19:46.0331 0x1050 [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:19:46.0345 0x1050 fssfltr - ok
12:19:46.0373 0x1050 [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:19:46.0422 0x1050 fsssvc - ok
12:19:46.0426 0x1050 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:19:46.0436 0x1050 Fs_Rec - ok
12:19:46.0440 0x1050 [ FA169871D8FADCC6539C4E8726610286, 14BF1C5225BD736C686FAC6393050BCFC5C43BC9557A78901CC98BC446A3894D ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
12:19:46.0450 0x1050 FTDIBUS - ok
12:19:46.0457 0x1050 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:19:46.0478 0x1050 fvevol - ok
12:19:46.0482 0x1050 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:19:46.0494 0x1050 gagp30kx - ok
12:19:46.0497 0x1050 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys
12:19:46.0506 0x1050 GearAspiWDM - ok
12:19:46.0527 0x1050 [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:19:46.0562 0x1050 GfExperienceService - ok
12:19:46.0567 0x1050 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F, 6D2B301E77839FFF1C74425B37D02C3F3837CE50E856C21AE4CF7ABABB04ADDC ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
12:19:46.0577 0x1050 GoogleDesktopManager-051210-111108 - ok
12:19:46.0592 0x1050 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:19:46.0636 0x1050 gpsvc - ok
12:19:46.0641 0x1050 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:46.0648 0x1050 gupdate - ok
12:19:46.0652 0x1050 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:19:46.0659 0x1050 gupdatem - ok
12:19:46.0662 0x1050 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:19:46.0674 0x1050 hcw85cir - ok
12:19:46.0683 0x1050 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:19:46.0705 0x1050 HdAudAddService - ok
12:19:46.0710 0x1050 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:19:46.0722 0x1050 HDAudBus - ok
12:19:46.0724 0x1050 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:19:46.0736 0x1050 HidBatt - ok
12:19:46.0740 0x1050 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:19:46.0755 0x1050 HidBth - ok
12:19:46.0758 0x1050 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:19:46.0772 0x1050 HidIr - ok
12:19:46.0775 0x1050 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:19:46.0803 0x1050 hidserv - ok
12:19:46.0806 0x1050 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:19:46.0818 0x1050 HidUsb - ok
12:19:46.0822 0x1050 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:19:46.0851 0x1050 hkmsvc - ok
12:19:46.0857 0x1050 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:19:46.0878 0x1050 HomeGroupListener - ok
12:19:46.0884 0x1050 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:19:46.0900 0x1050 HomeGroupProvider - ok
12:19:46.0903 0x1050 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:19:46.0917 0x1050 HpSAMD - ok
12:19:46.0931 0x1050 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:19:46.0975 0x1050 HTTP - ok
12:19:46.0977 0x1050 huawei_enumerator - ok
12:19:46.0981 0x1050 hwdatacard - ok
12:19:46.0984 0x1050 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:19:46.0994 0x1050 hwpolicy - ok
12:19:46.0999 0x1050 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:19:47.0014 0x1050 i8042prt - ok
12:19:47.0023 0x1050 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:19:47.0042 0x1050 IAANTMON - ok
12:19:47.0052 0x1050 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:19:47.0065 0x1050 iaStor - ok
12:19:47.0074 0x1050 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:19:47.0095 0x1050 iaStorV - ok
12:19:47.0112 0x1050 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:19:47.0147 0x1050 idsvc - ok
12:19:47.0150 0x1050 IEEtwCollectorService - ok
12:19:47.0154 0x1050 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:19:47.0165 0x1050 iirsp - ok
12:19:47.0182 0x1050 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:19:47.0214 0x1050 IKEEXT - ok
12:19:47.0252 0x1050 [ 49A81307E807C0EAAD6510589DD92A3D, 8808652FA2F190274F624111F2CA49E1394E965A2724FC29277E5F80F825D115 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:19:47.0298 0x1050 IntcAzAudAddService - ok
12:19:47.0303 0x1050 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:19:47.0314 0x1050 intelide - ok
12:19:47.0317 0x1050 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:19:47.0326 0x1050 intelppm - ok
12:19:47.0330 0x1050 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:19:47.0360 0x1050 IPBusEnum - ok
12:19:47.0364 0x1050 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:19:47.0391 0x1050 IpFilterDriver - ok
12:19:47.0403 0x1050 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:19:47.0422 0x1050 iphlpsvc - ok
12:19:47.0426 0x1050 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:19:47.0440 0x1050 IPMIDRV - ok
12:19:47.0445 0x1050 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:19:47.0473 0x1050 IPNAT - ok
12:19:47.0486 0x1050 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:19:47.0502 0x1050 iPod Service - ok
12:19:47.0505 0x1050 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:19:47.0519 0x1050 IRENUM - ok
12:19:47.0522 0x1050 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:19:47.0533 0x1050 isapnp - ok
12:19:47.0540 0x1050 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:19:47.0559 0x1050 iScsiPrt - ok
12:19:47.0562 0x1050 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:19:47.0574 0x1050 kbdclass - ok
12:19:47.0577 0x1050 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:19:47.0588 0x1050 kbdhid - ok
12:19:47.0591 0x1050 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
12:19:47.0599 0x1050 KeyIso - ok
12:19:47.0603 0x1050 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:19:47.0616 0x1050 KSecDD - ok
12:19:47.0622 0x1050 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:19:47.0637 0x1050 KSecPkg - ok
12:19:47.0640 0x1050 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:19:47.0665 0x1050 ksthunk - ok
12:19:47.0673 0x1050 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:19:47.0709 0x1050 KtmRm - ok
12:19:47.0719 0x1050 [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
12:19:47.0736 0x1050 LADF_CaptureOnly - ok
12:19:47.0741 0x1050 [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
12:19:47.0752 0x1050 LADF_RenderOnly - ok
12:19:47.0758 0x1050 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:19:47.0791 0x1050 LanmanServer - ok
12:19:47.0795 0x1050 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:19:47.0825 0x1050 LanmanWorkstation - ok
12:19:47.0834 0x1050 [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
12:19:47.0855 0x1050 LBTServ - ok
12:19:47.0859 0x1050 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
12:19:47.0868 0x1050 LGBusEnum - ok
12:19:47.0872 0x1050 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
12:19:47.0882 0x1050 LGSHidFilt - ok
12:19:47.0885 0x1050 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
12:19:47.0895 0x1050 LGSUsbFilt - ok
12:19:47.0897 0x1050 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
12:19:47.0906 0x1050 LGVirHid - ok
12:19:47.0909 0x1050 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:19:47.0920 0x1050 LHidFilt - ok
12:19:47.0923 0x1050 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:19:47.0950 0x1050 lltdio - ok
12:19:47.0957 0x1050 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:19:47.0993 0x1050 lltdsvc - ok
12:19:47.0996 0x1050 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:19:48.0022 0x1050 lmhosts - ok
12:19:48.0025 0x1050 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:19:48.0036 0x1050 LMouFilt - ok
12:19:48.0041 0x1050 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:19:48.0055 0x1050 LSI_FC - ok
12:19:48.0059 0x1050 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:19:48.0072 0x1050 LSI_SAS - ok
12:19:48.0076 0x1050 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:19:48.0088 0x1050 LSI_SAS2 - ok
12:19:48.0093 0x1050 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:19:48.0106 0x1050 LSI_SCSI - ok
12:19:48.0110 0x1050 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:19:48.0139 0x1050 luafv - ok
12:19:48.0142 0x1050 [ 29C733E1DE824670DC9315CFC9BDBCD3, 8CFC987FEB174D91E415DEC89437D31D7AA5F6B7685641372EF26790E1444610 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
12:19:48.0153 0x1050 LUsbFilt - ok
12:19:48.0155 0x1050 MBAMSwissArmy - ok
12:19:48.0159 0x1050 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:19:48.0175 0x1050 Mcx2Svc - ok
12:19:48.0183 0x1050 [ B0174BBFB541B9BED3FE552C4BF93A9E, FB7EE7E221B542054DD1EF63687BDCFF32954B8D57135A0F33B8EEE5CC0CC069 ] MDES C:\ASUS.SYS\CONFIG\DVMExportService.exe
12:19:48.0197 0x1050 MDES - detected UnsignedFile.Multi.Generic ( 1 )
12:19:50.0807 0x1050 Detect skipped due to KSN trusted
12:19:50.0807 0x1050 MDES - ok
12:19:50.0812 0x1050 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:19:50.0832 0x1050 megasas - ok
12:19:50.0845 0x1050 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:19:50.0871 0x1050 MegaSR - ok
12:19:50.0875 0x1050 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:19:50.0907 0x1050 MMCSS - ok
12:19:50.0910 0x1050 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:19:50.0937 0x1050 Modem - ok
12:19:50.0940 0x1050 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:19:50.0950 0x1050 monitor - ok
12:19:50.0953 0x1050 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:19:50.0965 0x1050 mouclass - ok
12:19:50.0968 0x1050 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:19:50.0979 0x1050 mouhid - ok
12:19:50.0983 0x1050 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:19:50.0996 0x1050 mountmgr - ok
12:19:51.0001 0x1050 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:19:51.0010 0x1050 MozillaMaintenance - ok
12:19:51.0016 0x1050 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:19:51.0032 0x1050 mpio - ok
12:19:51.0035 0x1050 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:19:51.0062 0x1050 mpsdrv - ok
12:19:51.0079 0x1050 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:19:51.0124 0x1050 MpsSvc - ok
12:19:51.0130 0x1050 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:19:51.0145 0x1050 MRxDAV - ok
12:19:51.0150 0x1050 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:19:51.0165 0x1050 mrxsmb - ok
12:19:51.0173 0x1050 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:19:51.0191 0x1050 mrxsmb10 - ok
12:19:51.0195 0x1050 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:19:51.0209 0x1050 mrxsmb20 - ok
12:19:51.0213 0x1050 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:19:51.0223 0x1050 msahci - ok
12:19:51.0228 0x1050 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:19:51.0243 0x1050 msdsm - ok
12:19:51.0248 0x1050 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:19:51.0265 0x1050 MSDTC - ok
12:19:51.0270 0x1050 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:19:51.0297 0x1050 Msfs - ok
12:19:51.0299 0x1050 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:19:51.0323 0x1050 mshidkmdf - ok
12:19:51.0326 0x1050 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:19:51.0336 0x1050 msisadrv - ok
12:19:51.0341 0x1050 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:19:51.0373 0x1050 MSiSCSI - ok
12:19:51.0375 0x1050 msiserver - ok
12:19:51.0378 0x1050 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:19:51.0402 0x1050 MSKSSRV - ok
12:19:51.0404 0x1050 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:19:51.0428 0x1050 MSPCLOCK - ok
12:19:51.0431 0x1050 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:19:51.0455 0x1050 MSPQM - ok
12:19:51.0464 0x1050 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:19:51.0483 0x1050 MsRPC - ok
12:19:51.0487 0x1050 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:19:51.0495 0x1050 mssmbios - ok
12:19:51.0497 0x1050 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:19:51.0522 0x1050 MSTEE - ok
12:19:51.0525 0x1050 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:19:51.0535 0x1050 MTConfig - ok
12:19:51.0538 0x1050 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:19:51.0547 0x1050 MTsensor - ok
12:19:51.0550 0x1050 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:19:51.0562 0x1050 Mup - ok
12:19:51.0569 0x1050 [ 19CBAAB0B1F214AF834EDD9256F55977, 25C992B6A8E4936A07CBAE7BF247960470A5CD2276E366BFC16ABAD7E338B0AD ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
12:19:51.0580 0x1050 mv91xx - ok
12:19:51.0591 0x1050 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:19:51.0622 0x1050 napagent - ok
12:19:51.0630 0x1050 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:19:51.0646 0x1050 NativeWifiP - ok
12:19:51.0665 0x1050 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:19:51.0688 0x1050 NDIS - ok
12:19:51.0692 0x1050 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:19:51.0718 0x1050 NdisCap - ok
12:19:51.0721 0x1050 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:19:51.0746 0x1050 NdisTapi - ok
12:19:51.0749 0x1050 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:19:51.0775 0x1050 Ndisuio - ok
12:19:51.0780 0x1050 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:19:51.0809 0x1050 NdisWan - ok
12:19:51.0813 0x1050 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:19:51.0838 0x1050 NDProxy - ok
12:19:51.0841 0x1050 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:19:51.0867 0x1050 NetBIOS - ok
12:19:51.0874 0x1050 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:19:51.0906 0x1050 NetBT - ok
12:19:51.0909 0x1050 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
12:19:51.0917 0x1050 Netlogon - ok
12:19:51.0925 0x1050 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:19:51.0954 0x1050 Netman - ok
12:19:51.0959 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:19:51.0980 0x1050 NetMsmqActivator - ok
12:19:51.0984 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:19:51.0995 0x1050 NetPipeActivator - ok
12:19:52.0006 0x1050 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:19:52.0043 0x1050 netprofm - ok
12:19:52.0048 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:19:52.0059 0x1050 NetTcpActivator - ok
12:19:52.0063 0x1050 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:19:52.0074 0x1050 NetTcpPortSharing - ok
12:19:52.0077 0x1050 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:19:52.0089 0x1050 nfrd960 - ok
12:19:52.0097 0x1050 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:19:52.0111 0x1050 NlaSvc - ok
12:19:52.0116 0x1050 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:19:52.0142 0x1050 Npfs - ok
12:19:52.0145 0x1050 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:19:52.0173 0x1050 nsi - ok
12:19:52.0175 0x1050 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:19:52.0201 0x1050 nsiproxy - ok
12:19:52.0233 0x1050 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:19:52.0281 0x1050 Ntfs - ok
12:19:52.0285 0x1050 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:19:52.0309 0x1050 Null - ok
12:19:52.0313 0x1050 [ 8EBCB9165EE7F1571842F4D9D624A74C, 115F46B8391866762AD41B299F0670D8735D124BD518A53EC73DCDBFCA9C28F9 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:19:52.0324 0x1050 nusb3hub - ok
12:19:52.0330 0x1050 [ 5D54DBB12BBFE07CC283FD39F2CD6D63, 3DC3F9121F8892EDABD07ACDE45DB025BA2FC4245A8D3EE343F1FDF7189B391F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:19:52.0343 0x1050 nusb3xhc - ok
12:19:52.0349 0x1050 [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:19:52.0363 0x1050 NVHDA - ok
12:19:52.0537 0x1050 [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:19:52.0734 0x1050 nvlddmkm - ok
12:19:52.0773 0x1050 [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:19:52.0819 0x1050 NvNetworkService - ok
12:19:52.0824 0x1050 [ 30458B18AEA941B1FD3A6A076BE95A71, F3B36E52D63939A89658073E1DEFFCD050EF9B39F643771E846737915012D5FB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
12:19:52.0834 0x1050 nvpciflt - ok
12:19:52.0839 0x1050 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:19:52.0853 0x1050 nvraid - ok
12:19:52.0858 0x1050 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:19:52.0873 0x1050 nvstor - ok
12:19:52.0876 0x1050 [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:19:52.0885 0x1050 NvStreamKms - ok
12:19:52.0887 0x1050 NvStreamSvc - ok
12:19:52.0906 0x1050 [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc C:\Windows\system32\nvvsvc.exe
12:19:52.0929 0x1050 nvsvc - ok
12:19:52.0933 0x1050 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:19:52.0942 0x1050 nvvad_WaveExtensible - ok
12:19:52.0947 0x1050 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:19:52.0961 0x1050 nv_agp - ok
12:19:52.0965 0x1050 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:19:52.0979 0x1050 ohci1394 - ok
12:19:52.0984 0x1050 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:19:52.0998 0x1050 ose - ok
12:19:53.0083 0x1050 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:19:53.0210 0x1050 osppsvc - ok
12:19:53.0223 0x1050 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:19:53.0237 0x1050 p2pimsvc - ok
12:19:53.0247 0x1050 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:19:53.0271 0x1050 p2psvc - ok
12:19:53.0275 0x1050 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:19:53.0289 0x1050 Parport - ok
12:19:53.0292 0x1050 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:19:53.0305 0x1050 partmgr - ok
12:19:53.0311 0x1050 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:19:53.0331 0x1050 PcaSvc - ok
12:19:53.0337 0x1050 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:19:53.0347 0x1050 pci - ok
12:19:53.0350 0x1050 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:19:53.0360 0x1050 pciide - ok
12:19:53.0366 0x1050 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:19:53.0383 0x1050 pcmcia - ok
12:19:53.0387 0x1050 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:19:53.0398 0x1050 pcw - ok
12:19:53.0411 0x1050 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:19:53.0453 0x1050 PEAUTH - ok
12:19:53.0479 0x1050 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:19:53.0514 0x1050 PeerDistSvc - ok
12:19:53.0529 0x1050 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:19:53.0542 0x1050 PerfHost - ok
12:19:53.0575 0x1050 [ 1E81496AFF9D7FA2B4C4032B746DE5B9, C4FEFE1A03EBD6BBB67D22461B67F5D080A32D75A58B5A48F3FE68D306B6D8DA ] Ph3xIB64 C:\Windows\system32\DRIVERS\Ph3xIB64.sys
12:19:53.0621 0x1050 Ph3xIB64 - ok
12:19:53.0648 0x1050 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:19:53.0704 0x1050 pla - ok
12:19:53.0715 0x1050 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:19:53.0738 0x1050 PlugPlay - ok
12:19:53.0741 0x1050 PnkBstrA - ok
12:19:53.0744 0x1050 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:19:53.0757 0x1050 PNRPAutoReg - ok
12:19:53.0765 0x1050 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:19:53.0779 0x1050 PNRPsvc - ok
12:19:53.0790 0x1050 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:19:53.0826 0x1050 PolicyAgent - ok
12:19:53.0833 0x1050 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:19:53.0858 0x1050 Power - ok
12:19:53.0862 0x1050 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:19:53.0890 0x1050 PptpMiniport - ok
12:19:53.0894 0x1050 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:19:53.0907 0x1050 Processor - ok
12:19:53.0913 0x1050 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:19:53.0932 0x1050 ProfSvc - ok
12:19:53.0935 0x1050 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:19:53.0943 0x1050 ProtectedStorage - ok
12:19:53.0948 0x1050 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:19:53.0971 0x1050 Psched - ok
12:19:53.0975 0x1050 [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:19:53.0986 0x1050 PxHlpa64 - ok
12:19:54.0014 0x1050 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:19:54.0056 0x1050 ql2300 - ok
12:19:54.0062 0x1050 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:19:54.0077 0x1050 ql40xx - ok
12:19:54.0083 0x1050 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:19:54.0107 0x1050 QWAVE - ok
12:19:54.0110 0x1050 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:19:54.0125 0x1050 QWAVEdrv - ok
12:19:54.0128 0x1050 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:19:54.0153 0x1050 RasAcd - ok
12:19:54.0157 0x1050 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:19:54.0184 0x1050 RasAgileVpn - ok
12:19:54.0188 0x1050 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:19:54.0219 0x1050 RasAuto - ok
12:19:54.0224 0x1050 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:19:54.0252 0x1050 Rasl2tp - ok
12:19:54.0260 0x1050 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:19:54.0294 0x1050 RasMan - ok
12:19:54.0298 0x1050 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:19:54.0327 0x1050 RasPppoe - ok
12:19:54.0331 0x1050 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:19:54.0358 0x1050 RasSstp - ok
12:19:54.0366 0x1050 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:19:54.0399 0x1050 rdbss - ok
12:19:54.0402 0x1050 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:19:54.0415 0x1050 rdpbus - ok
12:19:54.0417 0x1050 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:19:54.0442 0x1050 RDPCDD - ok
12:19:54.0448 0x1050 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:19:54.0464 0x1050 RDPDR - ok
12:19:54.0467 0x1050 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:19:54.0490 0x1050 RDPENCDD - ok
12:19:54.0494 0x1050 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:19:54.0519 0x1050 RDPREFMP - ok
12:19:54.0523 0x1050 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:19:54.0535 0x1050 RdpVideoMiniport - ok
12:19:54.0541 0x1050 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:19:54.0557 0x1050 RDPWD - ok
12:19:54.0564 0x1050 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:19:54.0580 0x1050 rdyboost - ok
12:19:54.0585 0x1050 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:19:54.0614 0x1050 RemoteAccess - ok
12:19:54.0619 0x1050 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:19:54.0650 0x1050 RemoteRegistry - ok
12:19:54.0654 0x1050 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:19:54.0682 0x1050 RpcEptMapper - ok
12:19:54.0685 0x1050 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:19:54.0695 0x1050 RpcLocator - ok
12:19:54.0706 0x1050 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:19:54.0737 0x1050 RpcSs - ok
12:19:54.0741 0x1050 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:19:54.0768 0x1050 rspndr - ok
12:19:54.0771 0x1050 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:19:54.0781 0x1050 s3cap - ok
12:19:54.0783 0x1050 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
12:19:54.0791 0x1050 SamSs - ok
12:19:54.0796 0x1050 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:19:54.0810 0x1050 sbp2port - ok
12:19:54.0815 0x1050 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:19:54.0848 0x1050 SCardSvr - ok
12:19:54.0851 0x1050 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:19:54.0877 0x1050 scfilter - ok
12:19:54.0898 0x1050 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:19:54.0951 0x1050 Schedule - ok
12:19:54.0956 0x1050 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:19:54.0979 0x1050 SCPolicySvc - ok
12:19:54.0984 0x1050 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:19:55.0004 0x1050 SDRSVC - ok
12:19:55.0036 0x1050 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:19:55.0090 0x1050 SDScannerService - ok
12:19:55.0129 0x1050 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:19:55.0188 0x1050 SDUpdateService - ok
12:19:55.0195 0x1050 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:19:55.0204 0x1050 SDWSCService - ok
12:19:55.0207 0x1050 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:19:55.0233 0x1050 secdrv - ok
12:19:55.0236 0x1050 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:19:55.0262 0x1050 seclogon - ok
12:19:55.0266 0x1050 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:19:55.0290 0x1050 SENS - ok
12:19:55.0293 0x1050 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:19:55.0307 0x1050 SensrSvc - ok
12:19:55.0310 0x1050 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:19:55.0322 0x1050 Serenum - ok
12:19:55.0325 0x1050 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:19:55.0339 0x1050 Serial - ok
12:19:55.0342 0x1050 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:19:55.0353 0x1050 sermouse - ok
12:19:55.0361 0x1050 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:19:55.0391 0x1050 SessionEnv - ok
12:19:55.0393 0x1050 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:19:55.0405 0x1050 sffdisk - ok
12:19:55.0408 0x1050 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:19:55.0421 0x1050 sffp_mmc - ok
12:19:55.0423 0x1050 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:19:55.0435 0x1050 sffp_sd - ok
12:19:55.0438 0x1050 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:19:55.0449 0x1050 sfloppy - ok
12:19:55.0458 0x1050 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:19:55.0495 0x1050 SharedAccess - ok
12:19:55.0504 0x1050 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:19:55.0539 0x1050 ShellHWDetection - ok
12:19:55.0542 0x1050 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:19:55.0554 0x1050 SiSRaid2 - ok
12:19:55.0558 0x1050 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:19:55.0570 0x1050 SiSRaid4 - ok
12:19:55.0574 0x1050 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:19:55.0602 0x1050 Smb - ok
12:19:55.0607 0x1050 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:19:55.0619 0x1050 SNMPTRAP - ok
12:19:55.0622 0x1050 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:19:55.0632 0x1050 spldr - ok
12:19:55.0644 0x1050 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:19:55.0668 0x1050 Spooler - ok
12:19:55.0731 0x1050 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:19:55.0821 0x1050 sppsvc - ok
12:19:55.0828 0x1050 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:19:55.0857 0x1050 sppuinotify - ok
12:19:55.0868 0x1050 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:19:55.0891 0x1050 srv - ok
12:19:55.0900 0x1050 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:19:55.0922 0x1050 srv2 - ok
12:19:55.0928 0x1050 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:19:55.0943 0x1050 srvnet - ok
12:19:55.0949 0x1050 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:19:55.0981 0x1050 SSDPSRV - ok
12:19:55.0985 0x1050 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:19:56.0013 0x1050 SstpSvc - ok
12:19:56.0015 0x1050 StarOpen - ok
12:19:56.0032 0x1050 [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:19:56.0065 0x1050 Steam Client Service - ok
12:19:56.0075 0x1050 [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:19:56.0096 0x1050 Stereo Service - ok
12:19:56.0099 0x1050 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:19:56.0111 0x1050 stexstor - ok
12:19:56.0113 0x1050 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:19:56.0123 0x1050 StillCam - ok
12:19:56.0136 0x1050 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:19:56.0165 0x1050 stisvc - ok
12:19:56.0169 0x1050 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:19:56.0181 0x1050 storflt - ok
12:19:56.0184 0x1050 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:19:56.0195 0x1050 storvsc - ok
12:19:56.0198 0x1050 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:19:56.0208 0x1050 swenum - ok
12:19:56.0221 0x1050 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:19:56.0235 0x1050 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:19:58.0844 0x1050 Detect skipped due to KSN trusted
12:19:58.0844 0x1050 SwitchBoard - ok
12:19:58.0864 0x1050 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:19:58.0909 0x1050 swprv - ok
12:19:58.0914 0x1050 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
12:19:58.0928 0x1050 Synth3dVsc - ok
12:19:58.0960 0x1050 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:19:59.0015 0x1050 SysMain - ok
12:19:59.0020 0x1050 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:19:59.0039 0x1050 TabletInputService - ok
12:19:59.0047 0x1050 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:19:59.0079 0x1050 TapiSrv - ok
12:19:59.0083 0x1050 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:19:59.0107 0x1050 TBS - ok
12:19:59.0142 0x1050 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:19:59.0198 0x1050 Tcpip - ok
12:19:59.0234 0x1050 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:19:59.0273 0x1050 TCPIP6 - ok
12:19:59.0279 0x1050 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:19:59.0291 0x1050 tcpipreg - ok
12:19:59.0295 0x1050 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:19:59.0306 0x1050 TDPIPE - ok
12:19:59.0308 0x1050 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:19:59.0319 0x1050 TDTCP - ok
12:19:59.0323 0x1050 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:19:59.0337 0x1050 tdx - ok
12:19:59.0340 0x1050 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:19:59.0353 0x1050 TermDD - ok
12:19:59.0356 0x1050 [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\drivers\terminpt.sys
12:19:59.0367 0x1050 terminpt - ok
12:19:59.0381 0x1050 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:19:59.0410 0x1050 TermService - ok
12:19:59.0414 0x1050 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:19:59.0432 0x1050 Themes - ok
12:19:59.0435 0x1050 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:19:59.0460 0x1050 THREADORDER - ok
12:19:59.0464 0x1050 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:19:59.0494 0x1050 TrkWks - ok
12:19:59.0500 0x1050 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:19:59.0529 0x1050 TrustedInstaller - ok
12:19:59.0533 0x1050 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:19:59.0544 0x1050 tssecsrv - ok
12:19:59.0547 0x1050 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:19:59.0561 0x1050 TsUsbFlt - ok
12:19:59.0564 0x1050 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:19:59.0576 0x1050 TsUsbGD - ok
12:19:59.0580 0x1050 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
12:19:59.0595 0x1050 tsusbhub - ok
12:19:59.0599 0x1050 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:19:59.0628 0x1050 tunnel - ok
12:19:59.0632 0x1050 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:19:59.0644 0x1050 uagp35 - ok
12:19:59.0652 0x1050 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:19:59.0685 0x1050 udfs - ok
12:19:59.0691 0x1050 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:19:59.0705 0x1050 UI0Detect - ok
12:19:59.0712 0x1050 [ FDB805B2749DACE784BD05125979B478, EEED5D51841C719E9E3A6D0F373418695AA56C248AAA3279F04B6C078407D610 ] uigxrdr C:\Windows\system32\DRIVERS\uigxrdr.sys
12:19:59.0726 0x1050 uigxrdr - ok
12:19:59.0730 0x1050 [ 6D5E0269F2B97011800B788ACCF2EAF6, 1F1B0B161BC85F04863FA4383FCC9A1AAAD939394D39D02F061FA7F314719233 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
12:19:59.0742 0x1050 UimBus - ok
12:19:59.0755 0x1050 [ A30AC921D38E6F3EACFF0D0FF5510F1A, 1888455F4B42A0D183F26B8A1C68E2D6DCB2C5F47B4C6E59B0EA568971510D03 ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
12:19:59.0777 0x1050 Uim_IM - ok
12:19:59.0781 0x1050 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:19:59.0793 0x1050 uliagpkx - ok
12:19:59.0796 0x1050 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:19:59.0809 0x1050 umbus - ok
12:19:59.0811 0x1050 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:19:59.0822 0x1050 UmPass - ok
12:19:59.0828 0x1050 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:19:59.0846 0x1050 UmRdpService - ok
12:19:59.0855 0x1050 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:19:59.0890 0x1050 upnphost - ok
12:19:59.0893 0x1050 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:19:59.0900 0x1050 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
12:20:02.0510 0x1050 Detect skipped due to KSN trusted
12:20:02.0510 0x1050 USBAAPL64 - ok
12:20:02.0520 0x1050 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:20:02.0534 0x1050 usbaudio - ok
12:20:02.0539 0x1050 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:20:02.0553 0x1050 usbccgp - ok
12:20:02.0562 0x1050 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:20:02.0578 0x1050 usbcir - ok
12:20:02.0584 0x1050 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:20:02.0596 0x1050 usbehci - ok
12:20:02.0605 0x1050 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:20:02.0626 0x1050 usbhub - ok
12:20:02.0634 0x1050 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:20:02.0645 0x1050 usbohci - ok
12:20:02.0649 0x1050 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:20:02.0663 0x1050 usbprint - ok
12:20:02.0667 0x1050 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:20:02.0681 0x1050 USBSTOR - ok
12:20:02.0690 0x1050 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:20:02.0702 0x1050 usbuhci - ok
12:20:02.0705 0x1050 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:20:02.0733 0x1050 UxSms - ok
12:20:02.0741 0x1050 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
12:20:02.0750 0x1050 VaultSvc - ok
12:20:02.0759 0x1050 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:20:02.0771 0x1050 vdrvroot - ok
12:20:02.0782 0x1050 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:20:02.0821 0x1050 vds - ok
12:20:02.0825 0x1050 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:20:02.0837 0x1050 vga - ok
12:20:02.0847 0x1050 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:20:02.0873 0x1050 VgaSave - ok
12:20:02.0876 0x1050 VGPU - ok
12:20:02.0883 0x1050 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:20:02.0901 0x1050 vhdmp - ok
12:20:02.0909 0x1050 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:20:02.0921 0x1050 viaide - ok
12:20:02.0932 0x1050 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:20:02.0949 0x1050 vmbus - ok
12:20:02.0959 0x1050 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:20:02.0970 0x1050 VMBusHID - ok
12:20:02.0979 0x1050 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:20:02.0992 0x1050 volmgr - ok
12:20:03.0001 0x1050 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:20:03.0022 0x1050 volmgrx - ok
12:20:03.0036 0x1050 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:20:03.0055 0x1050 volsnap - ok
12:20:03.0061 0x1050 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:20:03.0076 0x1050 vsmraid - ok
12:20:03.0111 0x1050 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:20:03.0172 0x1050 VSS - ok
12:20:03.0176 0x1050 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:20:03.0190 0x1050 vwifibus - ok
12:20:03.0204 0x1050 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:20:03.0242 0x1050 W32Time - ok
12:20:03.0246 0x1050 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:20:03.0258 0x1050 WacomPen - ok
12:20:03.0267 0x1050 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:20:03.0295 0x1050 WANARP - ok
12:20:03.0299 0x1050 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:20:03.0323 0x1050 Wanarpv6 - ok
12:20:03.0352 0x1050 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:20:03.0398 0x1050 WatAdminSvc - ok
12:20:03.0430 0x1050 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:20:03.0475 0x1050 wbengine - ok
12:20:03.0482 0x1050 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:20:03.0506 0x1050 WbioSrvc - ok
12:20:03.0521 0x1050 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:20:03.0546 0x1050 wcncsvc - ok
12:20:03.0554 0x1050 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:20:03.0570 0x1050 WcsPlugInService - ok
12:20:03.0575 0x1050 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:20:03.0586 0x1050 Wd - ok
12:20:03.0603 0x1050 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:20:03.0634 0x1050 Wdf01000 - ok
12:20:03.0639 0x1050 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:20:03.0654 0x1050 WdiServiceHost - ok
12:20:03.0665 0x1050 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:20:03.0675 0x1050 WdiSystemHost - ok
12:20:03.0687 0x1050 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:20:03.0707 0x1050 WebClient - ok
12:20:03.0714 0x1050 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:20:03.0750 0x1050 Wecsvc - ok
12:20:03.0757 0x1050 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:20:03.0787 0x1050 wercplsupport - ok
12:20:03.0796 0x1050 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:20:03.0827 0x1050 WerSvc - ok
12:20:03.0830 0x1050 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:20:03.0855 0x1050 WfpLwf - ok
12:20:03.0863 0x1050 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:20:03.0875 0x1050 WIMMount - ok
12:20:03.0877 0x1050 WinDefend - ok
12:20:03.0882 0x1050 WinHttpAutoProxySvc - ok
12:20:03.0891 0x1050 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:20:03.0926 0x1050 Winmgmt - ok
12:20:03.0965 0x1050 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:20:04.0023 0x1050 WinRM - ok
12:20:04.0037 0x1050 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:20:04.0052 0x1050 WinUsb - ok
12:20:04.0070 0x1050 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:20:04.0099 0x1050 Wlansvc - ok
12:20:04.0142 0x1050 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:20:04.0198 0x1050 wlidsvc - ok
12:20:04.0203 0x1050 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:20:04.0211 0x1050 WmiAcpi - ok
12:20:04.0219 0x1050 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:20:04.0236 0x1050 wmiApSrv - ok
12:20:04.0244 0x1050 WMPNetworkSvc - ok
12:20:04.0253 0x1050 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:20:04.0266 0x1050 WPCSvc - ok
12:20:04.0271 0x1050 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:20:04.0288 0x1050 WPDBusEnum - ok
12:20:04.0296 0x1050 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:20:04.0322 0x1050 ws2ifsl - ok
12:20:04.0327 0x1050 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:20:04.0345 0x1050 wscsvc - ok
12:20:04.0352 0x1050 WSearch - ok
12:20:04.0409 0x1050 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:20:04.0466 0x1050 wuauserv - ok
12:20:04.0472 0x1050 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:20:04.0485 0x1050 WudfPf - ok
12:20:04.0491 0x1050 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:20:04.0506 0x1050 WUDFRd - ok
12:20:04.0510 0x1050 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:20:04.0523 0x1050 wudfsvc - ok
12:20:04.0530 0x1050 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:20:04.0549 0x1050 WwanSvc - ok
12:20:04.0560 0x1050 [ 79D9CE9614C955DD31AA2556B4014662, 2692681268A5DEE2E07B0F848D76B330CD3AB065451EC9E35653066015EEF135 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
12:20:04.0578 0x1050 yukonw7 - ok
12:20:04.0581 0x1050 ================ Scan global ===============================
12:20:04.0583 0x1050 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:20:04.0594 0x1050 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:20:04.0608 0x1050 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:20:04.0614 0x1050 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:20:04.0626 0x1050 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:20:04.0637 0x1050 [ Global ] - ok
12:20:04.0637 0x1050 ================ Scan MBR ==================================
12:20:04.0639 0x1050 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:20:04.0661 0x1050 \Device\Harddisk2\DR2 - ok
12:20:04.0663 0x1050 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:20:04.0705 0x1050 \Device\Harddisk0\DR0 - ok
12:20:04.0707 0x1050 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
12:20:05.0086 0x1050 \Device\Harddisk1\DR1 - ok
12:20:05.0087 0x1050 ================ Scan VBR ==================================
12:20:05.0089 0x1050 [ ABD464FAFBF7D99B6C6A15E367BA532C ] \Device\Harddisk2\DR2\Partition1
12:20:05.0091 0x1050 \Device\Harddisk2\DR2\Partition1 - ok
12:20:05.0094 0x1050 [ B9F11A2F54486BE6543DDA2D9DF7C44D ] \Device\Harddisk2\DR2\Partition2
12:20:05.0095 0x1050 \Device\Harddisk2\DR2\Partition2 - ok
12:20:05.0098 0x1050 [ 1AC7E4D1253A1C4F2AF881A09EE6A846 ] \Device\Harddisk0\DR0\Partition1
12:20:05.0156 0x1050 \Device\Harddisk0\DR0\Partition1 - ok
12:20:05.0156 0x1050 ================ Scan generic autorun ======================
12:20:05.0160 0x1050 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:20:05.0178 0x1050 ShadowPlay - ok
12:20:05.0334 0x1050 [ E32AC519D0DE92F91F1AD842936CE0BC, 10CF2A3C9EE21BFD79894BFBA15B77BA1BE6D6457D98B782793DC7D26F743D05 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:20:05.0483 0x1050 RtHDVCpl - ok
12:20:05.0534 0x1050 [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:20:05.0587 0x1050 NvBackend - ok
12:20:05.0594 0x1050 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
12:20:05.0603 0x1050 IAAnotif - ok
12:20:05.0636 0x1050 [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
12:20:05.0673 0x1050 EvtMgr6 - ok
12:20:05.0683 0x1050 [ 60B7037D9AAADC4E8C809BC71A39F943, 997291AA8CBE9E405F54F08CBC02EDCA66619078514EAA9A89E0AA4F876BE77A ] C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
12:20:05.0695 0x1050 Easy-PrintToolBox - ok
12:20:05.0743 0x1050 [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
12:20:05.0796 0x1050 CanonMyPrinter - ok
12:20:05.0809 0x1050 [ 647A1E2E56F99405D12867F6F8924B3D, 88EAF333EDC47D4A3F02D63688BDDB13F3A5ACD850719A2E8E16C3BAAD6B6191 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:20:05.0824 0x1050 AdobeAAMUpdater-1.0 - ok
12:20:06.0022 0x1050 [ 568AF5AB79BC0CA3FDDD49C03363F605, A9D74EB4B4B063B509CCDECA4E9E988A969E635A608CBFA51B9147719CBF3DE1 ] C:\Program Files\Logitech Gaming Software\LCore.exe
12:20:06.0201 0x1050 Launch LCore - ok
12:20:06.0225 0x1050 [ 182B036928F4C7111A1B7EF4CEE1B40C, 3FA7D5047DE519C1CD40394A51AB715F09A7F914519C81DB28888A21250BC3D4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:20:06.0241 0x1050 avgnt - ok
12:20:06.0258 0x1050 [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
12:20:06.0276 0x1050 StartCCC - ok
12:20:06.0337 0x1050 [ FEE45AD0B1EBF2C2D295B59BA593F6CD, 7A9B9410E31598F0320104A8874C76EE90E579D4F1719FDF6B11829AA03E5445 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
12:20:06.0405 0x1050 KiesTrayAgent - ok
12:20:06.0411 0x1050 [ A915E9E86853E86AAF0216675556B890, D0579457A225BFEE2740D3AE8C77AD853BD571D20203DF331EBBCF05214DCDDF ] C:\Program Files (x86)\EMET\EMET_notifier.exe
12:20:06.0421 0x1050 EMET Notifier - ok
12:20:06.0451 0x1050 [ 00AB2B491C7037BB219BEB26FAD34C72, 95EDBBE07EB85EEE1376252AA975BAA61235C80FC03036357BD4786E5D6B9703 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
12:20:06.0485 0x1050 CanonSolutionMenuEx - ok
12:20:06.0489 0x1050 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:20:06.0496 0x1050 APSDaemon - ok
12:20:06.0507 0x1050 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:20:06.0521 0x1050 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:20:06.0521 0x1050 Detect skipped due to KSN trusted
12:20:06.0521 0x1050 SwitchBoard - ok
12:20:06.0541 0x1050 [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
12:20:06.0566 0x1050 AdobeCS6ServiceManager - ok
12:20:06.0594 0x1050 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:20:06.0631 0x1050 Sidebar - ok
12:20:06.0635 0x1050 [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
12:20:06.0638 0x1050 phonostar-PlayerTimer - detected UnsignedFile.Multi.Generic ( 1 )
12:20:09.0366 0x1050 Detect skipped due to KSN trusted
12:20:09.0366 0x1050 phonostar-PlayerTimer - ok
12:20:09.0369 0x1050 [ 984F6749E0741C3F22D86C91B46177BE, E967A8C4305444D23B6CE423D75065197AF03388879F16251101E1D7380CD927 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
12:20:09.0380 0x1050 KiesPDLR - ok
12:20:09.0387 0x1050 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe
12:20:09.0400 0x1050 Google Update - ok
12:20:09.0403 0x1050 Web Companion - ok
12:20:09.0411 0x1050 [ C11C16EEDB673972980A9E8B544E43C7, 23CCE12320F2A54A4982F21CAC425EF1B34DE5CE3A8702A9193040735A452381 ] C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe
12:20:09.0411 0x1050 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe. md5: C11C16EEDB673972980A9E8B544E43C7, sha256: 23CCE12320F2A54A4982F21CAC425EF1B34DE5CE3A8702A9193040735A452381
12:20:09.0414 0x1050 xlnsxpuw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
12:20:12.0681 0x1050 xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - infected
12:20:12.0681 0x1050 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe
12:20:15.0445 0x1050 Object send P2P result: true
12:20:18.0148 0x1050 [ FBECD699FC49E72AEE1424338459AED9, B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251 ] C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
12:20:18.0148 0x1050 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe. md5: FBECD699FC49E72AEE1424338459AED9, sha256: B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251
12:20:18.0149 0x1050 pipe-according - detected LockedFile.Multi.Generic ( 1 )
12:20:20.0762 0x1050 Detect turned to UDS exact due to KSN untrusted
12:20:20.0762 0x1050 pipe-according ( UDS:DangerousObject.Multi.Generic ) - infected
12:20:20.0762 0x1050 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
12:20:23.0501 0x1050 Object send P2P result: true
12:20:26.0149 0x1050 [ FBECD699FC49E72AEE1424338459AED9, B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251 ] C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
12:20:26.0149 0x1050 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe. md5: FBECD699FC49E72AEE1424338459AED9, sha256: B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251
12:20:26.0149 0x1050 pipe-according - detected LockedFile.Multi.Generic ( 1 )
12:20:26.0150 0x1050 Detect turned to UDS exact due to KSN untrusted
12:20:26.0150 0x1050 pipe-according ( UDS:DangerousObject.Multi.Generic ) - infected
12:20:26.0150 0x1050 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
12:20:29.0004 0x1050 Object send P2P result: true
12:20:31.0701 0x1050 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:20:31.0734 0x1050 Sidebar - ok
12:20:31.0735 0x1050 swg - ok
12:20:31.0752 0x1050 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.644 ), 0x40000 ( disabled : updated )
12:20:31.0754 0x1050 Win FW state via NFP2: enabled
12:20:34.0396 0x1050 ============================================================
12:20:34.0396 0x1050 Scan finished
12:20:34.0396 0x1050 ============================================================
12:20:34.0403 0x1b9c Detected object count: 3
12:20:34.0403 0x1b9c Actual detected object count: 3
12:29:59.0595 0x1b9c xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
12:29:59.0595 0x1b9c xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
12:29:59.0597 0x1b9c pipe-according ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:29:59.0597 0x1b9c pipe-according ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
12:29:59.0599 0x1b9c pipe-according ( UDS:DangerousObject.Multi.Generic ) - skipped by user
12:29:59.0599 0x1b9c pipe-according ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
12:30:13.0293 0x1838 Deinitialize success
Viele Grüße ewo |
|
06.03.2015, 16:32
| #10 |
| /// the machine /// TB-Ausbilder | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Wenn kein Cure da ist bitte Delete wählen. 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.03.2015, 17:03
| #11 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Hallo schrauber, danke. Ich habe TDSSKiller laufen lassen und am Ende per Delete die gefundenen Objekte bearbeiten lassen. Dabei hat TDSSKiller zwei Logfiles erzeugt. Viele Grüße ewo Anbei beide Files: TDSSKiller.3.0.0.44_06.03.2015_16.44.21_log.txt Code:
ATTFilter 16:44:21.0751 0x07e4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:44:26.0159 0x07e4 ============================================================
16:44:26.0159 0x07e4 Current date / time: 2015/03/06 16:44:26.0159
16:44:26.0159 0x07e4 SystemInfo:
16:44:26.0159 0x07e4
16:44:26.0159 0x07e4 OS Version: 6.1.7601 ServicePack: 1.0
16:44:26.0159 0x07e4 Product type: Workstation
16:44:26.0159 0x07e4 ComputerName: WOLF-PC
16:44:26.0159 0x07e4 UserName: Wolf
16:44:26.0159 0x07e4 Windows directory: C:\Windows
16:44:26.0159 0x07e4 System windows directory: C:\Windows
16:44:26.0159 0x07e4 Running under WOW64
16:44:26.0159 0x07e4 Processor architecture: Intel x64
16:44:26.0159 0x07e4 Number of processors: 8
16:44:26.0159 0x07e4 Page size: 0x1000
16:44:26.0159 0x07e4 Boot type: Normal boot
16:44:26.0159 0x07e4 ============================================================
16:44:33.0679 0x07e4 KLMD registered as C:\Windows\system32\drivers\80816533.sys
16:44:33.0759 0x07e4 System UUID: {88B87F8C-D652-A2BF-1E0B-C5F3C3E5E959}
16:44:34.0058 0x07e4 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
16:44:34.0068 0x07e4 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:44:34.0069 0x07e4 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:44:34.0080 0x07e4 ============================================================
16:44:34.0080 0x07e4 \Device\Harddisk2\DR2:
16:44:34.0080 0x07e4 MBR partitions:
16:44:34.0081 0x07e4 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:44:34.0081 0x07e4 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x746D3000
16:44:34.0081 0x07e4 \Device\Harddisk0\DR0:
16:44:34.0081 0x07e4 MBR partitions:
16:44:34.0081 0x07e4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
16:44:34.0081 0x07e4 \Device\Harddisk1\DR1:
16:44:34.0081 0x07e4 MBR partitions:
16:44:34.0081 0x07e4 ============================================================
16:44:34.0082 0x07e4 C: <-> \Device\Harddisk2\DR2\Partition2
16:44:34.0112 0x07e4 D: <-> \Device\Harddisk0\DR0\Partition1
16:44:34.0112 0x07e4 ============================================================
16:44:34.0112 0x07e4 Initialize success
16:44:34.0112 0x07e4 ============================================================
16:44:44.0456 0x0e08 ============================================================
16:44:44.0456 0x0e08 Scan started
16:44:44.0456 0x0e08 Mode: Manual; SigCheck; TDLFS;
16:44:44.0456 0x0e08 ============================================================
16:44:44.0456 0x0e08 KSN ping started
16:44:47.0100 0x0e08 KSN ping finished: true
16:44:48.0050 0x0e08 ================ Scan system memory ========================
16:44:48.0050 0x0e08 System memory - ok
16:44:48.0050 0x0e08 ================ Scan services =============================
16:44:48.0076 0x0e08 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:44:48.0112 0x0e08 1394ohci - ok
16:44:48.0125 0x0e08 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:44:48.0140 0x0e08 ACPI - ok
16:44:48.0143 0x0e08 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:44:48.0158 0x0e08 AcpiPmi - ok
16:44:48.0164 0x0e08 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:44:48.0172 0x0e08 AdobeARMservice - ok
16:44:48.0190 0x0e08 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:44:48.0202 0x0e08 AdobeFlashPlayerUpdateSvc - ok
16:44:48.0219 0x0e08 [ E280D3CE9196ED599ED3D6ACA651053B, 9D552A3C67D64A49BDD93BDF534949E9844F839B2F74A15F09A1586B7694C06C ] AdobeUpdateService C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
16:44:48.0240 0x0e08 AdobeUpdateService - ok
16:44:48.0253 0x0e08 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:44:48.0270 0x0e08 adp94xx - ok
16:44:48.0279 0x0e08 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:44:48.0293 0x0e08 adpahci - ok
16:44:48.0298 0x0e08 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:44:48.0309 0x0e08 adpu320 - ok
16:44:48.0314 0x0e08 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:44:48.0356 0x0e08 AeLookupSvc - ok
16:44:48.0368 0x0e08 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:44:48.0387 0x0e08 AFD - ok
16:44:48.0391 0x0e08 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:44:48.0399 0x0e08 agp440 - ok
16:44:48.0403 0x0e08 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:44:48.0413 0x0e08 ALG - ok
16:44:48.0415 0x0e08 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:44:48.0423 0x0e08 aliide - ok
16:44:48.0430 0x0e08 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:44:48.0451 0x0e08 AMD External Events Utility - ok
16:44:48.0454 0x0e08 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:44:48.0462 0x0e08 amdide - ok
16:44:48.0465 0x0e08 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:44:48.0474 0x0e08 AmdK8 - ok
16:44:48.0715 0x0e08 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:44:48.0974 0x0e08 amdkmdag - ok
16:44:48.0995 0x0e08 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:44:49.0016 0x0e08 amdkmdap - ok
16:44:49.0019 0x0e08 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:44:49.0029 0x0e08 AmdPPM - ok
16:44:49.0033 0x0e08 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:44:49.0043 0x0e08 amdsata - ok
16:44:49.0048 0x0e08 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:44:49.0060 0x0e08 amdsbs - ok
16:44:49.0062 0x0e08 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:44:49.0070 0x0e08 amdxata - ok
16:44:49.0090 0x0e08 [ 35CCC725A117FD966ADFDE0FDF663C60, 282A07AA3D609E6978E6BF79EF0CDF3FE6A25CFAA433F9F2DD8710F2E4ED4BAA ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:44:49.0112 0x0e08 AntiVirMailService - ok
16:44:49.0122 0x0e08 [ B5975B61C97F4E47C129CDE76AFF84D4, 0494273946B6DEACC6C6F3AF70F90467A07CB127A5CBD223D4F3450A03C259C3 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:44:49.0136 0x0e08 AntiVirSchedulerService - ok
16:44:49.0146 0x0e08 [ B5975B61C97F4E47C129CDE76AFF84D4, 0494273946B6DEACC6C6F3AF70F90467A07CB127A5CBD223D4F3450A03C259C3 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:44:49.0159 0x0e08 AntiVirService - ok
16:44:49.0179 0x0e08 [ 90E78AD249819ED06951B5B7C0C010A5, 0C387514BAA3F413040E6A0A6F0BFEF12C63AA484AFC3C238A2677BA51661C5D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:44:49.0202 0x0e08 AntiVirWebService - ok
16:44:49.0207 0x0e08 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:44:49.0255 0x0e08 AppID - ok
16:44:49.0259 0x0e08 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:44:49.0285 0x0e08 AppIDSvc - ok
16:44:49.0289 0x0e08 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:44:49.0299 0x0e08 Appinfo - ok
16:44:49.0303 0x0e08 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:44:49.0310 0x0e08 Apple Mobile Device - ok
16:44:49.0316 0x0e08 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:44:49.0328 0x0e08 AppMgmt - ok
16:44:49.0332 0x0e08 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:44:49.0341 0x0e08 arc - ok
16:44:49.0345 0x0e08 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:44:49.0354 0x0e08 arcsas - ok
16:44:49.0357 0x0e08 [ F6BDA026E4157DC4E321CA391E9D9BC6, D38774B8F812816DA43A0C52EEC566BBC44F57A6614BC84F1417C4227286B594 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
16:44:49.0368 0x0e08 AsIO - ok
16:44:49.0378 0x0e08 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:44:49.0388 0x0e08 aspnet_state - ok
16:44:49.0393 0x0e08 [ 954FFBFF05B0B60EB63B52AF561436C4, 40228A2B688E827815B5A567584FCF99BF661696DB8CC8BB455393B3CEE35094 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
16:44:49.0400 0x0e08 AsSysCtrlService - ok
16:44:49.0403 0x0e08 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:44:49.0425 0x0e08 AsyncMac - ok
16:44:49.0428 0x0e08 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:44:49.0436 0x0e08 atapi - ok
16:44:49.0441 0x0e08 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:44:49.0451 0x0e08 AtiHDAudioService - ok
16:44:49.0465 0x0e08 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:44:49.0487 0x0e08 AudioEndpointBuilder - ok
16:44:49.0501 0x0e08 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:44:49.0520 0x0e08 AudioSrv - ok
16:44:49.0526 0x0e08 [ DC906FA273A82C48D1F2B633C8CFF2E7, AB9865FA691DA0F8C1A64140941834884EC01867DEBACAD90FC24F0E6AF654B0 ] auusb C:\Windows\system32\DRIVERS\auusb.sys
16:44:49.0537 0x0e08 auusb - ok
16:44:49.0541 0x0e08 [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:44:49.0550 0x0e08 avgntflt - ok
16:44:49.0555 0x0e08 [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:44:49.0564 0x0e08 avipbb - ok
16:44:49.0567 0x0e08 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:44:49.0574 0x0e08 avkmgr - ok
16:44:49.0577 0x0e08 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
16:44:49.0584 0x0e08 avnetflt - ok
16:44:49.0588 0x0e08 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:44:49.0607 0x0e08 AxInstSV - ok
16:44:49.0617 0x0e08 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:44:49.0635 0x0e08 b06bdrv - ok
16:44:49.0642 0x0e08 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:44:49.0655 0x0e08 b57nd60a - ok
16:44:49.0661 0x0e08 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:44:49.0672 0x0e08 BDESVC - ok
16:44:49.0674 0x0e08 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:44:49.0696 0x0e08 Beep - ok
16:44:49.0706 0x0e08 [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
16:44:49.0722 0x0e08 BEService - ok
16:44:49.0737 0x0e08 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:44:49.0759 0x0e08 BFE - ok
16:44:49.0763 0x0e08 [ 61CF05132598307F56547F027D6B4139, CB1794F37F5F93350C41A3A2F25E20C8A051D02F68A9B84D9429432601FBB3CD ] BioNTDrv C:\Program Files (x86)\Paragon Software\Festplatten Manager 12 Professional\program\BioNTDrv.SYS
16:44:49.0771 0x0e08 BioNTDrv - ok
16:44:49.0788 0x0e08 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:44:49.0826 0x0e08 BITS - ok
16:44:49.0830 0x0e08 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:44:49.0839 0x0e08 blbdrive - ok
16:44:49.0849 0x0e08 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:44:49.0864 0x0e08 Bonjour Service - ok
16:44:49.0868 0x0e08 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:44:49.0878 0x0e08 bowser - ok
16:44:49.0881 0x0e08 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:44:49.0891 0x0e08 BrFiltLo - ok
16:44:49.0893 0x0e08 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:44:49.0903 0x0e08 BrFiltUp - ok
16:44:49.0908 0x0e08 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:44:49.0919 0x0e08 Browser - ok
16:44:49.0927 0x0e08 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:44:49.0941 0x0e08 Brserid - ok
16:44:49.0945 0x0e08 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:44:49.0955 0x0e08 BrSerWdm - ok
16:44:49.0958 0x0e08 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:44:49.0968 0x0e08 BrUsbMdm - ok
16:44:49.0970 0x0e08 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:44:49.0978 0x0e08 BrUsbSer - ok
16:44:49.0982 0x0e08 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:44:49.0993 0x0e08 BTHMODEM - ok
16:44:49.0998 0x0e08 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:44:50.0022 0x0e08 bthserv - ok
16:44:50.0026 0x0e08 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:44:50.0050 0x0e08 cdfs - ok
16:44:50.0055 0x0e08 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:44:50.0066 0x0e08 cdrom - ok
16:44:50.0070 0x0e08 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:44:50.0093 0x0e08 CertPropSvc - ok
16:44:50.0096 0x0e08 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:44:50.0107 0x0e08 circlass - ok
16:44:50.0116 0x0e08 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:44:50.0130 0x0e08 CLFS - ok
16:44:50.0136 0x0e08 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:44:50.0145 0x0e08 clr_optimization_v2.0.50727_32 - ok
16:44:50.0150 0x0e08 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:44:50.0159 0x0e08 clr_optimization_v2.0.50727_64 - ok
16:44:50.0167 0x0e08 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:44:50.0178 0x0e08 clr_optimization_v4.0.30319_32 - ok
16:44:50.0182 0x0e08 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:44:50.0194 0x0e08 clr_optimization_v4.0.30319_64 - ok
16:44:50.0196 0x0e08 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:44:50.0205 0x0e08 CmBatt - ok
16:44:50.0207 0x0e08 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:44:50.0215 0x0e08 cmdide - ok
16:44:50.0226 0x0e08 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
16:44:50.0246 0x0e08 CNG - ok
16:44:50.0249 0x0e08 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:44:50.0257 0x0e08 Compbatt - ok
16:44:50.0260 0x0e08 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:44:50.0270 0x0e08 CompositeBus - ok
16:44:50.0273 0x0e08 COMSysApp - ok
16:44:50.0276 0x0e08 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:44:50.0284 0x0e08 crcdisk - ok
16:44:50.0290 0x0e08 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:44:50.0303 0x0e08 CryptSvc - ok
16:44:50.0315 0x0e08 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:44:50.0333 0x0e08 CSC - ok
16:44:50.0347 0x0e08 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:44:50.0368 0x0e08 CscService - ok
16:44:50.0381 0x0e08 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:44:50.0413 0x0e08 DcomLaunch - ok
16:44:50.0421 0x0e08 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:44:50.0449 0x0e08 defragsvc - ok
16:44:50.0453 0x0e08 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:44:50.0477 0x0e08 DfsC - ok
16:44:50.0485 0x0e08 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:44:50.0500 0x0e08 Dhcp - ok
16:44:50.0503 0x0e08 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:44:50.0526 0x0e08 discache - ok
16:44:50.0530 0x0e08 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:44:50.0539 0x0e08 Disk - ok
16:44:50.0542 0x0e08 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:44:50.0559 0x0e08 dmvsc - ok
16:44:50.0564 0x0e08 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:44:50.0576 0x0e08 Dnscache - ok
16:44:50.0583 0x0e08 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:44:50.0610 0x0e08 dot3svc - ok
16:44:50.0615 0x0e08 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:44:50.0640 0x0e08 DPS - ok
16:44:50.0642 0x0e08 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:44:50.0651 0x0e08 drmkaud - ok
16:44:50.0670 0x0e08 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:44:50.0696 0x0e08 DXGKrnl - ok
16:44:50.0701 0x0e08 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:44:50.0726 0x0e08 EapHost - ok
16:44:50.0784 0x0e08 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:44:50.0856 0x0e08 ebdrv - ok
16:44:50.0862 0x0e08 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
16:44:50.0871 0x0e08 EFS - ok
16:44:50.0886 0x0e08 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:44:50.0910 0x0e08 ehRecvr - ok
16:44:50.0914 0x0e08 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:44:50.0925 0x0e08 ehSched - ok
16:44:50.0936 0x0e08 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:44:50.0954 0x0e08 elxstor - ok
16:44:50.0957 0x0e08 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:44:50.0966 0x0e08 ErrDev - ok
16:44:50.0977 0x0e08 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:44:51.0008 0x0e08 EventSystem - ok
16:44:51.0010 0x0e08 ewusbmbb - ok
16:44:51.0014 0x0e08 ew_usbenumfilter - ok
16:44:51.0020 0x0e08 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:44:51.0046 0x0e08 exfat - ok
16:44:51.0052 0x0e08 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:44:51.0079 0x0e08 fastfat - ok
16:44:51.0093 0x0e08 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:44:51.0115 0x0e08 Fax - ok
16:44:51.0119 0x0e08 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:44:51.0128 0x0e08 fdc - ok
16:44:51.0130 0x0e08 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:44:51.0153 0x0e08 fdPHost - ok
16:44:51.0156 0x0e08 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:44:51.0179 0x0e08 FDResPub - ok
16:44:51.0183 0x0e08 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:44:51.0192 0x0e08 FileInfo - ok
16:44:51.0195 0x0e08 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:44:51.0218 0x0e08 Filetrace - ok
16:44:51.0231 0x0e08 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:44:51.0249 0x0e08 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
16:44:53.0859 0x0e08 Detect skipped due to KSN trusted
16:44:53.0859 0x0e08 FLEXnet Licensing Service - ok
16:44:53.0864 0x0e08 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:44:53.0879 0x0e08 flpydisk - ok
16:44:53.0891 0x0e08 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:44:53.0906 0x0e08 FltMgr - ok
16:44:53.0928 0x0e08 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:44:53.0960 0x0e08 FontCache - ok
16:44:53.0964 0x0e08 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:44:53.0972 0x0e08 FontCache3.0.0.0 - ok
16:44:53.0975 0x0e08 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:44:53.0984 0x0e08 FsDepends - ok
16:44:53.0987 0x0e08 [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
16:44:53.0997 0x0e08 fssfltr - ok
16:44:54.0025 0x0e08 [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:44:54.0063 0x0e08 fsssvc - ok
16:44:54.0067 0x0e08 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:44:54.0075 0x0e08 Fs_Rec - ok
16:44:54.0079 0x0e08 [ FA169871D8FADCC6539C4E8726610286, 14BF1C5225BD736C686FAC6393050BCFC5C43BC9557A78901CC98BC446A3894D ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
16:44:54.0085 0x0e08 FTDIBUS - ok
16:44:54.0091 0x0e08 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:44:54.0105 0x0e08 fvevol - ok
16:44:54.0109 0x0e08 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:44:54.0118 0x0e08 gagp30kx - ok
16:44:54.0121 0x0e08 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GearAspiWDM C:\Windows\system32\drivers\GEARAspiWDM.sys
16:44:54.0127 0x0e08 GearAspiWDM - ok
16:44:54.0148 0x0e08 [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:44:54.0178 0x0e08 GfExperienceService - ok
16:44:54.0182 0x0e08 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F, 6D2B301E77839FFF1C74425B37D02C3F3837CE50E856C21AE4CF7ABABB04ADDC ] GoogleDesktopManager-051210-111108 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
16:44:54.0189 0x0e08 GoogleDesktopManager-051210-111108 - ok
16:44:54.0204 0x0e08 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:44:54.0242 0x0e08 gpsvc - ok
16:44:54.0246 0x0e08 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:44:54.0253 0x0e08 gupdate - ok
16:44:54.0257 0x0e08 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:44:54.0264 0x0e08 gupdatem - ok
16:44:54.0267 0x0e08 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:44:54.0276 0x0e08 hcw85cir - ok
16:44:54.0285 0x0e08 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:44:54.0301 0x0e08 HdAudAddService - ok
16:44:54.0306 0x0e08 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:44:54.0318 0x0e08 HDAudBus - ok
16:44:54.0321 0x0e08 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:44:54.0329 0x0e08 HidBatt - ok
16:44:54.0333 0x0e08 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:44:54.0345 0x0e08 HidBth - ok
16:44:54.0348 0x0e08 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:44:54.0358 0x0e08 HidIr - ok
16:44:54.0361 0x0e08 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:44:54.0385 0x0e08 hidserv - ok
16:44:54.0388 0x0e08 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:44:54.0397 0x0e08 HidUsb - ok
16:44:54.0400 0x0e08 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:44:54.0424 0x0e08 hkmsvc - ok
16:44:54.0431 0x0e08 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:44:54.0444 0x0e08 HomeGroupListener - ok
16:44:54.0449 0x0e08 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:44:54.0461 0x0e08 HomeGroupProvider - ok
16:44:54.0465 0x0e08 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:44:54.0474 0x0e08 HpSAMD - ok
16:44:54.0489 0x0e08 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:44:54.0525 0x0e08 HTTP - ok
16:44:54.0528 0x0e08 huawei_enumerator - ok
16:44:54.0531 0x0e08 hwdatacard - ok
16:44:54.0534 0x0e08 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:44:54.0542 0x0e08 hwpolicy - ok
16:44:54.0547 0x0e08 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:44:54.0557 0x0e08 i8042prt - ok
16:44:54.0566 0x0e08 [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:44:54.0579 0x0e08 IAANTMON - ok
16:44:54.0589 0x0e08 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:44:54.0601 0x0e08 iaStor - ok
16:44:54.0611 0x0e08 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:44:54.0626 0x0e08 iaStorV - ok
16:44:54.0643 0x0e08 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:44:54.0668 0x0e08 idsvc - ok
16:44:54.0671 0x0e08 IEEtwCollectorService - ok
16:44:54.0675 0x0e08 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:44:54.0683 0x0e08 iirsp - ok
16:44:54.0700 0x0e08 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:44:54.0724 0x0e08 IKEEXT - ok
16:44:54.0763 0x0e08 [ 49A81307E807C0EAAD6510589DD92A3D, 8808652FA2F190274F624111F2CA49E1394E965A2724FC29277E5F80F825D115 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:44:54.0808 0x0e08 IntcAzAudAddService - ok
16:44:54.0813 0x0e08 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:44:54.0821 0x0e08 intelide - ok
16:44:54.0824 0x0e08 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:44:54.0833 0x0e08 intelppm - ok
16:44:54.0837 0x0e08 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:44:54.0861 0x0e08 IPBusEnum - ok
16:44:54.0865 0x0e08 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:44:54.0889 0x0e08 IpFilterDriver - ok
16:44:54.0901 0x0e08 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:44:54.0920 0x0e08 iphlpsvc - ok
16:44:54.0924 0x0e08 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:44:54.0934 0x0e08 IPMIDRV - ok
16:44:54.0939 0x0e08 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:44:54.0963 0x0e08 IPNAT - ok
16:44:54.0976 0x0e08 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:44:54.0994 0x0e08 iPod Service - ok
16:44:54.0998 0x0e08 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:44:55.0009 0x0e08 IRENUM - ok
16:44:55.0012 0x0e08 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:44:55.0020 0x0e08 isapnp - ok
16:44:55.0027 0x0e08 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:44:55.0040 0x0e08 iScsiPrt - ok
16:44:55.0043 0x0e08 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:44:55.0052 0x0e08 kbdclass - ok
16:44:55.0054 0x0e08 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:44:55.0063 0x0e08 kbdhid - ok
16:44:55.0066 0x0e08 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
16:44:55.0074 0x0e08 KeyIso - ok
16:44:55.0078 0x0e08 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:44:55.0087 0x0e08 KSecDD - ok
16:44:55.0092 0x0e08 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:44:55.0102 0x0e08 KSecPkg - ok
16:44:55.0105 0x0e08 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:44:55.0128 0x0e08 ksthunk - ok
16:44:55.0136 0x0e08 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:44:55.0167 0x0e08 KtmRm - ok
16:44:55.0176 0x0e08 [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
16:44:55.0190 0x0e08 LADF_CaptureOnly - ok
16:44:55.0195 0x0e08 [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
16:44:55.0202 0x0e08 LADF_RenderOnly - ok
16:44:55.0209 0x0e08 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:44:55.0235 0x0e08 LanmanServer - ok
16:44:55.0240 0x0e08 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:44:55.0265 0x0e08 LanmanWorkstation - ok
16:44:55.0274 0x0e08 [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:44:55.0287 0x0e08 LBTServ - ok
16:44:55.0292 0x0e08 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
16:44:55.0298 0x0e08 LGBusEnum - ok
16:44:55.0302 0x0e08 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
16:44:55.0308 0x0e08 LGSHidFilt - ok
16:44:55.0311 0x0e08 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
16:44:55.0317 0x0e08 LGSUsbFilt - ok
16:44:55.0320 0x0e08 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
16:44:55.0326 0x0e08 LGVirHid - ok
16:44:55.0329 0x0e08 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:44:55.0336 0x0e08 LHidFilt - ok
16:44:55.0339 0x0e08 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:44:55.0363 0x0e08 lltdio - ok
16:44:55.0371 0x0e08 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:44:55.0399 0x0e08 lltdsvc - ok
16:44:55.0402 0x0e08 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:44:55.0425 0x0e08 lmhosts - ok
16:44:55.0428 0x0e08 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
16:44:55.0436 0x0e08 LMouFilt - ok
16:44:55.0441 0x0e08 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:44:55.0451 0x0e08 LSI_FC - ok
16:44:55.0455 0x0e08 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:44:55.0464 0x0e08 LSI_SAS - ok
16:44:55.0467 0x0e08 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:44:55.0476 0x0e08 LSI_SAS2 - ok
16:44:55.0480 0x0e08 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:44:55.0490 0x0e08 LSI_SCSI - ok
16:44:55.0494 0x0e08 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:44:55.0519 0x0e08 luafv - ok
16:44:55.0522 0x0e08 [ 29C733E1DE824670DC9315CFC9BDBCD3, 8CFC987FEB174D91E415DEC89437D31D7AA5F6B7685641372EF26790E1444610 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
16:44:55.0529 0x0e08 LUsbFilt - ok
16:44:55.0531 0x0e08 MBAMSwissArmy - ok
16:44:55.0536 0x0e08 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:44:55.0546 0x0e08 Mcx2Svc - ok
16:44:55.0553 0x0e08 [ B0174BBFB541B9BED3FE552C4BF93A9E, FB7EE7E221B542054DD1EF63687BDCFF32954B8D57135A0F33B8EEE5CC0CC069 ] MDES C:\ASUS.SYS\CONFIG\DVMExportService.exe
16:44:55.0562 0x0e08 MDES - detected UnsignedFile.Multi.Generic ( 1 )
16:44:58.0172 0x0e08 Detect skipped due to KSN trusted
16:44:58.0172 0x0e08 MDES - ok
16:44:58.0177 0x0e08 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:44:58.0192 0x0e08 megasas - ok
16:44:58.0205 0x0e08 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:44:58.0222 0x0e08 MegaSR - ok
16:44:58.0226 0x0e08 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:44:58.0250 0x0e08 MMCSS - ok
16:44:58.0253 0x0e08 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:44:58.0276 0x0e08 Modem - ok
16:44:58.0279 0x0e08 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:44:58.0289 0x0e08 monitor - ok
16:44:58.0292 0x0e08 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:44:58.0301 0x0e08 mouclass - ok
16:44:58.0304 0x0e08 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:44:58.0312 0x0e08 mouhid - ok
16:44:58.0316 0x0e08 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:44:58.0325 0x0e08 mountmgr - ok
16:44:58.0330 0x0e08 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:44:58.0340 0x0e08 MozillaMaintenance - ok
16:44:58.0345 0x0e08 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:44:58.0355 0x0e08 mpio - ok
16:44:58.0359 0x0e08 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:44:58.0382 0x0e08 mpsdrv - ok
16:44:58.0399 0x0e08 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:44:58.0437 0x0e08 MpsSvc - ok
16:44:58.0442 0x0e08 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:44:58.0453 0x0e08 MRxDAV - ok
16:44:58.0458 0x0e08 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:44:58.0470 0x0e08 mrxsmb - ok
16:44:58.0477 0x0e08 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:44:58.0490 0x0e08 mrxsmb10 - ok
16:44:58.0495 0x0e08 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:44:58.0505 0x0e08 mrxsmb20 - ok
16:44:58.0508 0x0e08 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:44:58.0516 0x0e08 msahci - ok
16:44:58.0521 0x0e08 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:44:58.0531 0x0e08 msdsm - ok
16:44:58.0536 0x0e08 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:44:58.0547 0x0e08 MSDTC - ok
16:44:58.0552 0x0e08 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:44:58.0575 0x0e08 Msfs - ok
16:44:58.0578 0x0e08 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:44:58.0600 0x0e08 mshidkmdf - ok
16:44:58.0603 0x0e08 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:44:58.0611 0x0e08 msisadrv - ok
16:44:58.0616 0x0e08 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:44:58.0641 0x0e08 MSiSCSI - ok
16:44:58.0644 0x0e08 msiserver - ok
16:44:58.0646 0x0e08 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:44:58.0669 0x0e08 MSKSSRV - ok
16:44:58.0671 0x0e08 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:44:58.0694 0x0e08 MSPCLOCK - ok
16:44:58.0696 0x0e08 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:44:58.0719 0x0e08 MSPQM - ok
16:44:58.0727 0x0e08 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:44:58.0742 0x0e08 MsRPC - ok
16:44:58.0746 0x0e08 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:44:58.0754 0x0e08 mssmbios - ok
16:44:58.0756 0x0e08 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:44:58.0779 0x0e08 MSTEE - ok
16:44:58.0782 0x0e08 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:44:58.0790 0x0e08 MTConfig - ok
16:44:58.0793 0x0e08 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
16:44:58.0799 0x0e08 MTsensor - ok
16:44:58.0802 0x0e08 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:44:58.0811 0x0e08 Mup - ok
16:44:58.0818 0x0e08 [ 19CBAAB0B1F214AF834EDD9256F55977, 25C992B6A8E4936A07CBAE7BF247960470A5CD2276E366BFC16ABAD7E338B0AD ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
16:44:58.0828 0x0e08 mv91xx - ok
16:44:58.0839 0x0e08 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:44:58.0871 0x0e08 napagent - ok
16:44:58.0879 0x0e08 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:44:58.0896 0x0e08 NativeWifiP - ok
16:44:58.0916 0x0e08 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:44:58.0941 0x0e08 NDIS - ok
16:44:58.0945 0x0e08 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:44:58.0968 0x0e08 NdisCap - ok
16:44:58.0971 0x0e08 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:44:58.0994 0x0e08 NdisTapi - ok
16:44:58.0997 0x0e08 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:44:59.0020 0x0e08 Ndisuio - ok
16:44:59.0025 0x0e08 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:44:59.0050 0x0e08 NdisWan - ok
16:44:59.0054 0x0e08 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:44:59.0076 0x0e08 NDProxy - ok
16:44:59.0079 0x0e08 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:44:59.0102 0x0e08 NetBIOS - ok
16:44:59.0109 0x0e08 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:44:59.0136 0x0e08 NetBT - ok
16:44:59.0139 0x0e08 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
16:44:59.0147 0x0e08 Netlogon - ok
16:44:59.0155 0x0e08 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:44:59.0185 0x0e08 Netman - ok
16:44:59.0190 0x0e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:44:59.0201 0x0e08 NetMsmqActivator - ok
16:44:59.0205 0x0e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:44:59.0216 0x0e08 NetPipeActivator - ok
16:44:59.0227 0x0e08 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:44:59.0258 0x0e08 netprofm - ok
16:44:59.0263 0x0e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:44:59.0274 0x0e08 NetTcpActivator - ok
16:44:59.0279 0x0e08 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:44:59.0289 0x0e08 NetTcpPortSharing - ok
16:44:59.0293 0x0e08 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:44:59.0301 0x0e08 nfrd960 - ok
16:44:59.0309 0x0e08 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:44:59.0323 0x0e08 NlaSvc - ok
16:44:59.0329 0x0e08 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:44:59.0352 0x0e08 Npfs - ok
16:44:59.0355 0x0e08 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:44:59.0378 0x0e08 nsi - ok
16:44:59.0381 0x0e08 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:44:59.0404 0x0e08 nsiproxy - ok
16:44:59.0437 0x0e08 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:44:59.0477 0x0e08 Ntfs - ok
16:44:59.0481 0x0e08 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:44:59.0503 0x0e08 Null - ok
16:44:59.0507 0x0e08 [ 8EBCB9165EE7F1571842F4D9D624A74C, 115F46B8391866762AD41B299F0670D8735D124BD518A53EC73DCDBFCA9C28F9 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
16:44:59.0516 0x0e08 nusb3hub - ok
16:44:59.0521 0x0e08 [ 5D54DBB12BBFE07CC283FD39F2CD6D63, 3DC3F9121F8892EDABD07ACDE45DB025BA2FC4245A8D3EE343F1FDF7189B391F ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:44:59.0531 0x0e08 nusb3xhc - ok
16:44:59.0537 0x0e08 [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:44:59.0547 0x0e08 NVHDA - ok
16:44:59.0724 0x0e08 [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:44:59.0931 0x0e08 nvlddmkm - ok
16:44:59.0971 0x0e08 [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:45:00.0010 0x0e08 NvNetworkService - ok
16:45:00.0015 0x0e08 [ 30458B18AEA941B1FD3A6A076BE95A71, F3B36E52D63939A89658073E1DEFFCD050EF9B39F643771E846737915012D5FB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
16:45:00.0022 0x0e08 nvpciflt - ok
16:45:00.0027 0x0e08 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:45:00.0038 0x0e08 nvraid - ok
16:45:00.0043 0x0e08 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:45:00.0054 0x0e08 nvstor - ok
16:45:00.0057 0x0e08 [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:45:00.0063 0x0e08 NvStreamKms - ok
16:45:00.0065 0x0e08 NvStreamSvc - ok
16:45:00.0084 0x0e08 [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc C:\Windows\system32\nvvsvc.exe
16:45:00.0109 0x0e08 nvsvc - ok
16:45:00.0113 0x0e08 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:45:00.0120 0x0e08 nvvad_WaveExtensible - ok
16:45:00.0124 0x0e08 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:45:00.0134 0x0e08 nv_agp - ok
16:45:00.0137 0x0e08 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:45:00.0147 0x0e08 ohci1394 - ok
16:45:00.0151 0x0e08 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:45:00.0160 0x0e08 ose - ok
16:45:00.0246 0x0e08 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:45:00.0347 0x0e08 osppsvc - ok
16:45:00.0359 0x0e08 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:45:00.0375 0x0e08 p2pimsvc - ok
16:45:00.0385 0x0e08 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:45:00.0402 0x0e08 p2psvc - ok
16:45:00.0406 0x0e08 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:45:00.0416 0x0e08 Parport - ok
16:45:00.0419 0x0e08 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:45:00.0428 0x0e08 partmgr - ok
16:45:00.0434 0x0e08 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:45:00.0449 0x0e08 PcaSvc - ok
16:45:00.0455 0x0e08 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:45:00.0465 0x0e08 pci - ok
16:45:00.0468 0x0e08 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:45:00.0476 0x0e08 pciide - ok
16:45:00.0482 0x0e08 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:45:00.0493 0x0e08 pcmcia - ok
16:45:00.0497 0x0e08 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:45:00.0505 0x0e08 pcw - ok
16:45:00.0518 0x0e08 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:45:00.0553 0x0e08 PEAUTH - ok
16:45:00.0579 0x0e08 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:45:00.0614 0x0e08 PeerDistSvc - ok
16:45:00.0630 0x0e08 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:45:00.0639 0x0e08 PerfHost - ok
16:45:00.0673 0x0e08 [ 1E81496AFF9D7FA2B4C4032B746DE5B9, C4FEFE1A03EBD6BBB67D22461B67F5D080A32D75A58B5A48F3FE68D306B6D8DA ] Ph3xIB64 C:\Windows\system32\DRIVERS\Ph3xIB64.sys
16:45:00.0712 0x0e08 Ph3xIB64 - ok
16:45:00.0739 0x0e08 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:45:00.0789 0x0e08 pla - ok
16:45:00.0799 0x0e08 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:45:00.0816 0x0e08 PlugPlay - ok
16:45:00.0818 0x0e08 PnkBstrA - ok
16:45:00.0821 0x0e08 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:45:00.0830 0x0e08 PNRPAutoReg - ok
16:45:00.0838 0x0e08 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:45:00.0851 0x0e08 PNRPsvc - ok
16:45:00.0862 0x0e08 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:45:00.0894 0x0e08 PolicyAgent - ok
16:45:00.0901 0x0e08 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:45:00.0927 0x0e08 Power - ok
16:45:00.0931 0x0e08 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:45:00.0955 0x0e08 PptpMiniport - ok
16:45:00.0959 0x0e08 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:45:00.0968 0x0e08 Processor - ok
16:45:00.0975 0x0e08 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:45:00.0987 0x0e08 ProfSvc - ok
16:45:00.0990 0x0e08 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:45:00.0999 0x0e08 ProtectedStorage - ok
16:45:01.0003 0x0e08 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:45:01.0027 0x0e08 Psched - ok
16:45:01.0031 0x0e08 [ A6BF0A9B5A30D743623CA0D3BE35DF05, 0AA2DAE7ADC38F4197548DE174D551A0CF9281D2680B07E6C84914CA199C0661 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
16:45:01.0038 0x0e08 PxHlpa64 - ok
16:45:01.0066 0x0e08 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:45:01.0103 0x0e08 ql2300 - ok
16:45:01.0109 0x0e08 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:45:01.0119 0x0e08 ql40xx - ok
16:45:01.0126 0x0e08 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:45:01.0142 0x0e08 QWAVE - ok
16:45:01.0145 0x0e08 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:45:01.0157 0x0e08 QWAVEdrv - ok
16:45:01.0160 0x0e08 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:45:01.0183 0x0e08 RasAcd - ok
16:45:01.0186 0x0e08 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:45:01.0210 0x0e08 RasAgileVpn - ok
16:45:01.0214 0x0e08 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:45:01.0239 0x0e08 RasAuto - ok
16:45:01.0244 0x0e08 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:45:01.0268 0x0e08 Rasl2tp - ok
16:45:01.0276 0x0e08 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:45:01.0305 0x0e08 RasMan - ok
16:45:01.0309 0x0e08 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:45:01.0333 0x0e08 RasPppoe - ok
16:45:01.0337 0x0e08 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:45:01.0361 0x0e08 RasSstp - ok
16:45:01.0369 0x0e08 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:45:01.0396 0x0e08 rdbss - ok
16:45:01.0399 0x0e08 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:45:01.0409 0x0e08 rdpbus - ok
16:45:01.0412 0x0e08 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:45:01.0434 0x0e08 RDPCDD - ok
16:45:01.0441 0x0e08 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:45:01.0452 0x0e08 RDPDR - ok
16:45:01.0455 0x0e08 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:45:01.0477 0x0e08 RDPENCDD - ok
16:45:01.0481 0x0e08 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:45:01.0503 0x0e08 RDPREFMP - ok
16:45:01.0507 0x0e08 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:45:01.0517 0x0e08 RdpVideoMiniport - ok
16:45:01.0523 0x0e08 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:45:01.0536 0x0e08 RDPWD - ok
16:45:01.0542 0x0e08 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:45:01.0553 0x0e08 rdyboost - ok
16:45:01.0557 0x0e08 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:45:01.0582 0x0e08 RemoteAccess - ok
16:45:01.0588 0x0e08 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:45:01.0628 0x0e08 RemoteRegistry - ok
16:45:01.0632 0x0e08 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:45:01.0656 0x0e08 RpcEptMapper - ok
16:45:01.0659 0x0e08 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:45:01.0667 0x0e08 RpcLocator - ok
16:45:01.0678 0x0e08 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:45:01.0709 0x0e08 RpcSs - ok
16:45:01.0713 0x0e08 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:45:01.0737 0x0e08 rspndr - ok
16:45:01.0740 0x0e08 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:45:01.0747 0x0e08 s3cap - ok
16:45:01.0750 0x0e08 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
16:45:01.0758 0x0e08 SamSs - ok
16:45:01.0762 0x0e08 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:45:01.0771 0x0e08 sbp2port - ok
16:45:01.0777 0x0e08 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:45:01.0804 0x0e08 SCardSvr - ok
16:45:01.0807 0x0e08 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:45:01.0829 0x0e08 scfilter - ok
16:45:01.0850 0x0e08 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:45:01.0894 0x0e08 Schedule - ok
16:45:01.0899 0x0e08 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:45:01.0921 0x0e08 SCPolicySvc - ok
16:45:01.0927 0x0e08 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:45:01.0939 0x0e08 SDRSVC - ok
16:45:01.0971 0x0e08 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
16:45:02.0011 0x0e08 SDScannerService - ok
16:45:02.0049 0x0e08 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
16:45:02.0095 0x0e08 SDUpdateService - ok
16:45:02.0102 0x0e08 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
16:45:02.0112 0x0e08 SDWSCService - ok
16:45:02.0115 0x0e08 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:45:02.0138 0x0e08 secdrv - ok
16:45:02.0141 0x0e08 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:45:02.0164 0x0e08 seclogon - ok
16:45:02.0168 0x0e08 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:45:02.0192 0x0e08 SENS - ok
16:45:02.0195 0x0e08 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:45:02.0205 0x0e08 SensrSvc - ok
16:45:02.0208 0x0e08 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:45:02.0217 0x0e08 Serenum - ok
16:45:02.0221 0x0e08 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
16:45:02.0230 0x0e08 Serial - ok
16:45:02.0233 0x0e08 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:45:02.0242 0x0e08 sermouse - ok
16:45:02.0249 0x0e08 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:45:02.0274 0x0e08 SessionEnv - ok
16:45:02.0277 0x0e08 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:45:02.0287 0x0e08 sffdisk - ok
16:45:02.0289 0x0e08 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:45:02.0299 0x0e08 sffp_mmc - ok
16:45:02.0302 0x0e08 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:45:02.0312 0x0e08 sffp_sd - ok
16:45:02.0314 0x0e08 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:45:02.0323 0x0e08 sfloppy - ok
16:45:02.0331 0x0e08 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:45:02.0361 0x0e08 SharedAccess - ok
16:45:02.0370 0x0e08 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:45:02.0399 0x0e08 ShellHWDetection - ok
16:45:02.0402 0x0e08 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:45:02.0410 0x0e08 SiSRaid2 - ok
16:45:02.0414 0x0e08 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:45:02.0423 0x0e08 SiSRaid4 - ok
16:45:02.0427 0x0e08 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:45:02.0451 0x0e08 Smb - ok
16:45:02.0456 0x0e08 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:45:02.0465 0x0e08 SNMPTRAP - ok
16:45:02.0468 0x0e08 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:45:02.0476 0x0e08 spldr - ok
16:45:02.0488 0x0e08 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:45:02.0508 0x0e08 Spooler - ok
16:45:02.0570 0x0e08 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:45:02.0661 0x0e08 sppsvc - ok
16:45:02.0668 0x0e08 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:45:02.0692 0x0e08 sppuinotify - ok
16:45:02.0702 0x0e08 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:45:02.0720 0x0e08 srv - ok
16:45:02.0729 0x0e08 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:45:02.0745 0x0e08 srv2 - ok
16:45:02.0750 0x0e08 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:45:02.0761 0x0e08 srvnet - ok
16:45:02.0767 0x0e08 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:45:02.0794 0x0e08 SSDPSRV - ok
16:45:02.0798 0x0e08 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:45:02.0822 0x0e08 SstpSvc - ok
16:45:02.0824 0x0e08 StarOpen - ok
16:45:02.0841 0x0e08 [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:45:02.0863 0x0e08 Steam Client Service - ok
16:45:02.0873 0x0e08 [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:45:02.0887 0x0e08 Stereo Service - ok
16:45:02.0890 0x0e08 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:45:02.0898 0x0e08 stexstor - ok
16:45:02.0901 0x0e08 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
16:45:02.0909 0x0e08 StillCam - ok
16:45:02.0921 0x0e08 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:45:02.0944 0x0e08 stisvc - ok
16:45:02.0948 0x0e08 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:45:02.0957 0x0e08 storflt - ok
16:45:02.0959 0x0e08 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:45:02.0967 0x0e08 storvsc - ok
16:45:02.0970 0x0e08 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:45:02.0978 0x0e08 swenum - ok
16:45:02.0990 0x0e08 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:45:03.0006 0x0e08 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
16:45:05.0815 0x0e08 Detect skipped due to KSN trusted
16:45:05.0815 0x0e08 SwitchBoard - ok
16:45:05.0835 0x0e08 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:45:05.0881 0x0e08 swprv - ok
16:45:05.0886 0x0e08 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
16:45:05.0895 0x0e08 Synth3dVsc - ok
16:45:05.0927 0x0e08 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:45:05.0972 0x0e08 SysMain - ok
16:45:05.0978 0x0e08 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:45:05.0992 0x0e08 TabletInputService - ok
16:45:06.0000 0x0e08 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:45:06.0028 0x0e08 TapiSrv - ok
16:45:06.0032 0x0e08 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:45:06.0057 0x0e08 TBS - ok
16:45:06.0091 0x0e08 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:45:06.0135 0x0e08 Tcpip - ok
16:45:06.0172 0x0e08 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:45:06.0211 0x0e08 TCPIP6 - ok
16:45:06.0217 0x0e08 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:45:06.0226 0x0e08 tcpipreg - ok
16:45:06.0230 0x0e08 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:45:06.0238 0x0e08 TDPIPE - ok
16:45:06.0241 0x0e08 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:45:06.0249 0x0e08 TDTCP - ok
16:45:06.0253 0x0e08 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:45:06.0263 0x0e08 tdx - ok
16:45:06.0267 0x0e08 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:45:06.0276 0x0e08 TermDD - ok
16:45:06.0279 0x0e08 [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\drivers\terminpt.sys
16:45:06.0287 0x0e08 terminpt - ok
16:45:06.0301 0x0e08 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:45:06.0323 0x0e08 TermService - ok
16:45:06.0326 0x0e08 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:45:06.0339 0x0e08 Themes - ok
16:45:06.0342 0x0e08 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:45:06.0366 0x0e08 THREADORDER - ok
16:45:06.0370 0x0e08 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:45:06.0396 0x0e08 TrkWks - ok
16:45:06.0401 0x0e08 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:45:06.0427 0x0e08 TrustedInstaller - ok
16:45:06.0431 0x0e08 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:45:06.0440 0x0e08 tssecsrv - ok
16:45:06.0443 0x0e08 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:45:06.0452 0x0e08 TsUsbFlt - ok
16:45:06.0455 0x0e08 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:45:06.0463 0x0e08 TsUsbGD - ok
16:45:06.0467 0x0e08 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
16:45:06.0477 0x0e08 tsusbhub - ok
16:45:06.0481 0x0e08 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:45:06.0505 0x0e08 tunnel - ok
16:45:06.0509 0x0e08 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:45:06.0518 0x0e08 uagp35 - ok
16:45:06.0526 0x0e08 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:45:06.0554 0x0e08 udfs - ok
16:45:06.0559 0x0e08 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:45:06.0569 0x0e08 UI0Detect - ok
16:45:06.0575 0x0e08 [ FDB805B2749DACE784BD05125979B478, EEED5D51841C719E9E3A6D0F373418695AA56C248AAA3279F04B6C078407D610 ] uigxrdr C:\Windows\system32\DRIVERS\uigxrdr.sys
16:45:06.0585 0x0e08 uigxrdr - ok
16:45:06.0589 0x0e08 [ 6D5E0269F2B97011800B788ACCF2EAF6, 1F1B0B161BC85F04863FA4383FCC9A1AAAD939394D39D02F061FA7F314719233 ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
16:45:06.0597 0x0e08 UimBus - ok
16:45:06.0611 0x0e08 [ A30AC921D38E6F3EACFF0D0FF5510F1A, 1888455F4B42A0D183F26B8A1C68E2D6DCB2C5F47B4C6E59B0EA568971510D03 ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
16:45:06.0629 0x0e08 Uim_IM - ok
16:45:06.0633 0x0e08 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:45:06.0642 0x0e08 uliagpkx - ok
16:45:06.0645 0x0e08 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:45:06.0653 0x0e08 umbus - ok
16:45:06.0656 0x0e08 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:45:06.0664 0x0e08 UmPass - ok
16:45:06.0670 0x0e08 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:45:06.0683 0x0e08 UmRdpService - ok
16:45:06.0691 0x0e08 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:45:06.0721 0x0e08 upnphost - ok
16:45:06.0725 0x0e08 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:45:06.0728 0x0e08 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
16:45:09.0340 0x0e08 Detect skipped due to KSN trusted
16:45:09.0340 0x0e08 USBAAPL64 - ok
16:45:09.0347 0x0e08 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:45:09.0365 0x0e08 usbaudio - ok
16:45:09.0372 0x0e08 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:45:09.0383 0x0e08 usbccgp - ok
16:45:09.0387 0x0e08 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:45:09.0397 0x0e08 usbcir - ok
16:45:09.0400 0x0e08 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:45:09.0409 0x0e08 usbehci - ok
16:45:09.0417 0x0e08 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:45:09.0432 0x0e08 usbhub - ok
16:45:09.0435 0x0e08 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:45:09.0443 0x0e08 usbohci - ok
16:45:09.0446 0x0e08 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:45:09.0457 0x0e08 usbprint - ok
16:45:09.0461 0x0e08 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:45:09.0470 0x0e08 USBSTOR - ok
16:45:09.0473 0x0e08 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:45:09.0481 0x0e08 usbuhci - ok
16:45:09.0484 0x0e08 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:45:09.0508 0x0e08 UxSms - ok
16:45:09.0511 0x0e08 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
16:45:09.0519 0x0e08 VaultSvc - ok
16:45:09.0522 0x0e08 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:45:09.0530 0x0e08 vdrvroot - ok
16:45:09.0541 0x0e08 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:45:09.0574 0x0e08 vds - ok
16:45:09.0577 0x0e08 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:45:09.0588 0x0e08 vga - ok
16:45:09.0590 0x0e08 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:45:09.0613 0x0e08 VgaSave - ok
16:45:09.0615 0x0e08 VGPU - ok
16:45:09.0622 0x0e08 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:45:09.0633 0x0e08 vhdmp - ok
16:45:09.0636 0x0e08 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:45:09.0644 0x0e08 viaide - ok
16:45:09.0650 0x0e08 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:45:09.0661 0x0e08 vmbus - ok
16:45:09.0664 0x0e08 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:45:09.0672 0x0e08 VMBusHID - ok
16:45:09.0675 0x0e08 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:45:09.0684 0x0e08 volmgr - ok
16:45:09.0693 0x0e08 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:45:09.0707 0x0e08 volmgrx - ok
16:45:09.0715 0x0e08 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:45:09.0728 0x0e08 volsnap - ok
16:45:09.0733 0x0e08 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:45:09.0744 0x0e08 vsmraid - ok
16:45:09.0774 0x0e08 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:45:09.0827 0x0e08 VSS - ok
16:45:09.0831 0x0e08 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:45:09.0841 0x0e08 vwifibus - ok
16:45:09.0850 0x0e08 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:45:09.0881 0x0e08 W32Time - ok
16:45:09.0885 0x0e08 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:45:09.0893 0x0e08 WacomPen - ok
16:45:09.0897 0x0e08 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:45:09.0921 0x0e08 WANARP - ok
16:45:09.0924 0x0e08 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:45:09.0946 0x0e08 Wanarpv6 - ok
16:45:09.0970 0x0e08 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:45:10.0002 0x0e08 WatAdminSvc - ok
16:45:10.0032 0x0e08 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:45:10.0069 0x0e08 wbengine - ok
16:45:10.0076 0x0e08 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:45:10.0092 0x0e08 WbioSrvc - ok
16:45:10.0101 0x0e08 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:45:10.0120 0x0e08 wcncsvc - ok
16:45:10.0123 0x0e08 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:45:10.0133 0x0e08 WcsPlugInService - ok
16:45:10.0136 0x0e08 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:45:10.0144 0x0e08 Wd - ok
16:45:10.0160 0x0e08 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:45:10.0184 0x0e08 Wdf01000 - ok
16:45:10.0188 0x0e08 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:45:10.0198 0x0e08 WdiServiceHost - ok
16:45:10.0202 0x0e08 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:45:10.0211 0x0e08 WdiSystemHost - ok
16:45:10.0218 0x0e08 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:45:10.0232 0x0e08 WebClient - ok
16:45:10.0239 0x0e08 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:45:10.0266 0x0e08 Wecsvc - ok
16:45:10.0270 0x0e08 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:45:10.0295 0x0e08 wercplsupport - ok
16:45:10.0299 0x0e08 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:45:10.0323 0x0e08 WerSvc - ok
16:45:10.0326 0x0e08 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:45:10.0348 0x0e08 WfpLwf - ok
16:45:10.0351 0x0e08 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:45:10.0359 0x0e08 WIMMount - ok
16:45:10.0361 0x0e08 WinDefend - ok
16:45:10.0366 0x0e08 WinHttpAutoProxySvc - ok
16:45:10.0375 0x0e08 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:45:10.0402 0x0e08 Winmgmt - ok
16:45:10.0439 0x0e08 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:45:10.0487 0x0e08 WinRM - ok
16:45:10.0494 0x0e08 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:45:10.0505 0x0e08 WinUsb - ok
16:45:10.0522 0x0e08 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:45:10.0551 0x0e08 Wlansvc - ok
16:45:10.0593 0x0e08 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:45:10.0645 0x0e08 wlidsvc - ok
16:45:10.0649 0x0e08 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:45:10.0658 0x0e08 WmiAcpi - ok
16:45:10.0665 0x0e08 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:45:10.0677 0x0e08 wmiApSrv - ok
16:45:10.0679 0x0e08 WMPNetworkSvc - ok
16:45:10.0682 0x0e08 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:45:10.0691 0x0e08 WPCSvc - ok
16:45:10.0696 0x0e08 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:45:10.0709 0x0e08 WPDBusEnum - ok
16:45:10.0712 0x0e08 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:45:10.0734 0x0e08 ws2ifsl - ok
16:45:10.0738 0x0e08 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:45:10.0752 0x0e08 wscsvc - ok
16:45:10.0754 0x0e08 WSearch - ok
16:45:10.0800 0x0e08 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
16:45:10.0857 0x0e08 wuauserv - ok
16:45:10.0863 0x0e08 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:45:10.0873 0x0e08 WudfPf - ok
16:45:10.0879 0x0e08 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:45:10.0890 0x0e08 WUDFRd - ok
16:45:10.0894 0x0e08 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:45:10.0904 0x0e08 wudfsvc - ok
16:45:10.0910 0x0e08 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:45:10.0923 0x0e08 WwanSvc - ok
16:45:10.0934 0x0e08 [ 79D9CE9614C955DD31AA2556B4014662, 2692681268A5DEE2E07B0F848D76B330CD3AB065451EC9E35653066015EEF135 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
16:45:10.0953 0x0e08 yukonw7 - ok
16:45:10.0956 0x0e08 ================ Scan global ===============================
16:45:10.0958 0x0e08 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:45:10.0964 0x0e08 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:45:10.0974 0x0e08 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:45:10.0979 0x0e08 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:45:10.0988 0x0e08 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:45:10.0994 0x0e08 [ Global ] - ok
16:45:10.0994 0x0e08 ================ Scan MBR ==================================
16:45:10.0996 0x0e08 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:45:11.0017 0x0e08 \Device\Harddisk2\DR2 - ok
16:45:11.0038 0x0e08 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:45:11.0088 0x0e08 \Device\Harddisk0\DR0 - ok
16:45:11.0091 0x0e08 [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
16:45:11.0374 0x0e08 \Device\Harddisk1\DR1 - ok
16:45:11.0374 0x0e08 ================ Scan VBR ==================================
16:45:11.0375 0x0e08 [ ABD464FAFBF7D99B6C6A15E367BA532C ] \Device\Harddisk2\DR2\Partition1
16:45:11.0377 0x0e08 \Device\Harddisk2\DR2\Partition1 - ok
16:45:11.0378 0x0e08 [ B9F11A2F54486BE6543DDA2D9DF7C44D ] \Device\Harddisk2\DR2\Partition2
16:45:11.0379 0x0e08 \Device\Harddisk2\DR2\Partition2 - ok
16:45:11.0381 0x0e08 [ 1AC7E4D1253A1C4F2AF881A09EE6A846 ] \Device\Harddisk0\DR0\Partition1
16:45:11.0440 0x0e08 \Device\Harddisk0\DR0\Partition1 - ok
16:45:11.0440 0x0e08 ================ Scan generic autorun ======================
16:45:11.0444 0x0e08 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:45:11.0462 0x0e08 ShadowPlay - ok
16:45:11.0611 0x0e08 [ E32AC519D0DE92F91F1AD842936CE0BC, 10CF2A3C9EE21BFD79894BFBA15B77BA1BE6D6457D98B782793DC7D26F743D05 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:45:11.0776 0x0e08 RtHDVCpl - ok
16:45:11.0833 0x0e08 [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:45:11.0889 0x0e08 NvBackend - ok
16:45:11.0896 0x0e08 [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
16:45:11.0905 0x0e08 IAAnotif - ok
16:45:11.0938 0x0e08 [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
16:45:11.0977 0x0e08 EvtMgr6 - ok
16:45:11.0987 0x0e08 [ 60B7037D9AAADC4E8C809BC71A39F943, 997291AA8CBE9E405F54F08CBC02EDCA66619078514EAA9A89E0AA4F876BE77A ] C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
16:45:12.0001 0x0e08 Easy-PrintToolBox - ok
16:45:12.0050 0x0e08 [ 5858DE874168C5F0AEA7A353DD520D48, DB77AF431227AEBD92C6E40AC723435E83DCF4620B7366D4FA6D9ACB500AA6EA ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
16:45:12.0108 0x0e08 CanonMyPrinter - ok
16:45:12.0121 0x0e08 [ 647A1E2E56F99405D12867F6F8924B3D, 88EAF333EDC47D4A3F02D63688BDDB13F3A5ACD850719A2E8E16C3BAAD6B6191 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:45:12.0138 0x0e08 AdobeAAMUpdater-1.0 - ok
16:45:12.0332 0x0e08 [ 568AF5AB79BC0CA3FDDD49C03363F605, A9D74EB4B4B063B509CCDECA4E9E988A969E635A608CBFA51B9147719CBF3DE1 ] C:\Program Files\Logitech Gaming Software\LCore.exe
16:45:12.0538 0x0e08 Launch LCore - ok
16:45:12.0563 0x0e08 [ 182B036928F4C7111A1B7EF4CEE1B40C, 3FA7D5047DE519C1CD40394A51AB715F09A7F914519C81DB28888A21250BC3D4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:45:12.0581 0x0e08 avgnt - ok
16:45:12.0597 0x0e08 [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:45:12.0617 0x0e08 StartCCC - ok
16:45:12.0679 0x0e08 [ FEE45AD0B1EBF2C2D295B59BA593F6CD, 7A9B9410E31598F0320104A8874C76EE90E579D4F1719FDF6B11829AA03E5445 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
16:45:12.0750 0x0e08 KiesTrayAgent - ok
16:45:12.0757 0x0e08 [ A915E9E86853E86AAF0216675556B890, D0579457A225BFEE2740D3AE8C77AD853BD571D20203DF331EBBCF05214DCDDF ] C:\Program Files (x86)\EMET\EMET_notifier.exe
16:45:12.0767 0x0e08 EMET Notifier - ok
16:45:12.0796 0x0e08 [ 00AB2B491C7037BB219BEB26FAD34C72, 95EDBBE07EB85EEE1376252AA975BAA61235C80FC03036357BD4786E5D6B9703 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
16:45:12.0833 0x0e08 CanonSolutionMenuEx - ok
16:45:12.0837 0x0e08 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:45:12.0843 0x0e08 APSDaemon - ok
16:45:12.0855 0x0e08 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:45:12.0869 0x0e08 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
16:45:12.0869 0x0e08 Detect skipped due to KSN trusted
16:45:12.0869 0x0e08 SwitchBoard - ok
16:45:12.0889 0x0e08 [ 3EE19173AC7BB16AD239B195D97C13B0, A9E5FC90F20DC7500A186C9D184ED55BC04038FFC6D97714E64C660EAE808A98 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
16:45:12.0915 0x0e08 AdobeCS6ServiceManager - ok
16:45:12.0943 0x0e08 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:45:12.0979 0x0e08 Sidebar - ok
16:45:12.0983 0x0e08 [ 16D510C28673BF1565D096D41234773C, 72BC509E8D9B444B37F10A266DF8E05471FC0006F34367EEF24203419EE9585C ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
16:45:12.0986 0x0e08 phonostar-PlayerTimer - detected UnsignedFile.Multi.Generic ( 1 )
16:45:15.0597 0x0e08 Detect skipped due to KSN trusted
16:45:15.0597 0x0e08 phonostar-PlayerTimer - ok
16:45:15.0600 0x0e08 [ 984F6749E0741C3F22D86C91B46177BE, E967A8C4305444D23B6CE423D75065197AF03388879F16251101E1D7380CD927 ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
16:45:15.0610 0x0e08 KiesPDLR - ok
16:45:15.0617 0x0e08 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe
16:45:15.0631 0x0e08 Google Update - ok
16:45:15.0634 0x0e08 Web Companion - ok
16:45:15.0644 0x0e08 [ C11C16EEDB673972980A9E8B544E43C7, 23CCE12320F2A54A4982F21CAC425EF1B34DE5CE3A8702A9193040735A452381 ] C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe
16:45:15.0644 0x0e08 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe. md5: C11C16EEDB673972980A9E8B544E43C7, sha256: 23CCE12320F2A54A4982F21CAC425EF1B34DE5CE3A8702A9193040735A452381
16:45:15.0647 0x0e08 xlnsxpuw - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:45:18.0320 0x0e08 xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:45:18.0320 0x0e08 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe
16:45:21.0089 0x0e08 Object send P2P result: true
16:45:23.0793 0x0e08 [ FBECD699FC49E72AEE1424338459AED9, B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251 ] C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
16:45:23.0793 0x0e08 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe. md5: FBECD699FC49E72AEE1424338459AED9, sha256: B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251
16:45:23.0794 0x0e08 pipe-according - detected LockedFile.Multi.Generic ( 1 )
16:45:26.0406 0x0e08 Detect turned to UDS exact due to KSN untrusted
16:45:26.0406 0x0e08 pipe-according ( UDS:DangerousObject.Multi.Generic ) - infected
16:45:26.0406 0x0e08 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
16:45:29.0135 0x0e08 Object send P2P result: true
16:45:31.0792 0x0e08 [ 32CCAF89D2E1025AF788B11A1853ACF5, 9CCF3439D58EC278F9B6F1BA8612AD5C9BEAE6A51F3E2F4029EAE572A1CB5346 ] C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe
16:45:31.0793 0x0e08 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe. md5: 32CCAF89D2E1025AF788B11A1853ACF5, sha256: 9CCF3439D58EC278F9B6F1BA8612AD5C9BEAE6A51F3E2F4029EAE572A1CB5346
16:45:31.0793 0x0e08 transition-collect - detected LockedFile.Multi.Generic ( 1 )
16:45:34.0404 0x0e08 Detect turned to UDS exact due to KSN untrusted
16:45:34.0404 0x0e08 transition-collect ( UDS:DangerousObject.Multi.Generic ) - infected
16:45:34.0404 0x0e08 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe
16:45:37.0127 0x0e08 Object send P2P result: true
16:45:39.0788 0x0e08 [ FBECD699FC49E72AEE1424338459AED9, B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251 ] C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
16:45:39.0788 0x0e08 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe. md5: FBECD699FC49E72AEE1424338459AED9, sha256: B89FECCF8B34E073C6F13ED5BBD519CB287B614C1414C5D451B89F4E0A090251
16:45:39.0789 0x0e08 pipe-according - detected LockedFile.Multi.Generic ( 1 )
16:45:39.0789 0x0e08 Detect turned to UDS exact due to KSN untrusted
16:45:39.0789 0x0e08 pipe-according ( UDS:DangerousObject.Multi.Generic ) - infected
16:45:39.0789 0x0e08 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
16:45:42.0531 0x0e08 Object send P2P result: true
16:45:45.0198 0x0e08 [ 32CCAF89D2E1025AF788B11A1853ACF5, 9CCF3439D58EC278F9B6F1BA8612AD5C9BEAE6A51F3E2F4029EAE572A1CB5346 ] C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe
16:45:45.0198 0x0e08 Suspicious file ( NoAccess ): C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe. md5: 32CCAF89D2E1025AF788B11A1853ACF5, sha256: 9CCF3439D58EC278F9B6F1BA8612AD5C9BEAE6A51F3E2F4029EAE572A1CB5346
16:45:45.0198 0x0e08 transition-collect - detected LockedFile.Multi.Generic ( 1 )
16:45:45.0199 0x0e08 Detect turned to UDS exact due to KSN untrusted
16:45:45.0199 0x0e08 transition-collect ( UDS:DangerousObject.Multi.Generic ) - infected
16:45:45.0199 0x0e08 Force sending object to P2P due to detect: C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe
16:45:47.0933 0x0e08 Object send P2P result: true
16:45:50.0630 0x0e08 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:45:50.0662 0x0e08 Sidebar - ok
16:45:50.0664 0x0e08 swg - ok
16:45:50.0673 0x0e08 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.644 ), 0x40000 ( disabled : updated )
16:45:50.0677 0x0e08 Win FW state via NFP2: enabled
16:45:53.0331 0x0e08 ============================================================
16:45:53.0331 0x0e08 Scan finished
16:45:53.0331 0x0e08 ============================================================
16:45:53.0340 0x1718 Detected object count: 5
16:45:53.0340 0x1718 Actual detected object count: 5
16:46:05.0169 0x1718 C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe - copied to quarantine
16:46:05.0170 0x1718 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Run:xlnsxpuw - will be deleted on reboot
16:46:05.0171 0x1718 C:\Users\Wolf\AppData\Local\Temp\Rhvzfvwumd\flzrbtxpuw.exe - will be deleted on reboot
16:46:05.0171 0x1718 xlnsxpuw ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
16:46:05.0178 0x1718 C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe - copied to quarantine
16:46:05.0179 0x1718 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Run:pipe-according - will be deleted on reboot
16:46:05.0180 0x1718 C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe - will be deleted on reboot
16:46:05.0180 0x1718 pipe-according ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
16:46:05.0186 0x1718 C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe - copied to quarantine
16:46:05.0186 0x1718 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\Run:transition-collect - will be deleted on reboot
16:46:05.0187 0x1718 C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe - will be deleted on reboot
16:46:05.0187 0x1718 transition-collect ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
16:46:05.0192 0x1718 C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe - copied to quarantine
16:46:05.0193 0x1718 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce:pipe-according - will be deleted on reboot
16:46:05.0193 0x1718 C:\Users\Wolf\AppData\Local\Pipenose\pipe_peak.exe - will be deleted on reboot
16:46:05.0193 0x1718 pipe-according ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
16:46:05.0198 0x1718 C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe - copied to quarantine
16:46:05.0199 0x1718 HKU\S-1-5-21-16447771-1256991811-2654833542-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce:transition-collect - will be deleted on reboot
16:46:05.0199 0x1718 C:\Users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe - will be deleted on reboot
16:46:05.0199 0x1718 transition-collect ( UDS:DangerousObject.Multi.Generic ) - User select action: Delete
16:46:05.0276 0x1718 KLMD registered as C:\Windows\system32\drivers\39957745.sys
16:46:15.0832 0x1bb4 Deinitialize success
|
|
06.03.2015, 17:05
| #12 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 hier Logfile 2: VG ewo TDSSKiller.3.0.0.44_06.03.2015_16.49.13_log.txt Code:
ATTFilter 16:49:13.0302 0x0c50 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:49:14.0981 0x0c50 ============================================================
16:49:14.0981 0x0c50 Current date / time: 2015/03/06 16:49:14.0981
16:49:14.0981 0x0c50 SystemInfo:
16:49:14.0981 0x0c50
16:49:14.0981 0x0c50 OS Version: 6.1.7601 ServicePack: 1.0
16:49:14.0981 0x0c50 Product type: Workstation
16:49:14.0981 0x0c50 ComputerName: WOLF-PC
16:49:14.0981 0x0c50 UserName: Wolf
16:49:14.0981 0x0c50 Windows directory: C:\Windows
16:49:14.0981 0x0c50 System windows directory: C:\Windows
16:49:14.0981 0x0c50 Running under WOW64
16:49:14.0981 0x0c50 Processor architecture: Intel x64
16:49:14.0981 0x0c50 Number of processors: 8
16:49:14.0981 0x0c50 Page size: 0x1000
16:49:14.0981 0x0c50 Boot type: Normal boot
16:49:14.0981 0x0c50 ============================================================
16:49:14.0991 0x0c50 BG loaded
16:49:15.0171 0x0c50 System UUID: {88B87F8C-D652-A2BF-1E0B-C5F3C3E5E959}
16:49:15.0778 0x0c50 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
16:49:15.0794 0x0c50 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:49:15.0794 0x0c50 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:49:15.0809 0x0c50 ============================================================
16:49:15.0809 0x0c50 \Device\Harddisk2\DR2:
16:49:15.0809 0x0c50 MBR partitions:
16:49:15.0809 0x0c50 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:49:15.0809 0x0c50 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x33000, BlocksNum 0x746D3000
16:49:15.0809 0x0c50 \Device\Harddisk0\DR0:
16:49:15.0809 0x0c50 MBR partitions:
16:49:15.0809 0x0c50 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
16:49:15.0809 0x0c50 \Device\Harddisk1\DR1:
16:49:15.0809 0x0c50 MBR partitions:
16:49:15.0809 0x0c50 ============================================================
16:49:15.0809 0x0c50 C: <-> \Device\Harddisk2\DR2\Partition2
16:49:15.0841 0x0c50 D: <-> \Device\Harddisk0\DR0\Partition1
16:49:15.0841 0x0c50 ============================================================
16:49:15.0841 0x0c50 Initialize success
16:49:15.0841 0x0c50 ============================================================
16:49:28.0345 0x13f8 Deinitialize success
|
|
07.03.2015, 12:51
| #13 |
| /// the machine /// TB-Ausbilder | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.03.2015, 16:46
| #14 |
| | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 hi schrauber, Danke für die Nachricht. Ich habe Combofix laufen lassen. So weit ich es beurteilen kann, ist das Programm komplett durchgelaufen. Nach autom. Reboot habe ich Logfile unter Combofix.txt auf desktop abgelegt. VG ewo Combofix.txt: Combofix Logfile: Code:
ATTFilter ComboFix 15-03-01.01 - Wolf 07.03.2015 16:18:34.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.12279.8283 [GMT 1:00]
ausgeführt von:: c:\users\Wolf\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Wolf\AppData\Local\Adobe\gccheck.exe
c:\users\Wolf\AppData\Local\Adobe\gtbcheck.exe
c:\users\Wolf\AppData\Local\Adobe\SecurityScan_Release.exe
c:\users\Wolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\{905D4F75-1888-49B0-9C3F-DA723BC3ACB1}.xps
c:\users\Wolf\AppData\Local\Microsoft\Windows\Temporary Internet Files\coremeter_v1.5.0.gadget
c:\users\Wolf\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll
c:\users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-07 bis 2015-03-07 ))))))))))))))))))))))))))))))
.
.
2015-03-07 15:25 . 2015-03-07 15:25 -------- d-----w- C:\dvmexp
2015-03-07 15:23 . 2015-03-07 15:23 -------- d-----w- c:\users\Test-Admin\AppData\Local\temp
2015-03-07 15:23 . 2015-03-07 15:23 -------- d-----w- c:\users\postgres\AppData\Local\temp
2015-03-07 15:23 . 2015-03-07 15:23 -------- d-----w- c:\users\Lars\AppData\Local\temp
2015-03-07 15:23 . 2015-03-07 15:23 -------- d-----w- c:\users\Drop\AppData\Local\temp
2015-03-07 15:23 . 2015-03-07 15:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-06 15:46 . 2015-03-06 15:46 -------- d-----w- C:\TDSSKiller_Quarantine
2015-03-06 13:39 . 2015-03-06 15:47 -------- d--h--w- c:\users\Wolf\AppData\Roaming\Transition_career
2015-03-05 09:17 . 2015-03-05 09:19 -------- d-----w- C:\FRST
2015-03-05 07:33 . 2015-03-06 15:42 -------- d--h--w- c:\users\Wolf\AppData\Roaming\Transitionreduce
2015-03-04 17:22 . 2015-03-06 15:47 -------- d--h--w- c:\users\Wolf\AppData\Local\Pipenose
2015-03-04 12:52 . 2015-03-04 12:52 -------- d-----w- c:\users\Wolf\AppData\Roaming\PACE Anti-Piracy
2015-03-04 12:52 . 2015-03-04 12:52 -------- d-----w- c:\users\Wolf\AppData\Local\PACE Anti-Piracy
2015-03-04 12:52 . 2015-03-04 12:52 -------- d-----w- c:\programdata\PACE Anti-Piracy
2015-03-04 12:28 . 2015-03-05 09:41 -------- d-----w- c:\users\Wolf\AppData\Local\CrashDumps
2015-03-04 12:25 . 2015-03-04 12:25 -------- d-----w- c:\programdata\nppeja
2015-03-04 10:36 . 2015-03-04 10:36 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-03-01 18:33 . 2015-03-01 18:33 -------- d-----w- c:\users\Wolf\AppData\Local\Steam
2015-02-28 23:48 . 2015-02-28 23:48 -------- d-----w- c:\users\Wolf\AppData\Roaming\Windows Live Writer
2015-02-28 23:48 . 2015-02-28 23:48 -------- d-----w- c:\users\Wolf\AppData\Local\Windows Live Writer
2015-02-28 20:58 . 2015-02-28 21:20 -------- d-----w- c:\users\Wolf\AppData\Roaming\jAlbum
2015-02-28 20:58 . 2015-02-28 20:58 -------- d-----w- c:\program files (x86)\jAlbum
2015-02-25 20:00 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-02-25 20:00 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-02-25 20:00 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-02-25 20:00 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-02-25 11:34 . 2015-02-25 16:11 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2015-02-21 15:07 . 2015-02-21 15:07 -------- d-----w- c:\users\Lars\AppData\Local\Steam
2015-02-19 18:54 . 2015-02-18 10:55 372264 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2015-02-19 18:54 . 2015-02-18 10:55 326240 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll
2015-02-19 18:54 . 2015-02-19 18:54 -------- d-----w- c:\users\Wolf\AppData\Local\CrystalDiskMark
2015-02-13 09:57 . 2015-02-13 09:57 -------- d-----w- c:\users\Wolf\AppData\Local\Opera Software
2015-02-13 09:57 . 2015-02-13 09:57 -------- d-----w- c:\users\Wolf\AppData\Roaming\Opera Software
2015-02-12 06:58 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-12 06:58 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-12 06:58 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-12 06:58 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-11 19:20 . 2015-02-05 17:57 621384 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-02-11 12:13 . 2015-02-04 03:16 609280 ----a-w- c:\windows\system32\generaltel.dll
2015-02-11 12:12 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-11 12:12 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-11 12:12 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-11 12:12 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-11 12:12 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-11 12:12 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-11 12:12 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 12:12 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 12:12 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-11 12:12 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
2015-02-09 19:25 . 2015-02-09 19:25 -------- d-----w- C:\UDK
2015-02-08 16:32 . 2015-02-08 16:32 -------- d-----w- c:\users\Lars\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2015-02-06 13:41 . 2015-02-06 13:46 -------- d-----w- c:\users\Wolf\AppData\Roaming\IrfanView
2015-02-06 13:41 . 2015-02-06 13:41 -------- d-----w- c:\program files (x86)\IrfanView
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-04 09:24 . 2013-08-05 14:52 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-03-04 09:24 . 2013-08-05 14:52 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-03-04 09:24 . 2013-08-05 14:52 128536 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-02-11 21:52 . 2011-04-22 08:12 116773704 ----a-w- c:\windows\system32\MRT.exe
2015-02-05 21:01 . 2015-01-22 16:35 32106640 ----a-w- c:\windows\system32\nvoglv64.dll
2015-02-05 21:01 . 2014-11-20 09:42 16017040 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-02-05 21:01 . 2013-12-24 12:08 3299512 ----a-w- c:\windows\system32\nvapi64.dll
2015-02-05 21:01 . 2013-12-24 12:08 18575880 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-02-05 21:01 . 2013-12-24 12:08 17253848 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-02-05 21:01 . 2013-12-24 12:08 2902784 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-02-05 21:01 . 2013-12-24 12:08 14119744 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-02-05 19:07 . 2013-12-24 12:09 6861128 ----a-w- c:\windows\system32\nvcpl.dll
2015-02-05 19:07 . 2013-12-24 12:09 3517584 ----a-w- c:\windows\system32\nvsvc64.dll
2015-02-05 19:07 . 2013-12-24 12:09 935056 ----a-w- c:\windows\system32\nvvsvc.exe
2015-02-05 19:07 . 2013-12-24 12:09 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-02-05 19:07 . 2013-12-24 12:09 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-02-05 19:06 . 2013-12-24 12:09 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-02-05 12:50 . 2013-12-24 12:09 4236870 ----a-w- c:\windows\system32\nvcoproc.bin
2015-02-05 09:13 . 2014-10-19 07:35 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 09:13 . 2014-10-19 07:35 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-16 06:41 . 2014-06-02 16:19 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-01-16 06:41 . 2013-12-24 12:15 1278920 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-01-16 06:41 . 2014-06-02 16:19 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-01-16 06:41 . 2013-12-24 12:15 1514528 ----a-w- c:\windows\system32\nvspcap64.dll
2015-01-13 04:15 . 2015-01-22 16:35 30536 ----a-w- c:\windows\system32\nvhdap64.dll
2015-01-13 04:15 . 2015-01-22 16:35 195728 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-01-13 04:15 . 2014-01-22 18:48 1540240 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-01-10 08:07 . 2015-01-22 16:35 1895240 ----a-w- c:\windows\system32\nvdispco6434725.dll
2015-01-10 08:07 . 2015-01-22 16:35 1556808 ----a-w- c:\windows\system32\nvdispgenco6434725.dll
2015-01-06 03:36 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-14 17:45 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-14 17:45 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-14 17:45 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-06-03 13:46 223432 ----a-w- c:\users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-06-03 13:46 223432 ----a-w- c:\users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-06-03 13:46 223432 ----a-w- c:\users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"phonostar-PlayerTimer"="c:\program files (x86)\phonostar-Player\phonostarTimer.exe" [2012-04-03 41472]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-03-04 704248]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-06-08 3521464]
"EMET Notifier"="c:\program files (x86)\EMET\EMET_notifier.exe" [2012-05-09 152152]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1612920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2014-12-03 41360]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2014-12-03 840592]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-02-15 2694320]
.
c:\users\Wolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
OpenOffice.org 3.3.lnk.disabled [2011-4-28 1235]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"BrMfcWnd"=c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
"ControlCenter3"=c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"TurboV"="c:\program files\ASUS\TurboV\TurboV.exe" -b
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 BioNTDrv;BioNTDrv;c:\program files (x86)\Paragon Software\Festplatten Manager 12 Professional\program\BioNTDrv.SYS;c:\program files (x86)\Paragon Software\Festplatten Manager 12 Professional\program\BioNTDrv.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 uigxrdr;uigxrdr;c:\windows\system32\DRIVERS\uigxrdr.sys;c:\windows\SYSNATIVE\DRIVERS\uigxrdr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 MDES;DVM Meta Data Export Service;c:\asus.sys\CONFIG\DVMExportService.exe;c:\asus.sys\CONFIG\DVMExportService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 auusb;Auerswald ISDN USB Driver;c:\windows\system32\DRIVERS\auusb.sys;c:\windows\SYSNATIVE\DRIVERS\auusb.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;c:\windows\system32\DRIVERS\LGSUsbFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSUsbFilt.Sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys;c:\windows\SYSNATIVE\DRIVERS\Ph3xIB64.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-19 09:13]
.
2015-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-19 06:27]
.
2015-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-19 06:27]
.
2015-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001Core.job
- c:\users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 08:59]
.
2015-03-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-16447771-1256991811-2654833542-1001UA.job
- c:\users\Wolf\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-23 08:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2015-02-11 14:13 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2015-02-11 14:13 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2015-02-11 14:13 997536 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-06-03 13:46 262344 ----a-w- c:\users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-06-03 13:46 262344 ----a-w- c:\users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-06-03 13:46 262344 ----a-w- c:\users\Wolf\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-01-16 1514528]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-11-03 8317472]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-01-16 2585928]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"Easy-PrintToolBox"="c:\program files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-15 2779024]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-02-03 557768]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-07-02 10464536]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.bing.com/?pc=COSP&ptag=D021915-ABA01A7CCEB2146F8A7F&form=CONMHP&conlogo=CT3330961
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Wolf\AppData\Roaming\Mozilla\Firefox\Profiles\a9zkaank.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.adfc-frankfurt.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-Web Companion - c:\program files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
Wow6432Node-HKCU-Run-pipe-according - c:\users\Wolf\AppData\Local\Pipenose\pipe_peak.exe
Wow6432Node-HKCU-Run-transition-collect - c:\users\Wolf\AppData\Roaming\Transition_career\transition_scale.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-98794667.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-BattlEye for A2 - d:\programme\Spiele\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\ASUS\Six Engine\SixEngine.exe
c:\users\Wolf\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-03-07 16:27:32 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-03-07 15:27
.
Vor Suchlauf: 21 Verzeichnis(se), 760.810.934.272 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 760.065.781.760 Bytes frei
.
- - End Of File - - 32B576E40CB40BCFB0A1AECCEF0982CD
A36C5E4F47E84449FF07ED3517B43A31 [/CODE] |
|
08.03.2015, 08:41
| #15 |
| /// the machine /// TB-Ausbilder | WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu WIN7: Avira Funde TR/Trustezeb.118785 und TR/Crypt.ZACK.128114 |
| anleitung, autostart, avira, code, erhalte, gen, gmer, installiert, laufwerke, leute, log-file, logfiles, malwarebytes, meldet, meldungen, neustart, programm, rechner, runter, verdächtige, webseite, webseiten, win, win7, zugriff |
WARNUNG an die MITLESER: 
Linear-Darstellung
