| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nach Javaws.exe*32 Virus neue *32 Programme im TaskmanagerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.09.2015, 18:36
| #1 |
 |  Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager Hallo Community, ich bin neu hier und hoffe das ihr mir helfen könnt. Ich bin einfach nur noch verzweifelt. Vor kurzem habe ich meinem Vater erlaubt, dass er mal an meinen Laptop darf. Nachdem er diverse Fußball Seiten besucht hat, wollte ich mal an den Laptop, wegen Schulicher Aufgaben. Plötzlich habe ich gemerkt wie sehr er hängt und als ich einen Blick auf die Prozesse geworfen habe, waren um die 3000 Programme Namens "javaws.exe*32" offen. Keine Ahnung wie das Ding auf den Rechner gekommen ist, aber nachdem ich alles mit Java gelöscht habe, ist der Virus nun verschwunden?! Um den Virus zu entfernen, habe ich alle Java Daten gelöscht, auch aus der Registry. Dann einmal Malwarebyte laufen lassen, aber danach deinstalliert und den adwcleaner. Seitdem Virus sind einige Programme ständig mit einem "*32* versehen. Zum LAptop: Sony Vaio VPCEH3Q1E Windows 7 Home Premium 64 Bit Intel I5-2450M Ram: 8Gb Ich Liste mal die 6 auf, gab noch 1-2 mehr, die ich aber nicht mehr finde. avastui.exe *32 (an meinem anderen Laptop steht nur: avastui.exe)??? BingSvc.exe *32 (hatte ich eigentlich damals alles gelöscht und entfernt) firefox.exe *32 (an meinem anderen Laptop steht nur: firefox.exe)??? IAStorIcon.exe *32 (Intel Treiber) ioloTools.exe *32 (gehört zu Vaio Care) listener.exe *32 (gehört auch zu Vaio Care) Zudem starten seit dem Virus sämtliche Sony und Intel Programme, dass erklärt wahrscheinlich die belegten 2 GB Ram? An meinen anderen Windows 7 Geräten sind alle Treiber vom Hersteller installiert, aber trotzdem sehe ich keins davon dauerhaft laufen. Zudem habe ich das Problem, dass am Laptop dauerhaft 2 GB RAM belegt sind und die CPU auf 65% steigt wenn ich z.b. Firefox öffnen will. Würde mich echt freuen, wenn mich einer aus dieser Kriese rausholt. Vielen dank an alle im Voraus. |
|
30.09.2015, 19:10
| #2 |
| /// the machine /// TB-Ausbilder    | Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
30.09.2015, 19:33
| #3 |
| | Nach Javaws.exe*32 Virus neue *32 Programme im TaskmanagerCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-09-2015
durchgeführt von sony_ (2015-09-30 20:30:12)
Gestartet von C:\Users\sony_\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-07-18 16:00:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3702522348-1086711315-1832465872-500 - Administrator - Disabled)
Gast (S-1-5-21-3702522348-1086711315-1832465872-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3702522348-1086711315-1832465872-1002 - Limited - Enabled)
sony_ (S-1-5-21-3702522348-1086711315-1832465872-1000 - Administrator - Enabled) => C:\Users\sony_
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 41.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 de)) (Version: 41.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0 - Mozilla)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
VAIO Care (HKLM\...\{934ACD4F-3E96-4B2A-96A8-158A5E057288}) (Version: 8.4.3.07161 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
11-09-2015 20:52:43 Windows Update
16-09-2015 21:04:09 Wiederherstellungsvorgang
16-09-2015 21:16:53 avast! antivirus system restore point
16-09-2015 21:22:14 Removed Apple Application Support (64-Bit)
16-09-2015 22:12:16 Removed Java 8 Update 51
16-09-2015 22:38:52 Wiederherstellungsvorgang
17-09-2015 16:54:02 avast! antivirus system restore point
19-09-2015 23:47:19 Wiederherstellungsvorgang
19-09-2015 23:59:13 avast! antivirus system restore point
23-09-2015 22:10:02 Entfernt VAIO Update
23-09-2015 22:10:36 Installiert VAIO Update
23-09-2015 22:12:25 Removed Java 8 Update 51
23-09-2015 22:37:43 zoek.exe restore point
23-09-2015 23:18:37 Removed Apple Application Support (64-Bit)
23-09-2015 23:20:53 Removed Apple Software Update
23-09-2015 23:21:55 Removed Bonjour
23-09-2015 23:22:19 Removed Apple Application Support (64-Bit)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {110DBA63-29E3-410C-A6CA-55F2CF73395D} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {147B96BD-86CF-4FA0-BED7-19083630AD34} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {19BAC51A-63CD-400E-BE38-7B179E1B5C8A} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {19C66770-2B3D-4BF1-949E-97B1FE477721} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {23538302-7D82-4161-8723-33F9D7D850E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-15] (AVAST Software)
Task: {2EF9E6E9-E55F-4245-A4CD-1BBC9407EA7D} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation)
Task: {343BF8CB-EFEC-40EB-B5AC-D0851A8218B8} - System32\Tasks\{51B5A9C7-E38E-438A-885D-8AB6FF36DD5A} => pcalua.exe -a C:\Users\sony_\AppData\Local\Temp\Temp1_INAOTH-00246595-0042.zip\INAOTH-00246595-0042.EXE
Task: {36EBC875-58E5-4802-834D-4FE276D715B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23] (Adobe Systems Incorporated)
Task: {53724F31-4835-4391-895E-CB2EBC0C7753} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {5CBBDEE1-7071-4C78-9D43-668A67F37BCF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {61088920-1063-4180-94EC-5EE65E7EDC32} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {6C0859EC-04D7-4E3E-B635-110B04309DD8} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {6DF9B524-A118-4296-8C81-90DC332DE7EA} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {7705CA69-B3C6-4301-A68F-170179FC6F28} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-13] (Sony Corporation)
Task: {78FC4E19-F5C4-40CB-B6E6-67DA25E14794} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {7E550FE2-C133-410E-B742-A44A191B4C5F} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {A8C1E6A2-27A8-46AC-A9D9-354E7EB10B0E} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {B407BE6C-AAF8-4E57-94EF-D2BDA56F5FE9} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {B55BD769-FD6D-4061-858A-66C86F68B0C9} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {C36F09CF-13CC-49EF-8232-7BC5A9B3C8F5} - System32\Tasks\{A2369A87-3B35-40D1-A888-C039116DD9E5} => pcalua.exe -a C:\Users\sony_\AppData\Local\Temp\Temp1_SODFEP-00224384-0042.zip\SODFEP-00224384-0042.EXE
Task: {D3F0742A-4411-43C4-8A11-07F4B269BBA8} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-22 15:46 - 2011-03-23 12:30 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-04 16:37 - 2015-02-04 16:37 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2015-08-15 21:34 - 2015-08-15 21:34 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-15 21:34 - 2015-08-15 21:34 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-25 15:19 - 2015-09-25 15:19 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092500\algo.dll
2015-09-30 19:07 - 2015-09-30 19:07 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15093001\algo.dll
2015-07-22 16:00 - 2015-07-22 16:00 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-22 16:32 - 2015-07-22 16:32 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2015-07-22 16:29 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-02-04 16:37 - 2015-02-04 16:37 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll
2015-09-23 22:12 - 2015-09-23 22:12 - 17592008 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sony_\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7D29CA0F-7312-4E3E-9A67-FB45E23EDC4B}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{63334D99-7DD7-4699-93B5-6C2B435ADA13}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{5A4F11E0-3242-4D31-9005-A8F66FDAD6D1}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{8EDBB27F-F9BC-4CEC-BD47-65BDFC48D291}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{4E1D08F3-3E41-4B9D-91B8-67AEA29F29D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4001CD5D-1B21-473A-826F-7A08EEE7B02D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/25/2015 03:28:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/24/2015 11:12:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/24/2015 03:02:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DaS_21.exe, Version: 2.1.0.4, Zeitstempel: 0x540c90b2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366fd
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0xb34
Startzeit der fehlerhaften Anwendung: 0xDaS_21.exe0
Pfad der fehlerhaften Anwendung: DaS_21.exe1
Pfad des fehlerhaften Moduls: DaS_21.exe2
Berichtskennung: DaS_21.exe3
Error: (09/24/2015 03:02:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DaS_21.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.String.InternalSubStringWithChecks(Int32, Int32, Boolean)
bei DriverAndServicesOut.GetProcess.GetPathName(System.String)
bei DriverAndServicesOut.GetProcess.GetAllServices(System.String)
bei DriverAndServicesOut.Program.Main(System.String[])
Error: (09/24/2015 02:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DaS_21.exe, Version: 2.1.0.4, Zeitstempel: 0x540c90b2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366fd
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0x13f0
Startzeit der fehlerhaften Anwendung: 0xDaS_21.exe0
Pfad der fehlerhaften Anwendung: DaS_21.exe1
Pfad des fehlerhaften Moduls: DaS_21.exe2
Berichtskennung: DaS_21.exe3
Error: (09/24/2015 02:32:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DaS_21.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.String.InternalSubStringWithChecks(Int32, Int32, Boolean)
bei DriverAndServicesOut.GetProcess.GetPathName(System.String)
bei DriverAndServicesOut.GetProcess.GetAllServices(System.String)
bei DriverAndServicesOut.Program.Main(System.String[])
Error: (09/23/2015 10:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DaS_21.exe, Version: 2.1.0.4, Zeitstempel: 0x540c90b2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366fd
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0x708
Startzeit der fehlerhaften Anwendung: 0xDaS_21.exe0
Pfad der fehlerhaften Anwendung: DaS_21.exe1
Pfad des fehlerhaften Moduls: DaS_21.exe2
Berichtskennung: DaS_21.exe3
Error: (09/23/2015 10:38:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DaS_21.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.String.InternalSubStringWithChecks(Int32, Int32, Boolean)
bei DriverAndServicesOut.GetProcess.GetPathName(System.String)
bei DriverAndServicesOut.GetProcess.GetAllServices(System.String)
bei DriverAndServicesOut.Program.Main(System.String[])
Error: (09/23/2015 10:35:17 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (09/23/2015 10:35:16 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Systemfehler:
=============
Error: (09/24/2015 11:25:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/24/2015 11:25:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\sony_\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/24/2015 11:25:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/24/2015 11:25:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\sony_\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/24/2015 11:25:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/24/2015 11:25:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\sony_\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/24/2015 11:14:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/24/2015 11:14:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\sony_\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/24/2015 11:14:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/24/2015 11:14:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\sony_\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8139.86 MB
Verfügbarer physikalischer RAM: 5799.18 MB
Summe virtueller Speicher: 16277.93 MB
Verfügbarer virtueller Speicher: 13652.08 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:248.06 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2FB00DA5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
durchgeführt von sony_ (Administrator) auf DANYAL (30-09-2015 20:29:37)
Gestartet von C:\Users\sony_\Downloads
Geladene Profile: sony_ (Verfügbare Profile: sony_)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(© 2015 Microsoft Corporation) C:\Users\sony_\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-09-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-22] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\...\Run: [BingSvc] => C:\Users\sony_\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\...\MountPoints2: {a4eb4df3-2d64-11e5-8621-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-07-19] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-15] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{080235DC-3C36-4883-BA13-C5BE4C32572B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8117FB30-D23F-46AB-916A-AAA04E8623E9}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3702522348-1086711315-1832465872-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-15] (AVAST Software)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-15] (AVAST Software)
FireFox:
========
FF ProfilePath: C:\Users\sony_\AppData\Roaming\Mozilla\Firefox\Profiles\31b6azlq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Extension: Adblock Plus - C:\Users\sony_\AppData\Roaming\Mozilla\Firefox\Profiles\31b6azlq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-22]
Chrome:
=======
CHR HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-22]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-15] (AVAST Software)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2015-02-04] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-15] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-30 20:29 - 2015-09-30 20:29 - 00011125 _____ C:\Users\sony_\Downloads\FRST.txt
2015-09-30 20:25 - 2015-09-30 20:29 - 00000000 ____D C:\FRST
2015-09-30 20:23 - 2015-09-30 20:24 - 02192384 _____ (Farbar) C:\Users\sony_\Downloads\FRST64.exe
2015-09-30 18:59 - 2015-09-30 18:59 - 00000000 ___RD C:\Users\sony_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-09-25 15:44 - 2015-09-25 15:45 - 00000000 ____D C:\Users\sony_\Desktop\Musik
2015-09-24 23:12 - 2015-09-24 23:12 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-24 23:11 - 2015-09-24 23:11 - 02870984 _____ (ESET) C:\Users\sony_\Downloads\esetsmartinstaller_deu.exe
2015-09-24 22:47 - 2015-09-24 22:48 - 00001137 _____ C:\Windows\SysWOW64\mwXface.log
2015-09-24 22:22 - 2015-09-24 22:22 - 00000000 ____D C:\Users\sony_\AppData\Local\VirtualStore
2015-09-24 15:25 - 2015-09-24 15:00 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-09-24 15:02 - 2015-09-24 14:56 - 00052079 _____ C:\zoek-results2015-09-24-125649.log
2015-09-24 14:32 - 2015-09-23 23:07 - 00016787 _____ C:\zoek-results2015-09-23-210705.log
2015-09-24 14:26 - 2015-09-30 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-24 14:26 - 2015-09-24 14:26 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-24 14:26 - 2015-09-24 14:26 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-23 22:37 - 2015-09-24 15:26 - 00052015 _____ C:\zoek-results.log
2015-09-23 22:10 - 2015-09-23 22:10 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-09-20 13:25 - 2015-09-20 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-20 00:01 - 2015-08-15 21:34 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-15 15:13 - 2015-09-24 15:02 - 00000000 ____D C:\Users\sony_\AppData\Local\CrashDumps
2015-09-15 15:13 - 2015-09-15 15:13 - 00000000 ____D C:\ProgramData\HP
2015-09-15 15:12 - 2015-09-16 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-09-15 15:11 - 2015-09-15 15:13 - 00000000 ____D C:\Program Files (x86)\HP
2015-09-15 15:09 - 2015-09-16 21:13 - 00000000 ____D C:\Users\sony_\AppData\Local\HP
2015-09-11 21:35 - 2015-09-16 21:12 - 00000000 ____D C:\Windows\system32\GWX
2015-09-08 22:22 - 2015-09-08 23:11 - 00000000 ____D C:\Users\sony_\Desktop\Handy
2015-09-05 22:27 - 2015-09-05 22:27 - 00000000 ____D C:\Users\sony_\AppData\Roaming\Sun
2015-09-05 22:27 - 2015-09-05 22:27 - 00000000 ____D C:\Users\sony_\.oracle_jre_usage
2015-09-05 14:30 - 2015-09-04 19:35 - 01221814 _____ C:\Users\sony_\Desktop\IMG_3533.mp4
2015-09-05 14:28 - 2015-09-08 22:46 - 00000000 ____D C:\Users\sony_\Desktop\Bilder
2015-09-05 13:44 - 2015-09-17 16:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-05 13:44 - 2015-09-05 13:50 - 00000000 ____D C:\Users\sony_\AppData\Roaming\Apple Computer
2015-09-05 13:44 - 2015-09-05 13:44 - 00000000 ____D C:\Users\sony_\AppData\Local\Apple Computer
2015-09-05 13:43 - 2015-09-19 23:56 - 00000000 ____D C:\ProgramData\Apple
2015-09-05 13:43 - 2015-09-05 13:43 - 00000000 ____D C:\Users\sony_\AppData\Local\Apple
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-30 20:26 - 2015-07-22 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-30 20:12 - 2015-07-22 16:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-30 19:31 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-30 19:31 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-30 19:25 - 2015-07-18 17:59 - 02038122 _____ C:\Windows\WindowsUpdate.log
2015-09-30 18:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-30 18:59 - 2009-07-14 06:51 - 00027862 _____ C:\Windows\setupact.log
2015-09-24 15:28 - 2015-07-24 00:20 - 00000000 ____D C:\AdwCleaner
2015-09-24 15:25 - 2015-07-18 20:39 - 00150532 _____ C:\Windows\PFRO.log
2015-09-24 14:21 - 2015-07-22 16:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-23 22:35 - 2003-02-02 05:00 - 01308672 _____ C:\Users\sony_\Desktop\zoek.exe
2015-09-23 22:30 - 2015-07-18 18:37 - 00000000 ____D C:\Update
2015-09-23 22:12 - 2015-07-22 16:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-23 22:12 - 2015-07-22 16:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-23 22:12 - 2015-07-22 16:50 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-23 22:12 - 2015-07-22 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-23 22:10 - 2015-07-18 18:36 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2015-09-23 22:10 - 2015-07-18 18:27 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-09-23 22:10 - 2015-07-18 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-20 13:27 - 2009-07-14 19:58 - 00696370 _____ C:\Windows\system32\perfh007.dat
2015-09-20 13:27 - 2009-07-14 19:58 - 00147634 _____ C:\Windows\system32\perfc007.dat
2015-09-20 13:27 - 2009-07-14 07:13 - 01611160 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-20 00:02 - 2015-07-22 16:02 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-19 23:58 - 2015-07-18 18:00 - 00000000 ____D C:\Users\sony_
2015-09-19 23:57 - 2015-07-18 22:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-19 23:57 - 2015-07-18 22:43 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-19 23:57 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2015-09-19 23:57 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-19 23:56 - 2015-07-22 16:34 - 00000000 ____D C:\ProgramData\Atheros
2015-09-19 23:56 - 2015-07-22 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-19 23:56 - 2015-07-22 15:49 - 00000000 ____D C:\ProgramData\Intel
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-19 23:51 - 2015-07-22 16:50 - 00000000 ____D C:\ProgramData\Oracle
2015-09-19 23:18 - 2015-07-18 21:45 - 00000000 ____D C:\Users\sony_\Documents\Bluetooth Folder
2015-09-16 21:39 - 2015-08-30 14:16 - 00000000 ____D C:\Users\sony_\Desktop\BMW E36
2015-09-11 21:31 - 2015-07-18 22:40 - 00000000 ____D C:\Windows\system32\MRT
2015-09-05 14:43 - 2015-08-30 14:14 - 00000000 ____D C:\Users\sony_\Desktop\Mercedes Benz E200
2015-09-05 13:52 - 2015-07-18 17:59 - 01722627 _____ C:\Windows\WindowsUpdate(130).log
2015-09-01 16:39 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-04 16:53
==================== Ende von FRST.txt ============================
|
|
01.10.2015, 16:39
| #4 |
| /// the machine /// TB-Ausbilder | Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.10.2015, 18:27
| #5 |
| | Nach Javaws.exe*32 Virus neue *32 Programme im TaskmanagerCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.01.06
rootkit: v2015.09.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
sony_ :: DANYAL [administrator]
01.10.2015 18:51:56
mbar-log-2015-10-01 (18-51-56).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 357282
Time elapsed: 21 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 19:24:43.0122 0x14f4 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:25:20.0798 0x14f4 ============================================================
19:25:20.0798 0x14f4 Current date / time: 2015/10/01 19:25:20.0798
19:25:20.0798 0x14f4 SystemInfo:
19:25:20.0798 0x14f4
19:25:20.0798 0x14f4 OS Version: 6.1.7601 ServicePack: 1.0
19:25:20.0798 0x14f4 Product type: Workstation
19:25:20.0813 0x14f4 ComputerName: DANYAL
19:25:20.0813 0x14f4 UserName: sony_
19:25:20.0813 0x14f4 Windows directory: C:\Windows
19:25:20.0813 0x14f4 System windows directory: C:\Windows
19:25:20.0813 0x14f4 Running under WOW64
19:25:20.0813 0x14f4 Processor architecture: Intel x64
19:25:20.0813 0x14f4 Number of processors: 4
19:25:20.0813 0x14f4 Page size: 0x1000
19:25:20.0813 0x14f4 Boot type: Normal boot
19:25:20.0813 0x14f4 ============================================================
19:25:21.0032 0x14f4 KLMD registered as C:\Windows\system32\drivers\89396259.sys
19:25:21.0391 0x14f4 System UUID: {BDD8C4D9-4AA0-91FE-904D-9F3F7562345B}
19:25:21.0781 0x14f4 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:25:21.0796 0x14f4 ============================================================
19:25:21.0796 0x14f4 \Device\Harddisk0\DR0:
19:25:21.0796 0x14f4 MBR partitions:
19:25:21.0796 0x14f4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:25:21.0796 0x14f4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
19:25:21.0796 0x14f4 ============================================================
19:25:21.0843 0x14f4 C: <-> \Device\Harddisk0\DR0\Partition2
19:25:21.0843 0x14f4 ============================================================
19:25:21.0843 0x14f4 Initialize success
19:25:21.0843 0x14f4 ============================================================
19:25:45.0462 0x0644 ============================================================
19:25:45.0462 0x0644 Scan started
19:25:45.0462 0x0644 Mode: Manual; SigCheck; TDLFS;
19:25:45.0462 0x0644 ============================================================
19:25:45.0462 0x0644 KSN ping started
19:25:47.0880 0x0644 KSN ping finished: true
19:25:48.0410 0x0644 ================ Scan system memory ========================
19:25:48.0410 0x0644 System memory - ok
19:25:48.0410 0x0644 ================ Scan services =============================
19:25:48.0644 0x0644 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:25:48.0706 0x0644 1394ohci - ok
19:25:48.0862 0x0644 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:25:48.0894 0x0644 ACDaemon - ok
19:25:48.0925 0x0644 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:25:48.0940 0x0644 ACPI - ok
19:25:48.0972 0x0644 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:25:48.0987 0x0644 AcpiPmi - ok
19:25:49.0159 0x0644 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:25:49.0206 0x0644 AdobeFlashPlayerUpdateSvc - ok
19:25:49.0268 0x0644 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:25:49.0284 0x0644 adp94xx - ok
19:25:49.0315 0x0644 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:25:49.0330 0x0644 adpahci - ok
19:25:49.0330 0x0644 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:25:49.0346 0x0644 adpu320 - ok
19:25:49.0393 0x0644 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:25:49.0424 0x0644 AeLookupSvc - ok
19:25:49.0502 0x0644 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
19:25:49.0533 0x0644 AFD - ok
19:25:49.0596 0x0644 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:25:49.0611 0x0644 agp440 - ok
19:25:49.0642 0x0644 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:25:49.0658 0x0644 ALG - ok
19:25:49.0720 0x0644 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:25:49.0752 0x0644 aliide - ok
19:25:49.0767 0x0644 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:25:49.0783 0x0644 amdide - ok
19:25:49.0798 0x0644 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:25:49.0830 0x0644 AmdK8 - ok
19:25:49.0830 0x0644 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:25:49.0845 0x0644 AmdPPM - ok
19:25:49.0892 0x0644 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:25:49.0923 0x0644 amdsata - ok
19:25:49.0954 0x0644 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:25:49.0954 0x0644 amdsbs - ok
19:25:49.0970 0x0644 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:25:49.0986 0x0644 amdxata - ok
19:25:50.0032 0x0644 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38, 916CA4FE1899609AB36E66CB90D69EC487C1913C9C542760564BCFFF1B6E8070 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
19:25:50.0048 0x0644 ApfiltrService - ok
19:25:50.0110 0x0644 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
19:25:50.0142 0x0644 AppID - ok
19:25:50.0173 0x0644 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:25:50.0188 0x0644 AppIDSvc - ok
19:25:50.0220 0x0644 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
19:25:50.0220 0x0644 Appinfo - ok
19:25:50.0282 0x0644 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:25:50.0313 0x0644 arc - ok
19:25:50.0344 0x0644 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:25:50.0360 0x0644 arcsas - ok
19:25:50.0454 0x0644 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:25:50.0485 0x0644 aspnet_state - ok
19:25:50.0547 0x0644 [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
19:25:50.0563 0x0644 aswHwid - ok
19:25:50.0594 0x0644 [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:25:50.0610 0x0644 aswMonFlt - ok
19:25:50.0610 0x0644 [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
19:25:50.0625 0x0644 aswRdr - ok
19:25:50.0641 0x0644 [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:25:50.0656 0x0644 aswRvrt - ok
19:25:50.0719 0x0644 [ E0F47617EB31CD205BF68B55CE88862D, EE3ED93E51E310E1D713F8692CF2A61147C0EFCFA465969C04B85DA2E271F3E6 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:25:50.0750 0x0644 aswSnx - ok
19:25:50.0766 0x0644 [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:25:50.0781 0x0644 aswSP - ok
19:25:50.0844 0x0644 [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm C:\Windows\system32\drivers\aswStm.sys
19:25:50.0875 0x0644 aswStm - ok
19:25:50.0937 0x0644 [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:25:50.0968 0x0644 aswVmm - ok
19:25:51.0000 0x0644 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:25:51.0046 0x0644 AsyncMac - ok
19:25:51.0093 0x0644 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:25:51.0109 0x0644 atapi - ok
19:25:51.0140 0x0644 [ 50F257E19554421B6891E3F998EDCA90, 32D368632B714864D77C700B1115F4404EAA72C5F734BF6A2B96F48C3935A5D9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
19:25:51.0156 0x0644 AthBTPort - ok
19:25:51.0187 0x0644 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
19:25:51.0202 0x0644 ATHDFU - ok
19:25:51.0265 0x0644 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
19:25:51.0296 0x0644 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
19:25:54.0104 0x0644 Detect skipped due to KSN trusted
19:25:54.0104 0x0644 Atheros Bt&Wlan Coex Agent - ok
19:25:54.0166 0x0644 [ EBC3119394C9074A9CD87578A435050D, 4AE141D02DDE33574CC899BBEDCCC311867FB98CEDBB3E556409B018F8F795E5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:25:54.0198 0x0644 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:25:56.0647 0x0644 Detect skipped due to KSN trusted
19:25:56.0647 0x0644 AtherosSvc - ok
19:25:56.0803 0x0644 [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:25:56.0865 0x0644 athr - ok
19:25:56.0959 0x0644 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:25:56.0990 0x0644 AudioEndpointBuilder - ok
19:25:57.0006 0x0644 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:25:57.0037 0x0644 AudioSrv - ok
19:25:57.0115 0x0644 [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:25:57.0130 0x0644 avast! Antivirus - ok
19:25:57.0193 0x0644 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:25:57.0240 0x0644 AxInstSV - ok
19:25:57.0286 0x0644 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:25:57.0302 0x0644 b06bdrv - ok
19:25:57.0349 0x0644 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:25:57.0364 0x0644 b57nd60a - ok
19:25:57.0411 0x0644 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:25:57.0427 0x0644 BDESVC - ok
19:25:57.0427 0x0644 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:25:57.0458 0x0644 Beep - ok
19:25:57.0552 0x0644 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:25:57.0583 0x0644 BFE - ok
19:25:57.0661 0x0644 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:25:57.0708 0x0644 BITS - ok
19:25:57.0754 0x0644 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:25:57.0786 0x0644 blbdrive - ok
19:25:57.0832 0x0644 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:25:57.0864 0x0644 bowser - ok
19:25:57.0910 0x0644 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:25:57.0942 0x0644 BrFiltLo - ok
19:25:57.0942 0x0644 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:25:57.0957 0x0644 BrFiltUp - ok
19:25:58.0020 0x0644 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:25:58.0035 0x0644 Browser - ok
19:25:58.0066 0x0644 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:25:58.0082 0x0644 Brserid - ok
19:25:58.0082 0x0644 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:25:58.0098 0x0644 BrSerWdm - ok
19:25:58.0098 0x0644 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:25:58.0113 0x0644 BrUsbMdm - ok
19:25:58.0113 0x0644 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:25:58.0129 0x0644 BrUsbSer - ok
19:25:58.0191 0x0644 [ B3BCD755FA9A359D10208CC9F09847CC, 8DE11815A2C76051DFF0F68BC8CF38CADD7BCA3A75EED4CC03B38DEB9F658296 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
19:25:58.0222 0x0644 BTATH_A2DP - ok
19:25:58.0238 0x0644 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710, EE6932310F97F9DC07F8EC66B3939BA73FF8B7C7B9D84CE9852C85B770681A60 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
19:25:58.0254 0x0644 btath_avdt - ok
19:25:58.0285 0x0644 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD, A364C50240069D7606119E4FD3BC839F307947F680295C3A68AE1CE42B9A6108 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
19:25:58.0300 0x0644 BTATH_BUS - ok
19:25:58.0332 0x0644 [ A441B800E04CF8443FAF519207563ABB, AAA865453E000B38D4DCCB435731F3843394FFA224F577B88DBBB31256F1BC39 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:25:58.0332 0x0644 BTATH_HCRP - ok
19:25:58.0347 0x0644 [ B16F8429A35BBA2A8EF9DB2E08675B97, B38952519A8AC2E0A211F685CB4AC453AA2885AA0DA39DBF92CE61FE649BC309 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:25:58.0363 0x0644 BTATH_LWFLT - ok
19:25:58.0378 0x0644 [ C24231C6BDFE21735930084A22089AAB, DF5104AC26A8D3E1C204D479F32204FE66B225DBA7EFDAC7149A02D0B5CEB714 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
19:25:58.0394 0x0644 BTATH_RCP - ok
19:25:58.0456 0x0644 [ 3632FA4C6B3CE9EC827690DEAC266D8C, 46D34968DA1BE0D793518506D4FCA094C3F15ACF530DB3660C7CD6ECCBF3C1BD ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
19:25:58.0472 0x0644 BtFilter - ok
19:25:58.0503 0x0644 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:25:58.0519 0x0644 BthEnum - ok
19:25:58.0550 0x0644 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:25:58.0597 0x0644 BTHMODEM - ok
19:25:58.0612 0x0644 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:25:58.0628 0x0644 BthPan - ok
19:25:58.0675 0x0644 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:25:58.0706 0x0644 BTHPORT - ok
19:25:58.0753 0x0644 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:25:58.0815 0x0644 bthserv - ok
19:25:58.0831 0x0644 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:25:58.0831 0x0644 BTHUSB - ok
19:25:58.0846 0x0644 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:25:58.0878 0x0644 cdfs - ok
19:25:58.0940 0x0644 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:25:58.0987 0x0644 cdrom - ok
19:25:59.0034 0x0644 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:25:59.0080 0x0644 CertPropSvc - ok
19:25:59.0112 0x0644 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:25:59.0127 0x0644 circlass - ok
19:25:59.0158 0x0644 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
19:25:59.0174 0x0644 CLFS - ok
19:25:59.0252 0x0644 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:25:59.0283 0x0644 clr_optimization_v2.0.50727_32 - ok
19:25:59.0346 0x0644 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:25:59.0377 0x0644 clr_optimization_v2.0.50727_64 - ok
19:25:59.0470 0x0644 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:25:59.0486 0x0644 clr_optimization_v4.0.30319_32 - ok
19:25:59.0517 0x0644 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:25:59.0548 0x0644 clr_optimization_v4.0.30319_64 - ok
19:25:59.0580 0x0644 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:25:59.0595 0x0644 CmBatt - ok
19:25:59.0642 0x0644 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:25:59.0673 0x0644 cmdide - ok
19:25:59.0751 0x0644 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
19:25:59.0782 0x0644 CNG - ok
19:25:59.0907 0x0644 [ 1F394DF3714ED4280047810790E6DF69, 92AD804E0F0559BF76EA8DAE038B4CDE4EBB4C4BD7A53913B714BF936B03B85E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
19:25:59.0954 0x0644 CnxtHdAudService - ok
19:26:00.0001 0x0644 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:26:00.0032 0x0644 Compbatt - ok
19:26:00.0079 0x0644 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:26:00.0094 0x0644 CompositeBus - ok
19:26:00.0110 0x0644 COMSysApp - ok
19:26:00.0126 0x0644 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:26:00.0141 0x0644 crcdisk - ok
19:26:00.0204 0x0644 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:26:00.0250 0x0644 CryptSvc - ok
19:26:00.0282 0x0644 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:26:00.0328 0x0644 DcomLaunch - ok
19:26:00.0375 0x0644 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:26:00.0422 0x0644 defragsvc - ok
19:26:00.0469 0x0644 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:26:00.0484 0x0644 DfsC - ok
19:26:00.0531 0x0644 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:26:00.0547 0x0644 Dhcp - ok
19:26:00.0672 0x0644 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
19:26:00.0718 0x0644 DiagTrack - ok
19:26:00.0750 0x0644 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:26:00.0781 0x0644 discache - ok
19:26:00.0796 0x0644 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:26:00.0796 0x0644 Disk - ok
19:26:00.0843 0x0644 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:26:00.0859 0x0644 Dnscache - ok
19:26:00.0921 0x0644 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:26:00.0968 0x0644 dot3svc - ok
19:26:01.0015 0x0644 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:26:01.0046 0x0644 DPS - ok
19:26:01.0093 0x0644 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:26:01.0124 0x0644 drmkaud - ok
19:26:01.0218 0x0644 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:26:01.0249 0x0644 DXGKrnl - ok
19:26:01.0311 0x0644 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:26:01.0374 0x0644 EapHost - ok
19:26:01.0483 0x0644 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:26:01.0561 0x0644 ebdrv - ok
19:26:01.0608 0x0644 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
19:26:01.0608 0x0644 EFS - ok
19:26:01.0717 0x0644 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:26:01.0748 0x0644 ehRecvr - ok
19:26:01.0795 0x0644 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:26:01.0810 0x0644 ehSched - ok
19:26:01.0842 0x0644 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:26:01.0857 0x0644 elxstor - ok
19:26:01.0904 0x0644 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:26:01.0935 0x0644 ErrDev - ok
19:26:02.0013 0x0644 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:26:02.0060 0x0644 EventSystem - ok
19:26:02.0091 0x0644 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:26:02.0122 0x0644 exfat - ok
19:26:02.0138 0x0644 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:26:02.0169 0x0644 fastfat - ok
19:26:02.0263 0x0644 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:26:02.0294 0x0644 Fax - ok
19:26:02.0325 0x0644 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:26:02.0341 0x0644 fdc - ok
19:26:02.0372 0x0644 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:26:02.0403 0x0644 fdPHost - ok
19:26:02.0403 0x0644 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:26:02.0434 0x0644 FDResPub - ok
19:26:02.0450 0x0644 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:26:02.0466 0x0644 FileInfo - ok
19:26:02.0466 0x0644 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:26:02.0497 0x0644 Filetrace - ok
19:26:02.0512 0x0644 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:26:02.0528 0x0644 flpydisk - ok
19:26:02.0575 0x0644 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:26:02.0590 0x0644 FltMgr - ok
19:26:02.0653 0x0644 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
19:26:02.0684 0x0644 FontCache - ok
19:26:02.0762 0x0644 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:26:02.0778 0x0644 FontCache3.0.0.0 - ok
19:26:02.0809 0x0644 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:26:02.0824 0x0644 FsDepends - ok
19:26:02.0871 0x0644 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:26:02.0887 0x0644 Fs_Rec - ok
19:26:02.0949 0x0644 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:26:02.0965 0x0644 fvevol - ok
19:26:02.0980 0x0644 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:26:02.0996 0x0644 gagp30kx - ok
19:26:03.0074 0x0644 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:26:03.0121 0x0644 gpsvc - ok
19:26:03.0136 0x0644 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:26:03.0152 0x0644 hcw85cir - ok
19:26:03.0199 0x0644 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:26:03.0214 0x0644 HdAudAddService - ok
19:26:03.0246 0x0644 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:26:03.0261 0x0644 HDAudBus - ok
19:26:03.0277 0x0644 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:26:03.0292 0x0644 HidBatt - ok
19:26:03.0292 0x0644 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:26:03.0308 0x0644 HidBth - ok
19:26:03.0324 0x0644 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:26:03.0339 0x0644 HidIr - ok
19:26:03.0355 0x0644 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:26:03.0386 0x0644 hidserv - ok
19:26:03.0433 0x0644 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:26:03.0464 0x0644 HidUsb - ok
19:26:03.0526 0x0644 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:26:03.0558 0x0644 hkmsvc - ok
19:26:03.0604 0x0644 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:26:03.0636 0x0644 HomeGroupListener - ok
19:26:03.0682 0x0644 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:26:03.0698 0x0644 HomeGroupProvider - ok
19:26:03.0714 0x0644 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:26:03.0729 0x0644 HpSAMD - ok
19:26:03.0792 0x0644 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:26:03.0823 0x0644 HTTP - ok
19:26:03.0870 0x0644 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:26:03.0885 0x0644 hwpolicy - ok
19:26:03.0916 0x0644 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:26:03.0932 0x0644 i8042prt - ok
19:26:03.0979 0x0644 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
19:26:03.0994 0x0644 iaStor - ok
19:26:04.0088 0x0644 [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:26:04.0088 0x0644 IAStorDataMgrSvc - ok
19:26:04.0135 0x0644 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:26:04.0166 0x0644 iaStorV - ok
19:26:04.0306 0x0644 [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
19:26:04.0353 0x0644 IconMan_R - ok
19:26:04.0462 0x0644 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:26:04.0494 0x0644 idsvc - ok
19:26:04.0494 0x0644 IEEtwCollectorService - ok
19:26:04.0868 0x0644 [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:26:05.0118 0x0644 igfx - ok
19:26:05.0164 0x0644 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:26:05.0196 0x0644 iirsp - ok
19:26:05.0274 0x0644 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:26:05.0305 0x0644 IKEEXT - ok
19:26:05.0367 0x0644 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:26:05.0383 0x0644 IntcDAud - ok
19:26:05.0383 0x0644 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:26:05.0398 0x0644 intelide - ok
19:26:05.0445 0x0644 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:26:05.0492 0x0644 intelppm - ok
19:26:05.0539 0x0644 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:26:05.0586 0x0644 IPBusEnum - ok
19:26:05.0617 0x0644 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:05.0648 0x0644 IpFilterDriver - ok
19:26:05.0695 0x0644 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:26:05.0726 0x0644 iphlpsvc - ok
19:26:05.0757 0x0644 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:26:05.0788 0x0644 IPMIDRV - ok
19:26:05.0820 0x0644 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:26:05.0851 0x0644 IPNAT - ok
19:26:05.0882 0x0644 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:26:05.0898 0x0644 IRENUM - ok
19:26:05.0929 0x0644 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:26:05.0929 0x0644 isapnp - ok
19:26:05.0991 0x0644 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:26:06.0022 0x0644 iScsiPrt - ok
19:26:06.0069 0x0644 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:26:06.0100 0x0644 kbdclass - ok
19:26:06.0132 0x0644 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:26:06.0147 0x0644 kbdhid - ok
19:26:06.0178 0x0644 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
19:26:06.0194 0x0644 KeyIso - ok
19:26:06.0225 0x0644 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:26:06.0241 0x0644 KSecDD - ok
19:26:06.0241 0x0644 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:26:06.0256 0x0644 KSecPkg - ok
19:26:06.0272 0x0644 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:26:06.0303 0x0644 ksthunk - ok
19:26:06.0334 0x0644 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:26:06.0366 0x0644 KtmRm - ok
19:26:06.0428 0x0644 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:26:06.0490 0x0644 LanmanServer - ok
19:26:06.0522 0x0644 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:26:06.0584 0x0644 LanmanWorkstation - ok
19:26:06.0631 0x0644 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:26:06.0662 0x0644 lltdio - ok
19:26:06.0678 0x0644 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:26:06.0709 0x0644 lltdsvc - ok
19:26:06.0709 0x0644 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:26:06.0740 0x0644 lmhosts - ok
19:26:06.0787 0x0644 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:26:06.0802 0x0644 LSI_FC - ok
19:26:06.0818 0x0644 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:26:06.0834 0x0644 LSI_SAS - ok
19:26:06.0834 0x0644 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:26:06.0849 0x0644 LSI_SAS2 - ok
19:26:06.0880 0x0644 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:26:06.0880 0x0644 LSI_SCSI - ok
19:26:06.0912 0x0644 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:26:06.0943 0x0644 luafv - ok
19:26:07.0052 0x0644 [ 8A7F33C3B8D9FCAA69803E3DE05BE216, D8504A752D3F74A5BEF7B250AD00B481591DC854C9A019C6A87C606C165B27B6 ] McComponentHostServiceSony C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
19:26:07.0083 0x0644 McComponentHostServiceSony - ok
19:26:07.0130 0x0644 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:26:07.0146 0x0644 Mcx2Svc - ok
19:26:07.0161 0x0644 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:26:07.0177 0x0644 megasas - ok
19:26:07.0192 0x0644 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:26:07.0208 0x0644 MegaSR - ok
19:26:07.0224 0x0644 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:26:07.0239 0x0644 MEIx64 - ok
19:26:07.0255 0x0644 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:26:07.0286 0x0644 MMCSS - ok
19:26:07.0317 0x0644 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:26:07.0333 0x0644 Modem - ok
19:26:07.0348 0x0644 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:26:07.0364 0x0644 monitor - ok
19:26:07.0411 0x0644 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:26:07.0442 0x0644 mouclass - ok
19:26:07.0473 0x0644 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:26:07.0489 0x0644 mouhid - ok
19:26:07.0536 0x0644 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:26:07.0567 0x0644 mountmgr - ok
19:26:07.0660 0x0644 [ 6215DA3AD492CFBEBEE2ADBED0A6CC22, 07B290B58EF722825D50AF97E10B7098A2118B3F335E1FFF8F9E5E9AF7A0A6CE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:26:07.0692 0x0644 MozillaMaintenance - ok
19:26:07.0738 0x0644 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:26:07.0754 0x0644 mpio - ok
19:26:07.0770 0x0644 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:26:07.0801 0x0644 mpsdrv - ok
19:26:07.0863 0x0644 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:26:07.0894 0x0644 MpsSvc - ok
19:26:07.0941 0x0644 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:26:07.0957 0x0644 MRxDAV - ok
19:26:08.0004 0x0644 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:08.0019 0x0644 mrxsmb - ok
19:26:08.0019 0x0644 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:08.0035 0x0644 mrxsmb10 - ok
19:26:08.0050 0x0644 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:08.0066 0x0644 mrxsmb20 - ok
19:26:08.0097 0x0644 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:26:08.0128 0x0644 msahci - ok
19:26:08.0160 0x0644 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:26:08.0175 0x0644 msdsm - ok
19:26:08.0191 0x0644 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:26:08.0206 0x0644 MSDTC - ok
19:26:08.0238 0x0644 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:26:08.0269 0x0644 Msfs - ok
19:26:08.0300 0x0644 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:26:08.0316 0x0644 mshidkmdf - ok
19:26:08.0362 0x0644 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:26:08.0362 0x0644 msisadrv - ok
19:26:08.0394 0x0644 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:26:08.0425 0x0644 MSiSCSI - ok
19:26:08.0425 0x0644 msiserver - ok
19:26:08.0440 0x0644 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:26:08.0472 0x0644 MSKSSRV - ok
19:26:08.0472 0x0644 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:08.0503 0x0644 MSPCLOCK - ok
19:26:08.0503 0x0644 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:26:08.0534 0x0644 MSPQM - ok
19:26:08.0581 0x0644 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:26:08.0596 0x0644 MsRPC - ok
19:26:08.0612 0x0644 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:26:08.0612 0x0644 mssmbios - ok
19:26:08.0628 0x0644 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:26:08.0643 0x0644 MSTEE - ok
19:26:08.0659 0x0644 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:26:08.0659 0x0644 MTConfig - ok
19:26:08.0674 0x0644 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:26:08.0690 0x0644 Mup - ok
19:26:08.0752 0x0644 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:26:08.0799 0x0644 napagent - ok
19:26:08.0846 0x0644 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:26:08.0877 0x0644 NativeWifiP - ok
19:26:08.0971 0x0644 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:26:09.0002 0x0644 NDIS - ok
19:26:09.0002 0x0644 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:09.0033 0x0644 NdisCap - ok
19:26:09.0064 0x0644 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:09.0096 0x0644 NdisTapi - ok
19:26:09.0158 0x0644 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:09.0236 0x0644 Ndisuio - ok
19:26:09.0267 0x0644 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:09.0345 0x0644 NdisWan - ok
19:26:09.0392 0x0644 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:26:09.0454 0x0644 NDProxy - ok
19:26:09.0501 0x0644 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:26:09.0532 0x0644 NetBIOS - ok
19:26:09.0579 0x0644 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:26:09.0642 0x0644 NetBT - ok
19:26:09.0673 0x0644 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
19:26:09.0688 0x0644 Netlogon - ok
19:26:09.0704 0x0644 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:26:09.0735 0x0644 Netman - ok
19:26:09.0798 0x0644 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:09.0829 0x0644 NetMsmqActivator - ok
19:26:09.0829 0x0644 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:09.0844 0x0644 NetPipeActivator - ok
19:26:09.0876 0x0644 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:26:09.0922 0x0644 netprofm - ok
19:26:09.0922 0x0644 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:09.0938 0x0644 NetTcpActivator - ok
19:26:09.0938 0x0644 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:26:09.0954 0x0644 NetTcpPortSharing - ok
19:26:09.0969 0x0644 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:26:09.0969 0x0644 nfrd960 - ok
19:26:10.0016 0x0644 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
19:26:10.0032 0x0644 NlaSvc - ok
19:26:10.0047 0x0644 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:26:10.0078 0x0644 Npfs - ok
19:26:10.0094 0x0644 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:26:10.0125 0x0644 nsi - ok
19:26:10.0141 0x0644 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:26:10.0172 0x0644 nsiproxy - ok
19:26:10.0250 0x0644 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:26:10.0281 0x0644 Ntfs - ok
19:26:10.0297 0x0644 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:26:10.0312 0x0644 Null - ok
19:26:10.0375 0x0644 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:26:10.0390 0x0644 nvraid - ok
19:26:10.0406 0x0644 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:26:10.0422 0x0644 nvstor - ok
19:26:10.0468 0x0644 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:26:10.0500 0x0644 nv_agp - ok
19:26:10.0515 0x0644 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:26:10.0531 0x0644 ohci1394 - ok
19:26:10.0546 0x0644 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:26:10.0562 0x0644 p2pimsvc - ok
19:26:10.0593 0x0644 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:26:10.0609 0x0644 p2psvc - ok
19:26:10.0640 0x0644 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:26:10.0640 0x0644 Parport - ok
19:26:10.0671 0x0644 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:26:10.0702 0x0644 partmgr - ok
19:26:10.0765 0x0644 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:26:10.0812 0x0644 PcaSvc - ok
19:26:10.0827 0x0644 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:26:10.0843 0x0644 pci - ok
19:26:10.0890 0x0644 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:26:10.0890 0x0644 pciide - ok
19:26:10.0905 0x0644 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:26:10.0921 0x0644 pcmcia - ok
19:26:10.0921 0x0644 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:26:10.0936 0x0644 pcw - ok
19:26:11.0014 0x0644 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:26:11.0046 0x0644 PEAUTH - ok
19:26:11.0108 0x0644 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:26:11.0139 0x0644 PerfHost - ok
19:26:11.0264 0x0644 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:26:11.0311 0x0644 pla - ok
19:26:11.0420 0x0644 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:26:11.0451 0x0644 PlugPlay - ok
19:26:11.0467 0x0644 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:26:11.0482 0x0644 PNRPAutoReg - ok
19:26:11.0498 0x0644 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:26:11.0514 0x0644 PNRPsvc - ok
19:26:11.0592 0x0644 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:26:11.0623 0x0644 PolicyAgent - ok
19:26:11.0654 0x0644 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:26:11.0685 0x0644 Power - ok
19:26:11.0732 0x0644 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:26:11.0794 0x0644 PptpMiniport - ok
19:26:11.0810 0x0644 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:26:11.0841 0x0644 Processor - ok
19:26:11.0872 0x0644 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
19:26:11.0919 0x0644 ProfSvc - ok
19:26:11.0935 0x0644 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
19:26:11.0935 0x0644 ProtectedStorage - ok
19:26:11.0997 0x0644 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:26:12.0013 0x0644 Psched - ok
19:26:12.0091 0x0644 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:26:12.0122 0x0644 ql2300 - ok
19:26:12.0138 0x0644 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:26:12.0138 0x0644 ql40xx - ok
19:26:12.0169 0x0644 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:26:12.0184 0x0644 QWAVE - ok
19:26:12.0200 0x0644 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:26:12.0216 0x0644 QWAVEdrv - ok
19:26:12.0231 0x0644 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:26:12.0247 0x0644 RasAcd - ok
19:26:12.0294 0x0644 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:12.0325 0x0644 RasAgileVpn - ok
19:26:12.0340 0x0644 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:26:12.0372 0x0644 RasAuto - ok
19:26:12.0418 0x0644 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:12.0481 0x0644 Rasl2tp - ok
19:26:12.0496 0x0644 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:26:12.0528 0x0644 RasMan - ok
19:26:12.0543 0x0644 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:12.0574 0x0644 RasPppoe - ok
19:26:12.0590 0x0644 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:26:12.0621 0x0644 RasSstp - ok
19:26:12.0668 0x0644 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:26:12.0730 0x0644 rdbss - ok
19:26:12.0730 0x0644 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:26:12.0746 0x0644 rdpbus - ok
19:26:12.0762 0x0644 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:12.0777 0x0644 RDPCDD - ok
19:26:12.0824 0x0644 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:26:12.0871 0x0644 RDPENCDD - ok
19:26:12.0871 0x0644 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:26:12.0902 0x0644 RDPREFMP - ok
19:26:12.0949 0x0644 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:26:12.0964 0x0644 RDPWD - ok
19:26:13.0027 0x0644 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:26:13.0058 0x0644 rdyboost - ok
19:26:13.0089 0x0644 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:26:13.0136 0x0644 RemoteAccess - ok
19:26:13.0152 0x0644 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:26:13.0183 0x0644 RemoteRegistry - ok
19:26:13.0230 0x0644 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:26:13.0261 0x0644 RFCOMM - ok
19:26:13.0261 0x0644 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:26:13.0292 0x0644 RpcEptMapper - ok
19:26:13.0308 0x0644 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:26:13.0323 0x0644 RpcLocator - ok
19:26:13.0370 0x0644 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:26:13.0401 0x0644 RpcSs - ok
19:26:13.0479 0x0644 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
19:26:13.0510 0x0644 RSPCIESTOR - ok
19:26:13.0542 0x0644 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:26:13.0573 0x0644 rspndr - ok
19:26:13.0620 0x0644 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:26:13.0635 0x0644 RTL8167 - ok
19:26:13.0666 0x0644 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
19:26:13.0682 0x0644 SamSs - ok
19:26:13.0729 0x0644 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:26:13.0729 0x0644 sbp2port - ok
19:26:13.0760 0x0644 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:26:13.0791 0x0644 SCardSvr - ok
19:26:13.0822 0x0644 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:26:13.0854 0x0644 scfilter - ok
19:26:13.0947 0x0644 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:26:13.0994 0x0644 Schedule - ok
19:26:14.0025 0x0644 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:26:14.0056 0x0644 SCPolicySvc - ok
19:26:14.0103 0x0644 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:26:14.0134 0x0644 SDRSVC - ok
19:26:14.0181 0x0644 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:26:14.0197 0x0644 secdrv - ok
19:26:14.0197 0x0644 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:26:14.0244 0x0644 seclogon - ok
19:26:14.0322 0x0644 [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
19:26:14.0337 0x0644 semav6thermal64ro - ok
19:26:14.0368 0x0644 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:26:14.0400 0x0644 SENS - ok
19:26:14.0415 0x0644 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:26:14.0431 0x0644 SensrSvc - ok
19:26:14.0462 0x0644 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:26:14.0478 0x0644 Serenum - ok
19:26:14.0509 0x0644 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:26:14.0509 0x0644 Serial - ok
19:26:14.0556 0x0644 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:26:14.0587 0x0644 sermouse - ok
19:26:14.0634 0x0644 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:26:14.0665 0x0644 SessionEnv - ok
19:26:14.0696 0x0644 [ 70F9C476B62DE4F2823E918A6C181ADE, E1A641418A6CB4FA38BB29B86934838B28D8909B8066E5089D85BF72FD61F4C4 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
19:26:14.0712 0x0644 SFEP - ok
19:26:14.0727 0x0644 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:26:14.0743 0x0644 sffdisk - ok
19:26:14.0743 0x0644 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:26:14.0758 0x0644 sffp_mmc - ok
19:26:14.0758 0x0644 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:26:14.0774 0x0644 sffp_sd - ok
19:26:14.0790 0x0644 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:26:14.0805 0x0644 sfloppy - ok
19:26:14.0868 0x0644 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:26:14.0930 0x0644 SharedAccess - ok
19:26:14.0946 0x0644 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:26:14.0977 0x0644 ShellHWDetection - ok
19:26:14.0992 0x0644 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:26:14.0992 0x0644 SiSRaid2 - ok
19:26:15.0024 0x0644 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:26:15.0039 0x0644 SiSRaid4 - ok
19:26:15.0086 0x0644 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:26:15.0102 0x0644 Smb - ok
19:26:15.0148 0x0644 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:26:15.0164 0x0644 SNMPTRAP - ok
19:26:15.0164 0x0644 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:26:15.0180 0x0644 spldr - ok
19:26:15.0242 0x0644 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:26:15.0289 0x0644 Spooler - ok
19:26:15.0445 0x0644 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:26:15.0554 0x0644 sppsvc - ok
19:26:15.0585 0x0644 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:26:15.0616 0x0644 sppuinotify - ok
19:26:15.0648 0x0644 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:26:15.0679 0x0644 srv - ok
19:26:15.0694 0x0644 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:26:15.0710 0x0644 srv2 - ok
19:26:15.0726 0x0644 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:26:15.0726 0x0644 srvnet - ok
19:26:15.0741 0x0644 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:26:15.0772 0x0644 SSDPSRV - ok
19:26:15.0788 0x0644 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:26:15.0819 0x0644 SstpSvc - ok
19:26:15.0835 0x0644 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:26:15.0850 0x0644 stexstor - ok
19:26:15.0944 0x0644 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:26:15.0975 0x0644 stisvc - ok
19:26:16.0006 0x0644 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
19:26:16.0022 0x0644 swenum - ok
19:26:16.0069 0x0644 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:26:16.0116 0x0644 swprv - ok
19:26:16.0240 0x0644 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:26:16.0303 0x0644 SysMain - ok
19:26:16.0365 0x0644 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:26:16.0412 0x0644 TabletInputService - ok
19:26:16.0428 0x0644 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:26:16.0490 0x0644 TapiSrv - ok
19:26:16.0506 0x0644 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:26:16.0568 0x0644 TBS - ok
19:26:16.0693 0x0644 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:26:16.0740 0x0644 Tcpip - ok
19:26:16.0786 0x0644 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:26:16.0833 0x0644 TCPIP6 - ok
19:26:16.0880 0x0644 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:26:16.0880 0x0644 tcpipreg - ok
19:26:16.0927 0x0644 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:26:16.0942 0x0644 TDPIPE - ok
19:26:16.0974 0x0644 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:26:16.0989 0x0644 TDTCP - ok
19:26:17.0036 0x0644 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:26:17.0067 0x0644 tdx - ok
19:26:17.0083 0x0644 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
19:26:17.0083 0x0644 TermDD - ok
19:26:17.0145 0x0644 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
19:26:17.0161 0x0644 TermService - ok
19:26:17.0192 0x0644 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:26:17.0208 0x0644 Themes - ok
19:26:17.0208 0x0644 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:26:17.0239 0x0644 THREADORDER - ok
19:26:17.0254 0x0644 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:26:17.0286 0x0644 TrkWks - ok
19:26:17.0364 0x0644 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:26:17.0410 0x0644 TrustedInstaller - ok
19:26:17.0457 0x0644 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:17.0457 0x0644 tssecsrv - ok
19:26:17.0504 0x0644 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:26:17.0535 0x0644 TsUsbFlt - ok
19:26:17.0598 0x0644 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:26:17.0660 0x0644 tunnel - ok
19:26:17.0676 0x0644 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:26:17.0676 0x0644 uagp35 - ok
19:26:17.0738 0x0644 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:26:17.0769 0x0644 udfs - ok
19:26:17.0816 0x0644 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:26:17.0832 0x0644 UI0Detect - ok
19:26:17.0894 0x0644 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:26:17.0925 0x0644 uliagpkx - ok
19:26:17.0941 0x0644 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
19:26:17.0956 0x0644 umbus - ok
19:26:17.0988 0x0644 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:26:17.0988 0x0644 UmPass - ok
19:26:18.0003 0x0644 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:26:18.0050 0x0644 upnphost - ok
19:26:18.0097 0x0644 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:26:18.0128 0x0644 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
19:26:20.0608 0x0644 Detect skipped due to KSN trusted
19:26:20.0608 0x0644 USBAAPL64 - ok
19:26:20.0608 0x0644 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:26:20.0624 0x0644 usbccgp - ok
19:26:20.0671 0x0644 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:26:20.0686 0x0644 usbcir - ok
19:26:20.0702 0x0644 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:26:20.0702 0x0644 usbehci - ok
19:26:20.0718 0x0644 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:26:20.0733 0x0644 usbhub - ok
19:26:20.0749 0x0644 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:26:20.0749 0x0644 usbohci - ok
19:26:20.0764 0x0644 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:26:20.0780 0x0644 usbprint - ok
19:26:20.0780 0x0644 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:26:20.0796 0x0644 USBSTOR - ok
19:26:20.0796 0x0644 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:26:20.0811 0x0644 usbuhci - ok
19:26:20.0967 0x0644 [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
19:26:20.0998 0x0644 USER_ESRV_SVC - ok
19:26:21.0014 0x0644 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:26:21.0045 0x0644 UxSms - ok
19:26:21.0061 0x0644 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
19:26:21.0076 0x0644 VaultSvc - ok
19:26:21.0092 0x0644 [ 2B76946699F79704F243ACBF08BD3856, A90147C280427AFA61C9C9D93D1761B8BA83BF8A15D71B48047B95756BF3E74D ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
19:26:21.0108 0x0644 VCService - ok
19:26:21.0170 0x0644 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:26:21.0201 0x0644 vdrvroot - ok
19:26:21.0279 0x0644 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:26:21.0326 0x0644 vds - ok
19:26:21.0357 0x0644 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:21.0373 0x0644 vga - ok
19:26:21.0388 0x0644 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:26:21.0420 0x0644 VgaSave - ok
19:26:21.0435 0x0644 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:26:21.0451 0x0644 vhdmp - ok
19:26:21.0482 0x0644 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:26:21.0498 0x0644 viaide - ok
19:26:21.0529 0x0644 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:26:21.0529 0x0644 volmgr - ok
19:26:21.0591 0x0644 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:26:21.0638 0x0644 volmgrx - ok
19:26:21.0685 0x0644 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:26:21.0716 0x0644 volsnap - ok
19:26:21.0732 0x0644 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:26:21.0747 0x0644 vsmraid - ok
19:26:21.0825 0x0644 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:26:21.0888 0x0644 VSS - ok
19:26:22.0122 0x0644 [ 24D6F6D7AE866A6875965EFE9D8EE3F3, 344DFC1BFA1026B2AC3C883F5DAA78EB142299B717035444CE0DD8A548BEF10C ] VUAgent C:\Program Files\Sony\VAIO Update\vuagent.exe
19:26:22.0153 0x0644 VUAgent - ok
19:26:22.0184 0x0644 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:22.0184 0x0644 vwifibus - ok
19:26:22.0231 0x0644 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:22.0246 0x0644 vwififlt - ok
19:26:22.0278 0x0644 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:26:22.0293 0x0644 vwifimp - ok
19:26:22.0324 0x0644 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:26:22.0356 0x0644 W32Time - ok
19:26:22.0387 0x0644 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:26:22.0402 0x0644 WacomPen - ok
19:26:22.0449 0x0644 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:26:22.0512 0x0644 WANARP - ok
19:26:22.0512 0x0644 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:26:22.0543 0x0644 Wanarpv6 - ok
19:26:22.0605 0x0644 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:26:22.0652 0x0644 wbengine - ok
19:26:22.0668 0x0644 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:26:22.0683 0x0644 WbioSrvc - ok
19:26:22.0730 0x0644 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:26:22.0746 0x0644 wcncsvc - ok
19:26:22.0761 0x0644 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:26:22.0777 0x0644 WcsPlugInService - ok
19:26:22.0808 0x0644 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:26:22.0808 0x0644 Wd - ok
19:26:22.0870 0x0644 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:26:22.0902 0x0644 Wdf01000 - ok
19:26:22.0948 0x0644 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:26:22.0948 0x0644 WdiServiceHost - ok
19:26:22.0964 0x0644 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:26:22.0980 0x0644 WdiSystemHost - ok
19:26:23.0042 0x0644 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:26:23.0073 0x0644 WebClient - ok
19:26:23.0104 0x0644 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:26:23.0151 0x0644 Wecsvc - ok
19:26:23.0151 0x0644 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:26:23.0182 0x0644 wercplsupport - ok
19:26:23.0214 0x0644 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:26:23.0245 0x0644 WerSvc - ok
19:26:23.0260 0x0644 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:23.0292 0x0644 WfpLwf - ok
19:26:23.0307 0x0644 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:26:23.0307 0x0644 WIMMount - ok
19:26:23.0338 0x0644 WinDefend - ok
19:26:23.0370 0x0644 WinHttpAutoProxySvc - ok
19:26:23.0432 0x0644 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:26:23.0494 0x0644 Winmgmt - ok
19:26:23.0572 0x0644 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
19:26:23.0619 0x0644 WinRM - ok
19:26:23.0682 0x0644 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:26:23.0713 0x0644 WinUsb - ok
19:26:23.0775 0x0644 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:26:23.0806 0x0644 Wlansvc - ok
19:26:23.0853 0x0644 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:26:23.0884 0x0644 WmiAcpi - ok
19:26:23.0916 0x0644 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:26:23.0947 0x0644 wmiApSrv - ok
19:26:23.0978 0x0644 WMPNetworkSvc - ok
19:26:23.0994 0x0644 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:26:24.0009 0x0644 WPCSvc - ok
19:26:24.0056 0x0644 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:26:24.0072 0x0644 WPDBusEnum - ok
19:26:24.0087 0x0644 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:26:24.0118 0x0644 ws2ifsl - ok
19:26:24.0134 0x0644 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:26:24.0150 0x0644 wscsvc - ok
19:26:24.0150 0x0644 WSearch - ok
19:26:24.0290 0x0644 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
19:26:24.0352 0x0644 wuauserv - ok
19:26:24.0384 0x0644 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:26:24.0415 0x0644 WudfPf - ok
19:26:24.0477 0x0644 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:26:24.0493 0x0644 WUDFRd - ok
19:26:24.0524 0x0644 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:26:24.0540 0x0644 wudfsvc - ok
19:26:24.0586 0x0644 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:26:24.0633 0x0644 WwanSvc - ok
19:26:24.0664 0x0644 ================ Scan global ===============================
19:26:24.0696 0x0644 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:26:24.0727 0x0644 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
19:26:24.0742 0x0644 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
19:26:24.0774 0x0644 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:26:24.0836 0x0644 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:26:24.0852 0x0644 [ Global ] - ok
19:26:24.0852 0x0644 ================ Scan MBR ==================================
19:26:24.0867 0x0644 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:26:25.0117 0x0644 \Device\Harddisk0\DR0 - ok
19:26:25.0117 0x0644 ================ Scan VBR ==================================
19:26:25.0117 0x0644 [ 29063DD5C662E2ED13D9E50E55995720 ] \Device\Harddisk0\DR0\Partition1
19:26:25.0117 0x0644 \Device\Harddisk0\DR0\Partition1 - ok
19:26:25.0132 0x0644 [ 67F0AB30BC10412AAA329E11E9613D90 ] \Device\Harddisk0\DR0\Partition2
19:26:25.0132 0x0644 \Device\Harddisk0\DR0\Partition2 - ok
19:26:25.0132 0x0644 ================ Scan generic autorun ======================
19:26:25.0132 0x0644 Apoint - ok
19:26:25.0179 0x0644 [ F3D6BB4A1438BA85CFA53037BB46A17F, A85052121EC3788849F4C8FEB10DB10FB65C00C0CC841E1B58C56F2F8F413E5B ] C:\Windows\system32\igfxtray.exe
19:26:25.0210 0x0644 IgfxTray - ok
19:26:25.0226 0x0644 [ 6AC7F2CCB2BE55670CD907507D8B9F11, 12E53954A898F5A42ECA6B6476655751D6135D596BBB55BB3FFF8D4D0C64BC14 ] C:\Windows\system32\hkcmd.exe
19:26:25.0242 0x0644 HotKeysCmds - ok
19:26:25.0257 0x0644 [ BDEDDD060A654205F155C94D7DECD936, 96FF8637582F00AC9CCE20126249459081E26E9E99C20EBDE261E045907EBA52 ] C:\Windows\system32\igfxpers.exe
19:26:25.0273 0x0644 Persistence - ok
19:26:25.0382 0x0644 [ B055BE4B6D723FBB68D1FC4611C7D332, 2B32189994CF8AB54C9F8575CED866138C1CC26F2FECE78F3E6B5C63EBF2AB14 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
19:26:25.0398 0x0644 AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
19:26:27.0831 0x0644 Detect skipped due to KSN trusted
19:26:27.0831 0x0644 AtherosBtStack - ok
19:26:27.0909 0x0644 [ 6144904300988F59D6775C0A7D200C16, 223247E5718580482D5E5EBDD74938B32C13D12584BEF9C2E9A4173C52CEC2C1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
19:26:27.0940 0x0644 AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
19:26:30.0358 0x0644 Detect skipped due to KSN trusted
19:26:30.0358 0x0644 AthBtTray - ok
19:26:30.0421 0x0644 [ 7D1B808410A734E427A229B31EAE8891, 36BB31B9119062A53D2AB6CCBFF820D8195776836D84AF7008CE1F18D2519009 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
19:26:30.0452 0x0644 cAudioFilterAgent - ok
19:26:30.0686 0x0644 [ F66203AF9C159E2CBD54DF981654F499, C28A7E3D4BB50F14D40C3AE9D1267D11015381A9615663BAAAB6C0084A72E607 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
19:26:30.0811 0x0644 AvastUI.exe - ok
19:26:30.0936 0x0644 [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
19:26:30.0967 0x0644 IAStorIcon - ok
19:26:31.0076 0x0644 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:26:31.0123 0x0644 Sidebar - ok
19:26:31.0138 0x0644 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:26:31.0154 0x0644 mctadmin - ok
19:26:31.0185 0x0644 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:26:31.0216 0x0644 Sidebar - ok
19:26:31.0216 0x0644 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:26:31.0232 0x0644 mctadmin - ok
19:26:31.0310 0x0644 BingSvc - ok
19:26:31.0310 0x0644 Waiting for KSN requests completion. In queue: 73
19:26:31.0404 0x13f0 Object required for P2P: [ AA3E844A2595B1AA5825C70CA50D963E ] wuauserv
19:26:32.0324 0x0644 Waiting for KSN requests completion. In queue: 15
19:26:33.0338 0x0644 Waiting for KSN requests completion. In queue: 15
19:26:33.0962 0x13f0 Object send P2P result: true
19:26:34.0383 0x0644 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
19:26:34.0383 0x0644 Win FW state via NFP2: enabled ( trusted )
19:26:36.0832 0x0644 ============================================================
19:26:36.0832 0x0644 Scan finished
19:26:36.0832 0x0644 ============================================================
19:26:36.0848 0x03a4 Detected object count: 0
19:26:36.0848 0x03a4 Actual detected object count: 0
|
|
02.10.2015, 16:02
| #6 |
| /// the machine /// TB-Ausbilder | Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager Nein, das waren lediglich Scan nach Rootkits. Da ist Adware drauf. Das mit der 32 ist normal, das bedeutet nur es sind 32Bit Prozesse, da du ja ein 64Bit Windows hast. Scan mit Combofix
__________________ --> Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager |
|
02.10.2015, 19:30
| #7 |
| | Nach Javaws.exe*32 Virus neue *32 Programme im TaskmanagerCode:
ATTFilter ComboFix 15-10-01.01 - sony_ 02.10.2015 20:16:48.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8140.6071 [GMT 2:00]
ausgeführt von:: c:\users\sony_\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-09-02 bis 2015-10-02 ))))))))))))))))))))))))))))))
.
.
2015-10-02 18:19 . 2015-10-02 18:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-02 18:08 . 2015-08-15 19:34 1048344 ----a-w- c:\windows\system32\drivers\aswA90B.tmp
2015-10-02 18:08 . 2015-08-15 19:34 93528 ----a-w- c:\windows\system32\drivers\aswA9B8.tmp
2015-10-02 18:08 . 2015-08-15 19:34 90968 ----a-w- c:\windows\system32\drivers\aswA9D9.tmp
2015-10-02 18:08 . 2015-08-15 19:34 65224 ----a-w- c:\windows\system32\drivers\aswA9DA.tmp
2015-10-02 18:08 . 2015-08-15 19:34 447944 ----a-w- c:\windows\system32\drivers\aswA9EB.tmp
2015-10-02 18:08 . 2015-08-15 19:34 28656 ----a-w- c:\windows\system32\drivers\aswA9C8.tmp
2015-10-02 18:08 . 2015-08-15 19:34 274808 ----a-w- c:\windows\system32\drivers\aswA9FB.tmp
2015-10-02 18:08 . 2015-08-15 19:34 150672 ----a-w- c:\windows\system32\drivers\aswA9FC.tmp
2015-10-02 18:08 . 2015-10-02 18:08 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-10-02 18:08 . 2015-10-02 18:08 43112 ----a-w- c:\windows\avastSS.scr
2015-10-01 16:51 . 2015-10-01 17:23 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-01 16:51 . 2015-10-01 17:19 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-01 16:50 . 2015-10-01 17:19 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-09-30 18:25 . 2015-09-30 18:30 -------- d-----w- C:\FRST
2015-09-24 20:22 . 2015-09-24 20:22 -------- d-----w- c:\users\sony_\AppData\Local\VirtualStore
2015-09-24 13:25 . 2015-09-24 13:00 24064 ----a-w- c:\windows\zoek-delete.exe
2015-09-24 13:25 . 2015-10-02 18:19 -------- d-----w- c:\users\sony_\AppData\Local\Temp
2015-09-20 11:25 . 2015-10-01 16:51 -------- d-----w- c:\programdata\Malwarebytes
2015-09-20 11:23 . 2015-07-15 01:12 12222168 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8C05AB9D-25FD-4090-8503-656F8C089658}\mpengine.dll
2015-09-15 13:13 . 2015-09-24 13:02 -------- d-----w- c:\users\sony_\AppData\Local\CrashDumps
2015-09-15 13:13 . 2015-09-15 13:13 -------- d-----w- c:\programdata\HP
2015-09-15 13:11 . 2015-09-15 13:13 -------- d-----w- c:\program files (x86)\HP
2015-09-15 13:09 . 2015-09-16 19:13 -------- d-----w- c:\users\sony_\AppData\Local\HP
2015-09-11 19:35 . 2015-09-16 19:12 -------- d-----w- c:\windows\system32\GWX
2015-09-05 20:27 . 2015-09-05 20:27 -------- d-----w- c:\users\sony_\.oracle_jre_usage
2015-09-05 11:44 . 2015-09-05 11:44 -------- d-----w- c:\users\sony_\AppData\Local\Apple Computer
2015-09-05 11:44 . 2015-09-05 11:50 -------- d-----w- c:\users\sony_\AppData\Roaming\Apple Computer
2015-09-05 11:44 . 2015-09-17 14:46 -------- d-----w- c:\programdata\Apple Computer
2015-09-05 11:43 . 2015-09-05 11:43 -------- d-----w- c:\users\sony_\AppData\Local\Apple
2015-09-05 11:43 . 2015-09-19 21:56 -------- d-----w- c:\programdata\Apple
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-02 18:08 . 2015-07-22 14:00 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-10-02 18:08 . 2015-07-22 14:00 153744 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-10-02 18:08 . 2015-07-22 14:00 448968 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-10-02 18:08 . 2015-07-22 14:00 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-10-02 18:08 . 2015-07-22 14:00 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-10-02 18:08 . 2015-07-22 14:00 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-10-02 18:08 . 2015-07-22 14:00 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-10-02 18:08 . 2015-07-22 14:00 1049880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-09-23 20:12 . 2015-07-22 14:50 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-23 20:12 . 2015-07-22 14:50 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-01 20:51 . 2015-08-01 20:51 74703 ----a-w- c:\windows\SysWow64\mfc45.dll
2015-08-01 20:51 . 2015-08-01 20:51 13792 ----a-w- c:\windows\system32\drivers\semav6thermal64ro.sys
2015-07-25 18:07 . 2015-07-28 15:02 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-25 18:04 . 2015-07-28 15:02 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-25 18:04 . 2015-07-28 15:02 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-25 18:03 . 2015-07-28 15:02 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-25 18:03 . 2015-07-28 15:02 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-25 18:03 . 2015-07-28 15:02 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-25 18:03 . 2015-07-28 15:02 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-25 17:55 . 2015-07-28 15:02 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-20 00:10 . 2015-07-20 00:10 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-07-20 00:10 . 2015-07-20 00:10 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-07-20 00:10 . 2015-07-20 00:10 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-07-20 00:10 . 2015-07-20 00:10 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-07-20 00:10 . 2015-07-20 00:10 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-07-20 00:10 . 2015-07-20 00:10 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-07-20 00:10 . 2015-07-20 00:10 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-07-20 00:10 . 2015-07-20 00:10 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-07-20 00:10 . 2015-07-20 00:10 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-07-20 00:10 . 2015-07-20 00:10 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-07-20 00:10 . 2015-07-20 00:10 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-07-20 00:10 . 2015-07-20 00:10 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-07-20 00:10 . 2015-07-20 00:10 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-07-20 00:10 . 2015-07-20 00:10 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-07-20 00:10 . 2015-07-20 00:10 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-07-20 00:10 . 2015-07-20 00:10 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-07-20 00:10 . 2015-07-20 00:10 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-07-20 00:10 . 2015-07-20 00:10 247808 ----a-w- c:\windows\system32\msls31.dll
2015-07-20 00:10 . 2015-07-20 00:10 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-07-20 00:10 . 2015-07-20 00:10 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-07-20 00:09 . 2015-07-20 00:09 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-07-20 00:09 . 2015-07-20 00:09 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-07-20 00:09 . 2015-07-20 00:09 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-07-20 00:09 . 2015-07-20 00:09 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-07-20 00:09 . 2015-07-20 00:09 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-07-20 00:09 . 2015-07-20 00:09 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-07-20 00:09 . 2015-07-20 00:09 81408 ----a-w- c:\windows\system32\icardie.dll
2015-07-20 00:09 . 2015-07-20 00:09 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-07-20 00:09 . 2015-07-20 00:09 243200 ----a-w- c:\windows\system32\webcheck.dll
2015-07-20 00:09 . 2015-07-20 00:09 235520 ----a-w- c:\windows\system32\url.dll
2015-07-20 00:09 . 2015-07-20 00:09 101376 ----a-w- c:\windows\system32\inseng.dll
2015-07-20 00:09 . 2015-07-20 00:09 143872 ----a-w- c:\windows\system32\wextract.exe
2015-07-20 00:09 . 2015-07-20 00:09 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-07-20 00:09 . 2015-07-20 00:09 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-07-20 00:09 . 2015-07-20 00:09 147968 ----a-w- c:\windows\system32\occache.dll
2015-07-20 00:09 . 2015-07-20 00:09 13824 ----a-w- c:\windows\system32\mshta.exe
2015-07-20 00:09 . 2015-07-20 00:09 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-07-20 00:09 . 2015-07-20 00:09 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-07-20 00:03 . 2015-07-20 00:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-07-20 00:03 . 2015-07-20 00:03 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2015-07-20 00:03 . 2015-07-20 00:03 363008 ----a-w- c:\windows\system32\dxgi.dll
2015-07-20 00:03 . 2015-07-20 00:03 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2015-07-20 00:03 . 2015-07-20 00:03 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2015-07-20 00:03 . 2015-07-20 00:03 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2015-07-20 00:03 . 2015-07-20 00:03 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-07-20 00:03 . 2015-07-20 00:03 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2015-07-20 00:03 . 2015-07-20 00:03 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2015-07-20 00:03 . 2015-07-20 00:03 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2015-07-20 00:03 . 2015-07-20 00:03 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-07-20 00:03 . 2015-07-20 00:03 296960 ----a-w- c:\windows\system32\d3d10core.dll
2015-07-20 00:03 . 2015-07-20 00:03 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2015-07-20 00:03 . 2015-07-20 00:03 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2015-07-20 00:03 . 2015-07-20 00:03 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-07-20 00:03 . 2015-07-20 00:03 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2015-07-20 00:03 . 2015-07-20 00:03 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2015-07-20 00:03 . 2015-07-20 00:03 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2015-07-20 00:03 . 2015-07-20 00:03 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2015-07-20 00:03 . 2015-07-20 00:03 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2015-07-20 00:03 . 2015-07-20 00:03 1238528 ----a-w- c:\windows\system32\d3d10.dll
2015-07-19 06:19 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-07-19 06:19 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-07-15 03:19 . 2015-07-23 09:32 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-15 03:19 . 2015-07-23 09:32 41984 ----a-w- c:\windows\system32\lpk(153).dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-08-30 6111824]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files\Sony\MSS\3.8.141\McCHSvc.exe;c:\program files\Sony\MSS\3.8.141\McCHSvc.exe [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 SampleCollector;Intel(R) System Behavior Tracker Collector Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - DKCJMFBM
*NewlyCreated* - ILAMTLKH
*NewlyCreated* - MALFKMEL
*NewlyCreated* - TQDLIMKI
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-22 20:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-08-15 19:34 778056 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-23 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-23 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-23 418328]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-22 518784]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\sony_\AppData\Roaming\Mozilla\Firefox\Profiles\31b6azlq.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} - c:\program files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-10-02 20:20:44
ComboFix-quarantined-files.txt 2015-10-02 18:20
ComboFix2.txt 2015-10-02 18:14
.
Vor Suchlauf: 15 Verzeichnis(se), 268.052.881.408 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 267.990.794.240 Bytes frei
.
- - End Of File - - 1CC0A674BF9B1412BFAE38E466CD149A
Mal ne Frage zum Ablesen der Logfiles. Woran merkst du das denn, dass Adware drauf ist. |
|
03.10.2015, 09:55
| #8 |
| | Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager Hallo, ich habe einen ziemlich dummen Fehler gemacht. Habe den Laptop alleine gelassen gehabt während Combofix lief und währenddessen war meine Freundin dranne und hat den Virenscanner nicht angemacht. NUN hat TDSKiller 5 Viren gefunden. Code:
ATTFilter 10:49:07.0068 0x0bf0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:49:09.0189 0x0bf0 ============================================================
10:49:09.0189 0x0bf0 Current date / time: 2015/10/03 10:49:09.0189
10:49:09.0189 0x0bf0 SystemInfo:
10:49:09.0189 0x0bf0
10:49:09.0189 0x0bf0 OS Version: 6.1.7601 ServicePack: 1.0
10:49:09.0189 0x0bf0 Product type: Workstation
10:49:09.0189 0x0bf0 ComputerName: DANYAL
10:49:09.0189 0x0bf0 UserName: sony_
10:49:09.0189 0x0bf0 Windows directory: C:\Windows
10:49:09.0189 0x0bf0 System windows directory: C:\Windows
10:49:09.0189 0x0bf0 Running under WOW64
10:49:09.0189 0x0bf0 Processor architecture: Intel x64
10:49:09.0189 0x0bf0 Number of processors: 4
10:49:09.0189 0x0bf0 Page size: 0x1000
10:49:09.0189 0x0bf0 Boot type: Normal boot
10:49:09.0189 0x0bf0 ============================================================
10:49:09.0283 0x0bf0 KLMD registered as C:\Windows\system32\drivers\70808076.sys
10:49:09.0611 0x0bf0 System UUID: {BDD8C4D9-4AA0-91FE-904D-9F3F7562345B}
10:49:09.0923 0x0bf0 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:49:09.0938 0x0bf0 ============================================================
10:49:09.0938 0x0bf0 \Device\Harddisk0\DR0:
10:49:09.0938 0x0bf0 MBR partitions:
10:49:09.0938 0x0bf0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:49:09.0938 0x0bf0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
10:49:09.0938 0x0bf0 ============================================================
10:49:09.0969 0x0bf0 C: <-> \Device\Harddisk0\DR0\Partition2
10:49:09.0969 0x0bf0 ============================================================
10:49:09.0969 0x0bf0 Initialize success
10:49:09.0969 0x0bf0 ============================================================
10:49:10.0890 0x05c0 ============================================================
10:49:10.0890 0x05c0 Scan started
10:49:10.0890 0x05c0 Mode: Manual;
10:49:10.0890 0x05c0 ============================================================
10:49:10.0890 0x05c0 KSN ping started
10:49:10.0937 0x05c0 KSN ping finished: false
10:49:11.0529 0x05c0 ================ Scan system memory ========================
10:49:11.0529 0x05c0 System memory - ok
10:49:11.0529 0x05c0 ================ Scan services =============================
10:49:11.0748 0x05c0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:49:11.0763 0x05c0 1394ohci - ok
10:49:11.0935 0x05c0 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:49:11.0951 0x05c0 ACDaemon - ok
10:49:11.0951 0x05c0 Scan was interrupted by user!
10:49:11.0951 0x05c0 Waiting for KSN requests completion. In queue: 2
10:49:13.0011 0x05c0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x42000 ( disabled : updated )
10:49:13.0027 0x05c0 Win FW state via NFP2: enabled ( trusted )
10:49:13.0043 0x05c0 ============================================================
10:49:13.0043 0x05c0 Scan finished
10:49:13.0043 0x05c0 ============================================================
10:49:13.0058 0x0578 Detected object count: 0
10:49:13.0058 0x0578 Actual detected object count: 0
10:49:17.0005 0x1180 ============================================================
10:49:17.0005 0x1180 Scan started
10:49:17.0005 0x1180 Mode: Manual; SigCheck; TDLFS;
10:49:17.0005 0x1180 ============================================================
10:49:17.0005 0x1180 KSN ping started
10:49:17.0067 0x1180 KSN ping finished: false
10:49:17.0364 0x1180 ================ Scan system memory ========================
10:49:17.0364 0x1180 System memory - ok
10:49:17.0364 0x1180 ================ Scan services =============================
10:49:17.0520 0x1180 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:49:17.0598 0x1180 1394ohci - ok
10:49:17.0707 0x1180 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:49:17.0738 0x1180 ACDaemon - ok
10:49:17.0801 0x1180 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:49:17.0832 0x1180 ACPI - ok
10:49:17.0863 0x1180 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:49:17.0894 0x1180 AcpiPmi - ok
10:49:18.0066 0x1180 [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:49:18.0097 0x1180 AdobeFlashPlayerUpdateSvc - ok
10:49:18.0159 0x1180 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:49:18.0206 0x1180 adp94xx - ok
10:49:18.0222 0x1180 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:49:18.0237 0x1180 adpahci - ok
10:49:18.0253 0x1180 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:49:18.0253 0x1180 adpu320 - ok
10:49:18.0300 0x1180 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:49:18.0315 0x1180 AeLookupSvc - ok
10:49:18.0409 0x1180 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:49:18.0440 0x1180 AFD - ok
10:49:18.0487 0x1180 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:49:18.0503 0x1180 agp440 - ok
10:49:18.0534 0x1180 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:49:18.0581 0x1180 ALG - ok
10:49:18.0643 0x1180 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:49:18.0643 0x1180 aliide - ok
10:49:18.0659 0x1180 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:49:18.0659 0x1180 amdide - ok
10:49:18.0674 0x1180 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:49:18.0705 0x1180 AmdK8 - ok
10:49:18.0721 0x1180 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:49:18.0737 0x1180 AmdPPM - ok
10:49:18.0783 0x1180 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:49:18.0815 0x1180 amdsata - ok
10:49:18.0830 0x1180 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:49:18.0846 0x1180 amdsbs - ok
10:49:18.0861 0x1180 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:49:18.0861 0x1180 amdxata - ok
10:49:18.0924 0x1180 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38, 916CA4FE1899609AB36E66CB90D69EC487C1913C9C542760564BCFFF1B6E8070 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
10:49:18.0939 0x1180 ApfiltrService - ok
10:49:19.0002 0x1180 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
10:49:19.0049 0x1180 AppID - ok
10:49:19.0080 0x1180 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:49:19.0111 0x1180 AppIDSvc - ok
10:49:19.0142 0x1180 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
10:49:19.0189 0x1180 Appinfo - ok
10:49:19.0251 0x1180 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:49:19.0283 0x1180 arc - ok
10:49:19.0283 0x1180 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:49:19.0298 0x1180 arcsas - ok
10:49:19.0407 0x1180 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:49:19.0423 0x1180 aspnet_state - ok
10:49:19.0485 0x1180 [ 30E7D7B63BE378C6DCD31434E1C5EBEB, 6F38FBD6B45506E57D4EC6C84C83F0829F280167E14B65643F583B41AA23C18B ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
10:49:19.0501 0x1180 aswHwid - ok
10:49:19.0532 0x1180 [ 6C3B7781075271AD9DFBD77BC7FBB9F7, AC53FD0EE1D7695219225440D3922EEF0B953F45F0ED3034CF5F1630A6B40607 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:49:19.0548 0x1180 aswMonFlt - ok
10:49:19.0563 0x1180 [ 3C04B80B49697EB7DFE5FA43620F8728, 4BC11901898348318BA807938BEA888BC54FE80ADA17C209C728F14EA4E91F21 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
10:49:19.0579 0x1180 aswRdr - ok
10:49:19.0626 0x1180 [ AA8CB23B3B4A4B16F49CB54CA04FE0D9, A94D214B43EDAEC52656EA36C2A830E76C40B90E8F4BABEF4F16BA679A429586 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
10:49:19.0641 0x1180 aswRvrt - ok
10:49:19.0751 0x1180 [ E40965585B901AA60AF26279E09959E0, F3EACB4F1E78903D648DE75CC01642BFACA76C0605A6831EC24201292891B5DE ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:49:19.0797 0x1180 aswSnx - ok
10:49:19.0844 0x1180 [ B54E400C1B044D6D7D9EF95BA865741E, C929B53F53EFD15D3EE64FED23686A01F77E8F7BC74623D02D10D4CFEC3D6BF2 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:49:19.0860 0x1180 aswSP - ok
10:49:19.0922 0x1180 [ 0652346DF90731A87E4C7C9A9C45A8E0, 38B8A760B532254A8CB2FD6B922269A1B96BB5E5F243D130B4BBD09ED50DEDB8 ] aswStm C:\Windows\system32\drivers\aswStm.sys
10:49:19.0953 0x1180 aswStm - ok
10:49:19.0985 0x1180 [ 54230972D23E6E4D034D7CB577DC784C, 7F51E81CBAFB143982AF2C68675CF0D46DD17A9A17A8805EBF628FAE84DFF8A9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
10:49:20.0000 0x1180 aswVmm - ok
10:49:20.0031 0x1180 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:49:20.0078 0x1180 AsyncMac - ok
10:49:20.0109 0x1180 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:49:20.0141 0x1180 atapi - ok
10:49:20.0172 0x1180 [ 50F257E19554421B6891E3F998EDCA90, 32D368632B714864D77C700B1115F4404EAA72C5F734BF6A2B96F48C3935A5D9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
10:49:20.0219 0x1180 AthBTPort - ok
10:49:20.0265 0x1180 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
10:49:20.0312 0x1180 ATHDFU - ok
10:49:20.0390 0x1180 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
10:49:20.0406 0x1180 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
10:49:20.0484 0x1180 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
10:49:20.0531 0x1180 [ EBC3119394C9074A9CD87578A435050D, 4AE141D02DDE33574CC899BBEDCCC311867FB98CEDBB3E556409B018F8F795E5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
10:49:20.0546 0x1180 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:49:20.0546 0x1180 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
10:49:20.0546 0x1180 Force sending object to P2P due to detect: AtherosSvc
10:49:20.0546 0x1180 Object send P2P result: false
10:49:20.0702 0x1180 [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:49:20.0765 0x1180 athr - ok
10:49:20.0936 0x1180 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:49:20.0983 0x1180 AudioEndpointBuilder - ok
10:49:20.0999 0x1180 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:49:21.0030 0x1180 AudioSrv - ok
10:49:21.0123 0x1180 [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:49:21.0170 0x1180 avast! Antivirus - ok
10:49:21.0233 0x1180 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:49:21.0279 0x1180 AxInstSV - ok
10:49:21.0326 0x1180 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:49:21.0342 0x1180 b06bdrv - ok
10:49:21.0389 0x1180 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:49:21.0404 0x1180 b57nd60a - ok
10:49:21.0451 0x1180 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:49:21.0467 0x1180 BDESVC - ok
10:49:21.0482 0x1180 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:49:21.0529 0x1180 Beep - ok
10:49:21.0623 0x1180 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:49:21.0669 0x1180 BFE - ok
10:49:21.0888 0x1180 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
10:49:21.0950 0x1180 BITS - ok
10:49:22.0013 0x1180 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:49:22.0122 0x1180 blbdrive - ok
10:49:22.0231 0x1180 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:49:22.0434 0x1180 bowser - ok
10:49:22.0496 0x1180 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:49:22.0527 0x1180 BrFiltLo - ok
10:49:22.0527 0x1180 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:49:22.0559 0x1180 BrFiltUp - ok
10:49:22.0574 0x1180 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:49:22.0621 0x1180 BridgeMP - ok
10:49:22.0683 0x1180 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:49:22.0730 0x1180 Browser - ok
10:49:22.0746 0x1180 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:49:22.0793 0x1180 Brserid - ok
10:49:22.0793 0x1180 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:49:22.0808 0x1180 BrSerWdm - ok
10:49:22.0824 0x1180 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:49:22.0839 0x1180 BrUsbMdm - ok
10:49:22.0839 0x1180 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:49:22.0839 0x1180 BrUsbSer - ok
10:49:22.0902 0x1180 [ B3BCD755FA9A359D10208CC9F09847CC, 8DE11815A2C76051DFF0F68BC8CF38CADD7BCA3A75EED4CC03B38DEB9F658296 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
10:49:22.0933 0x1180 BTATH_A2DP - ok
10:49:22.0949 0x1180 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710, EE6932310F97F9DC07F8EC66B3939BA73FF8B7C7B9D84CE9852C85B770681A60 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
10:49:22.0964 0x1180 btath_avdt - ok
10:49:22.0995 0x1180 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD, A364C50240069D7606119E4FD3BC839F307947F680295C3A68AE1CE42B9A6108 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
10:49:23.0011 0x1180 BTATH_BUS - ok
10:49:23.0042 0x1180 [ A441B800E04CF8443FAF519207563ABB, AAA865453E000B38D4DCCB435731F3843394FFA224F577B88DBBB31256F1BC39 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
10:49:23.0073 0x1180 BTATH_HCRP - ok
10:49:23.0089 0x1180 [ B16F8429A35BBA2A8EF9DB2E08675B97, B38952519A8AC2E0A211F685CB4AC453AA2885AA0DA39DBF92CE61FE649BC309 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:49:23.0089 0x1180 BTATH_LWFLT - ok
10:49:23.0105 0x1180 [ C24231C6BDFE21735930084A22089AAB, DF5104AC26A8D3E1C204D479F32204FE66B225DBA7EFDAC7149A02D0B5CEB714 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
10:49:23.0136 0x1180 BTATH_RCP - ok
10:49:23.0198 0x1180 [ 3632FA4C6B3CE9EC827690DEAC266D8C, 46D34968DA1BE0D793518506D4FCA094C3F15ACF530DB3660C7CD6ECCBF3C1BD ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
10:49:23.0245 0x1180 BtFilter - ok
10:49:23.0292 0x1180 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:49:23.0323 0x1180 BthEnum - ok
10:49:23.0354 0x1180 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:49:23.0401 0x1180 BTHMODEM - ok
10:49:23.0432 0x1180 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:49:23.0463 0x1180 BthPan - ok
10:49:23.0495 0x1180 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:49:23.0541 0x1180 BTHPORT - ok
10:49:23.0588 0x1180 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:49:23.0666 0x1180 bthserv - ok
10:49:23.0682 0x1180 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:49:23.0713 0x1180 BTHUSB - ok
10:49:23.0729 0x1180 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:49:23.0791 0x1180 cdfs - ok
10:49:23.0838 0x1180 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:49:23.0869 0x1180 cdrom - ok
10:49:23.0916 0x1180 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:49:23.0963 0x1180 CertPropSvc - ok
10:49:23.0978 0x1180 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:49:24.0009 0x1180 circlass - ok
10:49:24.0025 0x1180 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:49:24.0041 0x1180 CLFS - ok
10:49:24.0119 0x1180 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:49:24.0150 0x1180 clr_optimization_v2.0.50727_32 - ok
10:49:24.0212 0x1180 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:49:24.0243 0x1180 clr_optimization_v2.0.50727_64 - ok
10:49:24.0353 0x1180 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:49:24.0384 0x1180 clr_optimization_v4.0.30319_32 - ok
10:49:24.0431 0x1180 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:49:24.0446 0x1180 clr_optimization_v4.0.30319_64 - ok
10:49:24.0493 0x1180 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:49:24.0509 0x1180 CmBatt - ok
10:49:24.0555 0x1180 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:49:24.0571 0x1180 cmdide - ok
10:49:24.0649 0x1180 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
10:49:24.0696 0x1180 CNG - ok
10:49:24.0805 0x1180 [ 1F394DF3714ED4280047810790E6DF69, 92AD804E0F0559BF76EA8DAE038B4CDE4EBB4C4BD7A53913B714BF936B03B85E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
10:49:24.0852 0x1180 CnxtHdAudService - ok
10:49:24.0883 0x1180 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:49:24.0899 0x1180 Compbatt - ok
10:49:24.0945 0x1180 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:49:24.0961 0x1180 CompositeBus - ok
10:49:24.0977 0x1180 COMSysApp - ok
10:49:24.0992 0x1180 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:49:24.0992 0x1180 crcdisk - ok
10:49:25.0070 0x1180 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:49:25.0101 0x1180 CryptSvc - ok
10:49:25.0148 0x1180 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:49:25.0226 0x1180 DcomLaunch - ok
10:49:25.0257 0x1180 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:49:25.0273 0x1180 defragsvc - ok
10:49:25.0335 0x1180 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:49:25.0413 0x1180 DfsC - ok
10:49:25.0476 0x1180 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:49:25.0507 0x1180 Dhcp - ok
10:49:25.0616 0x1180 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
10:49:25.0679 0x1180 DiagTrack - ok
10:49:25.0710 0x1180 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:49:25.0788 0x1180 discache - ok
10:49:25.0850 0x1180 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:49:25.0881 0x1180 Disk - ok
10:49:25.0928 0x1180 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:49:25.0959 0x1180 Dnscache - ok
10:49:26.0006 0x1180 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:49:26.0069 0x1180 dot3svc - ok
10:49:26.0115 0x1180 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:49:26.0147 0x1180 DPS - ok
10:49:26.0193 0x1180 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:49:26.0225 0x1180 drmkaud - ok
10:49:26.0303 0x1180 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:49:26.0334 0x1180 DXGKrnl - ok
10:49:26.0365 0x1180 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:49:26.0396 0x1180 EapHost - ok
10:49:26.0490 0x1180 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:49:26.0552 0x1180 ebdrv - ok
10:49:26.0599 0x1180 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
10:49:26.0615 0x1180 EFS - ok
10:49:26.0724 0x1180 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:49:26.0755 0x1180 ehRecvr - ok
10:49:26.0786 0x1180 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:49:26.0817 0x1180 ehSched - ok
10:49:26.0864 0x1180 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:49:26.0880 0x1180 elxstor - ok
10:49:26.0911 0x1180 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:49:26.0927 0x1180 ErrDev - ok
10:49:26.0973 0x1180 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:49:27.0020 0x1180 EventSystem - ok
10:49:27.0036 0x1180 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:49:27.0083 0x1180 exfat - ok
10:49:27.0083 0x1180 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:49:27.0130 0x1180 fastfat - ok
10:49:27.0223 0x1180 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:49:27.0254 0x1180 Fax - ok
10:49:27.0270 0x1180 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:49:27.0286 0x1180 fdc - ok
10:49:27.0317 0x1180 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:49:27.0332 0x1180 fdPHost - ok
10:49:27.0348 0x1180 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:49:27.0379 0x1180 FDResPub - ok
10:49:27.0395 0x1180 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:49:27.0410 0x1180 FileInfo - ok
10:49:27.0410 0x1180 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:49:27.0473 0x1180 Filetrace - ok
10:49:27.0488 0x1180 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:49:27.0504 0x1180 flpydisk - ok
10:49:27.0551 0x1180 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:49:27.0566 0x1180 FltMgr - ok
10:49:27.0660 0x1180 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
10:49:27.0707 0x1180 FontCache - ok
10:49:27.0785 0x1180 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:49:27.0800 0x1180 FontCache3.0.0.0 - ok
10:49:27.0832 0x1180 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:49:27.0847 0x1180 FsDepends - ok
10:49:27.0894 0x1180 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:49:27.0910 0x1180 Fs_Rec - ok
10:49:27.0972 0x1180 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:49:28.0019 0x1180 fvevol - ok
10:49:28.0050 0x1180 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:49:28.0066 0x1180 gagp30kx - ok
10:49:28.0144 0x1180 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:49:28.0206 0x1180 gpsvc - ok
10:49:28.0222 0x1180 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:49:28.0253 0x1180 hcw85cir - ok
10:49:28.0331 0x1180 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:49:28.0393 0x1180 HdAudAddService - ok
10:49:28.0440 0x1180 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:49:28.0487 0x1180 HDAudBus - ok
10:49:28.0518 0x1180 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:49:28.0549 0x1180 HidBatt - ok
10:49:28.0565 0x1180 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:49:28.0596 0x1180 HidBth - ok
10:49:28.0596 0x1180 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:49:28.0612 0x1180 HidIr - ok
10:49:28.0627 0x1180 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
10:49:28.0658 0x1180 hidserv - ok
10:49:28.0690 0x1180 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:49:28.0736 0x1180 HidUsb - ok
10:49:28.0783 0x1180 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:49:28.0830 0x1180 hkmsvc - ok
10:49:28.0877 0x1180 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:49:28.0924 0x1180 HomeGroupListener - ok
10:49:28.0955 0x1180 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:49:28.0986 0x1180 HomeGroupProvider - ok
10:49:29.0048 0x1180 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:49:29.0080 0x1180 HpSAMD - ok
10:49:29.0173 0x1180 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:49:29.0204 0x1180 HTTP - ok
10:49:29.0267 0x1180 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:49:29.0282 0x1180 hwpolicy - ok
10:49:29.0345 0x1180 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:49:29.0376 0x1180 i8042prt - ok
10:49:29.0438 0x1180 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:49:29.0454 0x1180 iaStor - ok
10:49:29.0532 0x1180 [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:49:29.0563 0x1180 IAStorDataMgrSvc - ok
10:49:29.0610 0x1180 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:49:29.0641 0x1180 iaStorV - ok
10:49:29.0797 0x1180 [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:49:29.0844 0x1180 IconMan_R - ok
10:49:29.0938 0x1180 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:49:29.0969 0x1180 idsvc - ok
10:49:29.0969 0x1180 IEEtwCollectorService - ok
10:49:30.0359 0x1180 [ EFE5A0AF39A8E179624117C521F1E012, 185BB1106E42256A6E7C63B09737A7059DD14DEA7C1D85ADF66C50D63CFDA556 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:49:30.0624 0x1180 igfx - ok
10:49:30.0671 0x1180 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:49:30.0671 0x1180 iirsp - ok
10:49:30.0749 0x1180 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:49:30.0796 0x1180 IKEEXT - ok
10:49:30.0858 0x1180 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:49:30.0905 0x1180 IntcDAud - ok
10:49:30.0920 0x1180 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:49:30.0920 0x1180 intelide - ok
10:49:30.0967 0x1180 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:49:30.0998 0x1180 intelppm - ok
10:49:31.0030 0x1180 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:49:31.0092 0x1180 IPBusEnum - ok
10:49:31.0123 0x1180 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:49:31.0186 0x1180 IpFilterDriver - ok
10:49:31.0264 0x1180 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:49:31.0310 0x1180 iphlpsvc - ok
10:49:31.0357 0x1180 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:49:31.0373 0x1180 IPMIDRV - ok
10:49:31.0404 0x1180 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:49:31.0466 0x1180 IPNAT - ok
10:49:31.0482 0x1180 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:49:31.0513 0x1180 IRENUM - ok
10:49:31.0529 0x1180 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:49:31.0529 0x1180 isapnp - ok
10:49:31.0576 0x1180 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:49:31.0591 0x1180 iScsiPrt - ok
10:49:31.0638 0x1180 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:49:31.0638 0x1180 kbdclass - ok
10:49:31.0654 0x1180 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:49:31.0685 0x1180 kbdhid - ok
10:49:31.0685 0x1180 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
10:49:31.0700 0x1180 KeyIso - ok
10:49:31.0732 0x1180 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:49:31.0763 0x1180 KSecDD - ok
10:49:31.0778 0x1180 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:49:31.0794 0x1180 KSecPkg - ok
10:49:31.0810 0x1180 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:49:31.0841 0x1180 ksthunk - ok
10:49:31.0872 0x1180 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:49:31.0919 0x1180 KtmRm - ok
10:49:31.0981 0x1180 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:49:32.0059 0x1180 LanmanServer - ok
10:49:32.0106 0x1180 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:49:32.0153 0x1180 LanmanWorkstation - ok
10:49:32.0184 0x1180 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:49:32.0231 0x1180 lltdio - ok
10:49:32.0246 0x1180 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:49:32.0293 0x1180 lltdsvc - ok
10:49:32.0309 0x1180 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:49:32.0340 0x1180 lmhosts - ok
10:49:32.0371 0x1180 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:49:32.0387 0x1180 LSI_FC - ok
10:49:32.0402 0x1180 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:49:32.0418 0x1180 LSI_SAS - ok
10:49:32.0434 0x1180 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:49:32.0434 0x1180 LSI_SAS2 - ok
10:49:32.0449 0x1180 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:49:32.0449 0x1180 LSI_SCSI - ok
10:49:32.0480 0x1180 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:49:32.0512 0x1180 luafv - ok
10:49:32.0621 0x1180 [ 8A7F33C3B8D9FCAA69803E3DE05BE216, D8504A752D3F74A5BEF7B250AD00B481591DC854C9A019C6A87C606C165B27B6 ] McComponentHostServiceSony C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
10:49:32.0652 0x1180 McComponentHostServiceSony - ok
10:49:32.0683 0x1180 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:49:32.0699 0x1180 Mcx2Svc - ok
10:49:32.0714 0x1180 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:49:32.0714 0x1180 megasas - ok
10:49:32.0730 0x1180 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:49:32.0746 0x1180 MegaSR - ok
10:49:32.0777 0x1180 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:49:32.0777 0x1180 MEIx64 - ok
10:49:32.0808 0x1180 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:49:32.0824 0x1180 MMCSS - ok
10:49:32.0855 0x1180 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:49:32.0886 0x1180 Modem - ok
10:49:32.0902 0x1180 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:49:32.0933 0x1180 monitor - ok
10:49:32.0948 0x1180 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:49:32.0964 0x1180 mouclass - ok
10:49:32.0995 0x1180 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:49:33.0011 0x1180 mouhid - ok
10:49:33.0058 0x1180 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:49:33.0058 0x1180 mountmgr - ok
10:49:33.0136 0x1180 [ 6215DA3AD492CFBEBEE2ADBED0A6CC22, 07B290B58EF722825D50AF97E10B7098A2118B3F335E1FFF8F9E5E9AF7A0A6CE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:49:33.0167 0x1180 MozillaMaintenance - ok
10:49:33.0229 0x1180 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:49:33.0245 0x1180 mpio - ok
10:49:33.0276 0x1180 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:49:33.0307 0x1180 mpsdrv - ok
10:49:33.0385 0x1180 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:49:33.0448 0x1180 MpsSvc - ok
10:49:33.0494 0x1180 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:49:33.0510 0x1180 MRxDAV - ok
10:49:33.0557 0x1180 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:49:33.0572 0x1180 mrxsmb - ok
10:49:33.0572 0x1180 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:49:33.0588 0x1180 mrxsmb10 - ok
10:49:33.0604 0x1180 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:49:33.0604 0x1180 mrxsmb20 - ok
10:49:33.0650 0x1180 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:49:33.0650 0x1180 msahci - ok
10:49:33.0666 0x1180 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:49:33.0682 0x1180 msdsm - ok
10:49:33.0697 0x1180 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:49:33.0728 0x1180 MSDTC - ok
10:49:33.0760 0x1180 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:49:33.0791 0x1180 Msfs - ok
10:49:33.0806 0x1180 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:49:33.0884 0x1180 mshidkmdf - ok
10:49:33.0931 0x1180 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:49:33.0962 0x1180 msisadrv - ok
10:49:33.0978 0x1180 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:49:34.0025 0x1180 MSiSCSI - ok
10:49:34.0040 0x1180 msiserver - ok
10:49:34.0056 0x1180 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:49:34.0087 0x1180 MSKSSRV - ok
10:49:34.0087 0x1180 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:49:34.0118 0x1180 MSPCLOCK - ok
10:49:34.0118 0x1180 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:49:34.0150 0x1180 MSPQM - ok
10:49:34.0212 0x1180 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:49:34.0259 0x1180 MsRPC - ok
10:49:34.0259 0x1180 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:49:34.0274 0x1180 mssmbios - ok
10:49:34.0290 0x1180 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:49:34.0352 0x1180 MSTEE - ok
10:49:34.0368 0x1180 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:49:34.0384 0x1180 MTConfig - ok
10:49:34.0415 0x1180 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:49:34.0415 0x1180 Mup - ok
10:49:34.0493 0x1180 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:49:34.0540 0x1180 napagent - ok
10:49:34.0618 0x1180 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:49:34.0664 0x1180 NativeWifiP - ok
10:49:34.0758 0x1180 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:49:34.0789 0x1180 NDIS - ok
10:49:34.0820 0x1180 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:49:34.0852 0x1180 NdisCap - ok
10:49:34.0883 0x1180 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:49:34.0914 0x1180 NdisTapi - ok
10:49:34.0961 0x1180 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:49:34.0992 0x1180 Ndisuio - ok
10:49:35.0039 0x1180 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:49:35.0117 0x1180 NdisWan - ok
10:49:35.0148 0x1180 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:49:35.0179 0x1180 NDProxy - ok
10:49:35.0210 0x1180 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:49:35.0288 0x1180 NetBIOS - ok
10:49:35.0320 0x1180 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:49:35.0398 0x1180 NetBT - ok
10:49:35.0413 0x1180 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
10:49:35.0413 0x1180 Netlogon - ok
10:49:35.0476 0x1180 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:49:35.0522 0x1180 Netman - ok
10:49:35.0569 0x1180 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:35.0585 0x1180 NetMsmqActivator - ok
10:49:35.0585 0x1180 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:35.0600 0x1180 NetPipeActivator - ok
10:49:35.0632 0x1180 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:49:35.0663 0x1180 netprofm - ok
10:49:35.0663 0x1180 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:35.0678 0x1180 NetTcpActivator - ok
10:49:35.0678 0x1180 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:35.0694 0x1180 NetTcpPortSharing - ok
10:49:35.0725 0x1180 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:49:35.0741 0x1180 nfrd960 - ok
10:49:35.0788 0x1180 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:49:35.0834 0x1180 NlaSvc - ok
10:49:35.0850 0x1180 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:49:35.0897 0x1180 Npfs - ok
10:49:35.0928 0x1180 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:49:35.0959 0x1180 nsi - ok
10:49:35.0990 0x1180 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:49:36.0006 0x1180 nsiproxy - ok
10:49:36.0115 0x1180 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:49:36.0146 0x1180 Ntfs - ok
10:49:36.0178 0x1180 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:49:36.0209 0x1180 Null - ok
10:49:36.0256 0x1180 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:49:36.0287 0x1180 nvraid - ok
10:49:36.0302 0x1180 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:49:36.0302 0x1180 nvstor - ok
10:49:36.0365 0x1180 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:49:36.0396 0x1180 nv_agp - ok
10:49:36.0412 0x1180 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:49:36.0427 0x1180 ohci1394 - ok
10:49:36.0458 0x1180 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:49:36.0490 0x1180 p2pimsvc - ok
10:49:36.0521 0x1180 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:49:36.0552 0x1180 p2psvc - ok
10:49:36.0583 0x1180 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:49:36.0599 0x1180 Parport - ok
10:49:36.0630 0x1180 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:49:36.0646 0x1180 partmgr - ok
10:49:36.0677 0x1180 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:49:36.0692 0x1180 PcaSvc - ok
10:49:36.0708 0x1180 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:49:36.0724 0x1180 pci - ok
10:49:36.0770 0x1180 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:49:36.0770 0x1180 pciide - ok
10:49:36.0786 0x1180 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:49:36.0786 0x1180 pcmcia - ok
10:49:36.0802 0x1180 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:49:36.0817 0x1180 pcw - ok
10:49:36.0895 0x1180 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:49:36.0958 0x1180 PEAUTH - ok
10:49:37.0020 0x1180 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:49:37.0067 0x1180 PerfHost - ok
10:49:37.0176 0x1180 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:49:37.0223 0x1180 pla - ok
10:49:37.0301 0x1180 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:49:37.0348 0x1180 PlugPlay - ok
10:49:37.0363 0x1180 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:49:37.0379 0x1180 PNRPAutoReg - ok
10:49:37.0410 0x1180 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:49:37.0426 0x1180 PNRPsvc - ok
10:49:37.0488 0x1180 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:49:37.0550 0x1180 PolicyAgent - ok
10:49:37.0566 0x1180 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:49:37.0613 0x1180 Power - ok
10:49:37.0660 0x1180 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:49:37.0675 0x1180 PptpMiniport - ok
10:49:37.0706 0x1180 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:49:37.0706 0x1180 Processor - ok
10:49:37.0753 0x1180 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:49:37.0769 0x1180 ProfSvc - ok
10:49:37.0784 0x1180 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
10:49:37.0784 0x1180 ProtectedStorage - ok
10:49:37.0847 0x1180 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:49:37.0878 0x1180 Psched - ok
10:49:37.0940 0x1180 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:49:37.0987 0x1180 ql2300 - ok
10:49:37.0987 0x1180 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:49:38.0003 0x1180 ql40xx - ok
10:49:38.0018 0x1180 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:49:38.0050 0x1180 QWAVE - ok
10:49:38.0065 0x1180 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:49:38.0081 0x1180 QWAVEdrv - ok
10:49:38.0112 0x1180 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:49:38.0143 0x1180 RasAcd - ok
10:49:38.0174 0x1180 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:49:38.0237 0x1180 RasAgileVpn - ok
10:49:38.0252 0x1180 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:49:38.0299 0x1180 RasAuto - ok
10:49:38.0346 0x1180 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:49:38.0393 0x1180 Rasl2tp - ok
10:49:38.0424 0x1180 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:49:38.0455 0x1180 RasMan - ok
10:49:38.0471 0x1180 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:49:38.0502 0x1180 RasPppoe - ok
10:49:38.0518 0x1180 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:49:38.0549 0x1180 RasSstp - ok
10:49:38.0596 0x1180 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:49:38.0642 0x1180 rdbss - ok
10:49:38.0658 0x1180 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:49:38.0674 0x1180 rdpbus - ok
10:49:38.0689 0x1180 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:49:38.0720 0x1180 RDPCDD - ok
10:49:38.0736 0x1180 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:49:38.0752 0x1180 RDPENCDD - ok
10:49:38.0767 0x1180 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:49:38.0783 0x1180 RDPREFMP - ok
10:49:38.0830 0x1180 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:49:38.0845 0x1180 RDPWD - ok
10:49:38.0908 0x1180 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:49:38.0939 0x1180 rdyboost - ok
10:49:38.0970 0x1180 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:49:39.0017 0x1180 RemoteAccess - ok
10:49:39.0048 0x1180 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:49:39.0079 0x1180 RemoteRegistry - ok
10:49:39.0126 0x1180 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:49:39.0142 0x1180 RFCOMM - ok
10:49:39.0157 0x1180 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:49:39.0188 0x1180 RpcEptMapper - ok
10:49:39.0204 0x1180 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:49:39.0220 0x1180 RpcLocator - ok
10:49:39.0282 0x1180 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:49:39.0344 0x1180 RpcSs - ok
10:49:39.0422 0x1180 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
10:49:39.0438 0x1180 RSPCIESTOR - ok
10:49:39.0469 0x1180 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:49:39.0516 0x1180 rspndr - ok
10:49:39.0563 0x1180 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:49:39.0578 0x1180 RTL8167 - ok
10:49:39.0610 0x1180 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
10:49:39.0625 0x1180 SamSs - ok
10:49:39.0672 0x1180 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:49:39.0672 0x1180 sbp2port - ok
10:49:39.0688 0x1180 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:49:39.0734 0x1180 SCardSvr - ok
10:49:39.0766 0x1180 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:49:39.0828 0x1180 scfilter - ok
10:49:39.0922 0x1180 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:49:39.0984 0x1180 Schedule - ok
10:49:40.0015 0x1180 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:49:40.0046 0x1180 SCPolicySvc - ok
10:49:40.0093 0x1180 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:49:40.0124 0x1180 SDRSVC - ok
10:49:40.0140 0x1180 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:49:40.0156 0x1180 secdrv - ok
10:49:40.0187 0x1180 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:49:40.0234 0x1180 seclogon - ok
10:49:40.0312 0x1180 [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
10:49:40.0343 0x1180 semav6thermal64ro - ok
10:49:40.0358 0x1180 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
10:49:40.0390 0x1180 SENS - ok
10:49:40.0405 0x1180 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:49:40.0436 0x1180 SensrSvc - ok
10:49:40.0452 0x1180 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:49:40.0468 0x1180 Serenum - ok
10:49:40.0499 0x1180 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:49:40.0514 0x1180 Serial - ok
10:49:40.0561 0x1180 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:49:40.0592 0x1180 sermouse - ok
10:49:40.0639 0x1180 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:49:40.0670 0x1180 SessionEnv - ok
10:49:40.0717 0x1180 [ 70F9C476B62DE4F2823E918A6C181ADE, E1A641418A6CB4FA38BB29B86934838B28D8909B8066E5089D85BF72FD61F4C4 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
10:49:40.0748 0x1180 SFEP - ok
10:49:40.0764 0x1180 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:49:40.0780 0x1180 sffdisk - ok
10:49:40.0780 0x1180 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:49:40.0795 0x1180 sffp_mmc - ok
10:49:40.0795 0x1180 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:49:40.0811 0x1180 sffp_sd - ok
10:49:40.0826 0x1180 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:49:40.0858 0x1180 sfloppy - ok
10:49:40.0889 0x1180 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:49:40.0920 0x1180 SharedAccess - ok
10:49:40.0967 0x1180 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:49:41.0014 0x1180 ShellHWDetection - ok
10:49:41.0045 0x1180 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:49:41.0060 0x1180 SiSRaid2 - ok
10:49:41.0076 0x1180 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:49:41.0092 0x1180 SiSRaid4 - ok
10:49:41.0107 0x1180 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:49:41.0138 0x1180 Smb - ok
10:49:41.0170 0x1180 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:49:41.0185 0x1180 SNMPTRAP - ok
10:49:41.0201 0x1180 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:49:41.0201 0x1180 spldr - ok
10:49:41.0279 0x1180 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:49:41.0294 0x1180 Spooler - ok
10:49:41.0450 0x1180 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:49:41.0544 0x1180 sppsvc - ok
10:49:41.0591 0x1180 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:49:41.0638 0x1180 sppuinotify - ok
10:49:41.0684 0x1180 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:49:41.0700 0x1180 srv - ok
10:49:41.0716 0x1180 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:49:41.0762 0x1180 srv2 - ok
10:49:41.0794 0x1180 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:49:41.0794 0x1180 srvnet - ok
10:49:41.0840 0x1180 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:49:41.0887 0x1180 SSDPSRV - ok
10:49:41.0887 0x1180 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:49:41.0918 0x1180 SstpSvc - ok
10:49:41.0934 0x1180 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:49:41.0950 0x1180 stexstor - ok
10:49:42.0043 0x1180 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:49:42.0090 0x1180 stisvc - ok
10:49:42.0121 0x1180 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:49:42.0137 0x1180 swenum - ok
10:49:42.0168 0x1180 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:49:42.0215 0x1180 swprv - ok
10:49:42.0324 0x1180 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:49:42.0371 0x1180 SysMain - ok
10:49:42.0418 0x1180 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:49:42.0464 0x1180 TabletInputService - ok
10:49:42.0480 0x1180 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:49:42.0527 0x1180 TapiSrv - ok
10:49:42.0558 0x1180 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:49:42.0589 0x1180 TBS - ok
10:49:42.0714 0x1180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:49:42.0776 0x1180 Tcpip - ok
10:49:42.0823 0x1180 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:49:42.0854 0x1180 TCPIP6 - ok
10:49:42.0901 0x1180 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:49:42.0917 0x1180 tcpipreg - ok
10:49:42.0948 0x1180 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:49:42.0979 0x1180 TDPIPE - ok
10:49:43.0026 0x1180 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:49:43.0042 0x1180 TDTCP - ok
10:49:43.0088 0x1180 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:49:43.0120 0x1180 tdx - ok
10:49:43.0135 0x1180 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:49:43.0151 0x1180 TermDD - ok
10:49:43.0229 0x1180 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:49:43.0291 0x1180 TermService - ok
10:49:43.0322 0x1180 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:49:43.0354 0x1180 Themes - ok
10:49:43.0385 0x1180 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:49:43.0432 0x1180 THREADORDER - ok
10:49:43.0432 0x1180 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:49:43.0478 0x1180 TrkWks - ok
10:49:43.0556 0x1180 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:49:43.0588 0x1180 TrustedInstaller - ok
10:49:43.0650 0x1180 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:49:43.0681 0x1180 tssecsrv - ok
10:49:43.0728 0x1180 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:49:43.0744 0x1180 TsUsbFlt - ok
10:49:43.0806 0x1180 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:49:43.0853 0x1180 tunnel - ok
10:49:43.0931 0x1180 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:49:43.0946 0x1180 uagp35 - ok
10:49:43.0962 0x1180 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:49:44.0009 0x1180 udfs - ok
10:49:44.0040 0x1180 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:49:44.0056 0x1180 UI0Detect - ok
10:49:44.0118 0x1180 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:49:44.0134 0x1180 uliagpkx - ok
10:49:44.0227 0x1180 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:49:44.0258 0x1180 umbus - ok
10:49:44.0290 0x1180 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:49:44.0290 0x1180 UmPass - ok
10:49:44.0305 0x1180 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:49:44.0352 0x1180 upnphost - ok
10:49:44.0430 0x1180 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:49:44.0430 0x1180 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
10:49:44.0430 0x1180 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
10:49:44.0477 0x1180 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:49:44.0492 0x1180 usbaudio - ok
10:49:44.0492 0x1180 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:49:44.0508 0x1180 usbccgp - ok
10:49:44.0555 0x1180 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:49:44.0570 0x1180 usbcir - ok
10:49:44.0586 0x1180 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:49:44.0617 0x1180 usbehci - ok
10:49:44.0633 0x1180 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:49:44.0648 0x1180 usbhub - ok
10:49:44.0695 0x1180 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:49:44.0695 0x1180 usbohci - ok
10:49:44.0695 0x1180 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:49:44.0758 0x1180 usbprint - ok
10:49:44.0804 0x1180 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:49:44.0820 0x1180 USBSTOR - ok
10:49:44.0836 0x1180 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:49:44.0836 0x1180 usbuhci - ok
10:49:44.0945 0x1180 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:49:44.0960 0x1180 usbvideo - ok
10:49:45.0101 0x1180 [ 34349E7B488FA61B639117F6BF1EBF99, A7A7E60511F7D6370473D41867F5323695308CC27D3EEB0286687D3A9E0084E9 ] USER_ESRV_SVC C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
10:49:45.0116 0x1180 USER_ESRV_SVC - ok
10:49:45.0163 0x1180 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:49:45.0210 0x1180 UxSms - ok
10:49:45.0226 0x1180 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
10:49:45.0241 0x1180 VaultSvc - ok
10:49:45.0288 0x1180 [ 2B76946699F79704F243ACBF08BD3856, A90147C280427AFA61C9C9D93D1761B8BA83BF8A15D71B48047B95756BF3E74D ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
10:49:45.0288 0x1180 VCService - ok
10:49:45.0366 0x1180 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:49:45.0413 0x1180 vdrvroot - ok
10:49:45.0460 0x1180 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:49:45.0522 0x1180 vds - ok
10:49:45.0538 0x1180 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:49:45.0553 0x1180 vga - ok
10:49:45.0584 0x1180 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:49:45.0616 0x1180 VgaSave - ok
10:49:45.0647 0x1180 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:49:45.0662 0x1180 vhdmp - ok
10:49:45.0694 0x1180 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:49:45.0709 0x1180 viaide - ok
10:49:45.0787 0x1180 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:49:45.0803 0x1180 volmgr - ok
10:49:45.0896 0x1180 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:49:45.0928 0x1180 volmgrx - ok
10:49:45.0974 0x1180 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:49:45.0990 0x1180 volsnap - ok
10:49:46.0021 0x1180 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:49:46.0037 0x1180 vsmraid - ok
10:49:46.0224 0x1180 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:49:46.0286 0x1180 VSS - ok
10:49:46.0489 0x1180 [ 24D6F6D7AE866A6875965EFE9D8EE3F3, 344DFC1BFA1026B2AC3C883F5DAA78EB142299B717035444CE0DD8A548BEF10C ] VUAgent C:\Program Files\Sony\VAIO Update\vuagent.exe
10:49:46.0536 0x1180 VUAgent - ok
10:49:46.0552 0x1180 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:49:46.0583 0x1180 vwifibus - ok
10:49:46.0614 0x1180 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:49:46.0630 0x1180 vwififlt - ok
10:49:46.0708 0x1180 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:49:46.0708 0x1180 vwifimp - ok
10:49:46.0801 0x1180 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:49:46.0848 0x1180 W32Time - ok
10:49:46.0879 0x1180 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:49:46.0879 0x1180 WacomPen - ok
10:49:46.0942 0x1180 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:49:46.0988 0x1180 WANARP - ok
10:49:47.0004 0x1180 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:49:47.0035 0x1180 Wanarpv6 - ok
10:49:47.0144 0x1180 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:49:47.0207 0x1180 wbengine - ok
10:49:47.0269 0x1180 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:49:47.0300 0x1180 WbioSrvc - ok
10:49:47.0410 0x1180 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:49:47.0456 0x1180 wcncsvc - ok
10:49:47.0472 0x1180 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:49:47.0488 0x1180 WcsPlugInService - ok
10:49:47.0534 0x1180 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:49:47.0534 0x1180 Wd - ok
10:49:47.0612 0x1180 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:49:47.0644 0x1180 Wdf01000 - ok
10:49:47.0690 0x1180 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:49:47.0737 0x1180 WdiServiceHost - ok
10:49:47.0753 0x1180 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:49:47.0784 0x1180 WdiSystemHost - ok
10:49:47.0831 0x1180 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:49:47.0846 0x1180 WebClient - ok
10:49:47.0878 0x1180 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:49:47.0909 0x1180 Wecsvc - ok
10:49:47.0924 0x1180 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:49:47.0940 0x1180 wercplsupport - ok
10:49:47.0971 0x1180 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:49:48.0002 0x1180 WerSvc - ok
10:49:48.0002 0x1180 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:49:48.0034 0x1180 WfpLwf - ok
10:49:48.0049 0x1180 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:49:48.0049 0x1180 WIMMount - ok
10:49:48.0143 0x1180 WinDefend - ok
10:49:48.0174 0x1180 WinHttpAutoProxySvc - ok
10:49:48.0314 0x1180 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:49:48.0392 0x1180 Winmgmt - ok
10:49:48.0470 0x1180 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:49:48.0533 0x1180 WinRM - ok
10:49:48.0580 0x1180 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:49:48.0595 0x1180 WinUsb - ok
10:49:48.0658 0x1180 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:49:48.0704 0x1180 Wlansvc - ok
10:49:48.0751 0x1180 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:49:48.0798 0x1180 WmiAcpi - ok
10:49:48.0829 0x1180 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:49:48.0860 0x1180 wmiApSrv - ok
10:49:48.0892 0x1180 WMPNetworkSvc - ok
10:49:48.0907 0x1180 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:49:48.0923 0x1180 WPCSvc - ok
10:49:48.0970 0x1180 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:49:48.0985 0x1180 WPDBusEnum - ok
10:49:49.0001 0x1180 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:49:49.0032 0x1180 ws2ifsl - ok
10:49:49.0032 0x1180 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
10:49:49.0063 0x1180 wscsvc - ok
10:49:49.0063 0x1180 WSearch - ok
10:49:49.0172 0x1180 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
10:49:49.0250 0x1180 wuauserv - ok
10:49:49.0297 0x1180 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:49:49.0328 0x1180 WudfPf - ok
10:49:49.0391 0x1180 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:49:49.0406 0x1180 WUDFRd - ok
10:49:49.0422 0x1180 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:49:49.0453 0x1180 wudfsvc - ok
10:49:49.0500 0x1180 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:49:49.0531 0x1180 WwanSvc - ok
10:49:49.0562 0x1180 ================ Scan global ===============================
10:49:49.0594 0x1180 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:49:49.0625 0x1180 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:49:49.0656 0x1180 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:49:49.0687 0x1180 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:49:49.0750 0x1180 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:49:49.0765 0x1180 [ Global ] - ok
10:49:49.0765 0x1180 ================ Scan MBR ==================================
10:49:49.0765 0x1180 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:49:50.0015 0x1180 \Device\Harddisk0\DR0 - ok
10:49:50.0015 0x1180 ================ Scan VBR ==================================
10:49:50.0015 0x1180 [ 29063DD5C662E2ED13D9E50E55995720 ] \Device\Harddisk0\DR0\Partition1
10:49:50.0030 0x1180 \Device\Harddisk0\DR0\Partition1 - ok
10:49:50.0030 0x1180 [ 67F0AB30BC10412AAA329E11E9613D90 ] \Device\Harddisk0\DR0\Partition2
10:49:50.0030 0x1180 \Device\Harddisk0\DR0\Partition2 - ok
10:49:50.0030 0x1180 ================ Scan generic autorun ======================
10:49:50.0046 0x1180 Apoint - ok
10:49:50.0093 0x1180 [ F3D6BB4A1438BA85CFA53037BB46A17F, A85052121EC3788849F4C8FEB10DB10FB65C00C0CC841E1B58C56F2F8F413E5B ] C:\Windows\system32\igfxtray.exe
10:49:50.0108 0x1180 IgfxTray - ok
10:49:50.0124 0x1180 [ 6AC7F2CCB2BE55670CD907507D8B9F11, 12E53954A898F5A42ECA6B6476655751D6135D596BBB55BB3FFF8D4D0C64BC14 ] C:\Windows\system32\hkcmd.exe
10:49:50.0140 0x1180 HotKeysCmds - ok
10:49:50.0155 0x1180 [ BDEDDD060A654205F155C94D7DECD936, 96FF8637582F00AC9CCE20126249459081E26E9E99C20EBDE261E045907EBA52 ] C:\Windows\system32\igfxpers.exe
10:49:50.0171 0x1180 Persistence - ok
10:49:50.0264 0x1180 [ B055BE4B6D723FBB68D1FC4611C7D332, 2B32189994CF8AB54C9F8575CED866138C1CC26F2FECE78F3E6B5C63EBF2AB14 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
10:49:50.0311 0x1180 AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
10:49:50.0311 0x1180 AtherosBtStack ( UnsignedFile.Multi.Generic ) - warning
10:49:50.0342 0x1180 [ 6144904300988F59D6775C0A7D200C16, 223247E5718580482D5E5EBDD74938B32C13D12584BEF9C2E9A4173C52CEC2C1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
10:49:50.0358 0x1180 AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
10:49:50.0358 0x1180 AthBtTray ( UnsignedFile.Multi.Generic ) - warning
10:49:50.0358 0x1180 Force sending object to P2P due to detect: C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
10:49:50.0358 0x1180 Object send P2P result: false
10:49:50.0420 0x1180 [ 7D1B808410A734E427A229B31EAE8891, 36BB31B9119062A53D2AB6CCBFF820D8195776836D84AF7008CE1F18D2519009 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
10:49:50.0452 0x1180 cAudioFilterAgent - ok
10:49:50.0701 0x1180 [ F66203AF9C159E2CBD54DF981654F499, C28A7E3D4BB50F14D40C3AE9D1267D11015381A9615663BAAAB6C0084A72E607 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
10:49:50.0826 0x1180 AvastUI.exe - ok
10:49:50.0935 0x1180 [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
10:49:50.0966 0x1180 IAStorIcon - ok
10:49:50.0982 0x1180 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x42000 ( disabled : updated )
10:49:50.0982 0x1180 Win FW state via NFP2: enabled ( trusted )
10:49:50.0982 0x1180 ============================================================
10:49:50.0982 0x1180 Scan finished
10:49:50.0982 0x1180 ============================================================
10:49:50.0982 0x0b18 Detected object count: 5
10:49:50.0982 0x0b18 Actual detected object count: 5
10:51:31.0290 0x0b18 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:31.0290 0x0b18 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:31.0290 0x0b18 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:31.0290 0x0b18 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:31.0306 0x0b18 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:31.0306 0x0b18 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:31.0306 0x0b18 AtherosBtStack ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:31.0306 0x0b18 AtherosBtStack ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:31.0306 0x0b18 AthBtTray ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:31.0306 0x0b18 AthBtTray ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
03.10.2015, 17:55
| #9 |
| /// the machine /// TB-Ausbilder | Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager SInd alles keine Viren, alles gut  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.10.2015, 20:24
| #10 |
| | Nach Javaws.exe*32 Virus neue *32 Programme im TaskmanagerCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 03.10.2015 Suchlaufzeit: 20:39 Protokolldatei: Malware.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.10.03.04 Rootkit-Datenbank: v2015.10.02.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: sony_ Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 370191 Abgelaufene Zeit: 10 Min., 37 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.009 - Bericht erstellt am 03/10/2015 um 21:00:37
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-30.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : sony_ - DANYAL
# Gestartet von : C:\Users\sony_\Desktop\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : Adobe Flash Player Updater
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [840 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 7 Home Premium x64
Ran by sony_ on 03.10.2015 at 21:17:03,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.10.2015 at 21:19:25,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
durchgeführt von sony_ (Administrator) auf DANYAL (03-10-2015 21:19:35)
Gestartet von C:\Users\sony_\Desktop
Geladene Profile: sony_ (Verfügbare Profile: sony_)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-09-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-22] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-15] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{080235DC-3C36-4883-BA13-C5BE4C32572B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8117FB30-D23F-46AB-916A-AAA04E8623E9}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3702522348-1086711315-1832465872-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-15] (AVAST Software)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-15] (AVAST Software)
FireFox:
========
FF ProfilePath: C:\Users\sony_\AppData\Roaming\Mozilla\Firefox\Profiles\31b6azlq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Extension: Adblock Plus - C:\Users\sony_\AppData\Roaming\Mozilla\Firefox\Profiles\31b6azlq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-22]
Chrome:
=======
CHR HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-22]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Datei ist nicht signiert]
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-15] (AVAST Software)
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2015-02-04] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-02] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-02] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-03 21:19 - 2015-10-03 21:19 - 00009666 _____ C:\Users\sony_\Desktop\FRST.txt
2015-10-03 21:19 - 2015-10-03 21:19 - 00000605 _____ C:\Users\sony_\Desktop\JRT.txt
2015-10-03 21:02 - 2015-10-03 21:02 - 00000000 ___RD C:\Users\sony_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-10-03 20:55 - 2015-10-03 20:55 - 01670656 _____ C:\Users\sony_\Desktop\AdwCleaner_5.009.exe
2015-10-03 20:52 - 2015-10-03 20:52 - 00001202 _____ C:\Users\sony_\Desktop\mbam.txt.txt
2015-10-03 20:38 - 2015-10-03 20:38 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-03 20:38 - 2015-10-03 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-03 20:38 - 2015-10-03 20:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-03 20:38 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 20:38 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 20:36 - 2015-10-03 20:36 - 01798976 _____ (Malwarebytes) C:\Users\sony_\Desktop\JRT.exe
2015-10-03 20:34 - 2015-10-03 20:34 - 02193408 _____ (Farbar) C:\Users\sony_\Desktop\FRST64.exe
2015-10-03 20:33 - 2015-10-03 20:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\sony_\Desktop\mbam-setup-2.1.8.1057.exe
2015-10-03 10:42 - 2015-10-03 10:48 - 00000000 ____D C:\ComboFix
2015-10-02 22:27 - 2015-10-02 22:33 - 00000000 ____D C:\Users\sony_\Documents\WebCam Media
2015-10-02 20:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-02 20:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-02 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-02 20:08 - 2015-10-03 10:48 - 00000000 ____D C:\Qoobox
2015-10-02 20:08 - 2015-10-02 20:08 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-02 20:08 - 2015-10-02 20:08 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-02 20:08 - 2015-08-15 21:34 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA90B.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9EB.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9FB.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9FC.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9B8.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9D9.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9DA.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9C8.tmp
2015-10-02 20:07 - 2015-10-02 20:13 - 00000000 ____D C:\Windows\erdnt
2015-10-02 20:06 - 2015-10-02 20:06 - 05636125 ____R (Swearware) C:\Users\sony_\Desktop\ComboFix.exe
2015-10-01 18:51 - 2015-10-03 20:39 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-01 18:51 - 2015-10-02 23:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-01 18:50 - 2015-10-02 23:59 - 00000000 ____D C:\Users\sony_\Desktop\mbar
2015-10-01 18:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-01 18:49 - 2015-10-01 18:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\sony_\Desktop\mbar-1.09.3.1001.exe
2015-10-01 18:49 - 2015-10-01 18:49 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\sony_\Desktop\tdsskiller.exe
2015-09-30 20:27 - 2015-10-01 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-30 20:25 - 2015-10-03 21:19 - 00000000 ____D C:\FRST
2015-09-25 15:44 - 2015-10-02 21:23 - 00000000 ____D C:\Users\sony_\Desktop\Musik
2015-09-24 22:47 - 2015-09-24 22:48 - 00001137 _____ C:\Windows\SysWOW64\mwXface.log
2015-09-24 22:22 - 2015-09-24 22:22 - 00000000 ____D C:\Users\sony_\AppData\Local\VirtualStore
2015-09-24 15:25 - 2015-09-24 15:00 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-09-24 14:26 - 2015-09-24 14:26 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-24 14:26 - 2015-09-24 14:26 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-23 22:10 - 2015-09-23 22:10 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-09-20 13:25 - 2015-10-01 18:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-15 15:20 - 2015-09-15 15:20 - 00000000 ____D C:\Users\sony_\AppData\LocalLow\Temp
2015-09-15 15:13 - 2015-09-24 15:02 - 00000000 ____D C:\Users\sony_\AppData\Local\CrashDumps
2015-09-15 15:13 - 2015-09-15 15:13 - 00000000 ____D C:\ProgramData\HP
2015-09-15 15:11 - 2015-09-15 15:13 - 00000000 ____D C:\Program Files (x86)\HP
2015-09-15 15:09 - 2015-09-16 21:13 - 00000000 ____D C:\Users\sony_\AppData\Local\HP
2015-09-11 21:35 - 2015-09-16 21:12 - 00000000 ____D C:\Windows\system32\GWX
2015-09-08 22:22 - 2015-09-08 23:11 - 00000000 ____D C:\Users\sony_\Desktop\Handy
2015-09-05 22:27 - 2015-09-05 22:27 - 00000000 ____D C:\Users\sony_\AppData\Roaming\Sun
2015-09-05 22:27 - 2015-09-05 22:27 - 00000000 ____D C:\Users\sony_\.oracle_jre_usage
2015-09-05 14:30 - 2015-09-04 19:35 - 01221814 _____ C:\Users\sony_\Desktop\IMG_3533.mp4
2015-09-05 14:28 - 2015-09-08 22:46 - 00000000 ____D C:\Users\sony_\Desktop\Bilder
2015-09-05 13:44 - 2015-09-17 16:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-05 13:44 - 2015-09-05 13:50 - 00000000 ____D C:\Users\sony_\AppData\Roaming\Apple Computer
2015-09-05 13:44 - 2015-09-05 13:44 - 00000000 ____D C:\Users\sony_\AppData\Local\Apple Computer
2015-09-05 13:43 - 2015-09-19 23:56 - 00000000 ____D C:\ProgramData\Apple
2015-09-05 13:43 - 2015-09-05 13:43 - 00000000 ____D C:\Users\sony_\AppData\Local\Apple
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-03 21:17 - 2015-07-18 17:59 - 01145466 _____ C:\Windows\WindowsUpdate.log
2015-10-03 21:17 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-03 21:17 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-03 21:02 - 2015-07-18 20:39 - 00155666 _____ C:\Windows\PFRO.log
2015-10-03 21:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-03 21:02 - 2009-07-14 06:51 - 00028572 _____ C:\Windows\setupact.log
2015-10-03 21:00 - 2015-07-24 00:20 - 00000000 ____D C:\AdwCleaner
2015-10-03 17:18 - 2015-07-22 16:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-03 10:47 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-10-02 22:31 - 2015-07-18 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-02 22:27 - 2015-07-20 15:22 - 00000000 ___HD C:\ProgramData\ArcSoft
2015-10-02 22:27 - 2015-07-20 15:22 - 00000000 ____D C:\Users\sony_\AppData\Roaming\ArcSoft
2015-10-02 20:14 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-10-02 20:08 - 2015-07-22 16:00 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-01 18:31 - 2015-07-22 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-23 22:35 - 2003-02-02 05:00 - 01308672 _____ C:\Users\sony_\Desktop\zoek.exe
2015-09-23 22:12 - 2015-07-22 16:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-23 22:12 - 2015-07-22 16:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-23 22:10 - 2015-07-18 18:36 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2015-09-23 22:10 - 2015-07-18 18:27 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-09-20 13:27 - 2009-07-14 19:58 - 00696370 _____ C:\Windows\system32\perfh007.dat
2015-09-20 13:27 - 2009-07-14 19:58 - 00147634 _____ C:\Windows\system32\perfc007.dat
2015-09-20 13:27 - 2009-07-14 07:13 - 01611160 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-20 00:02 - 2015-07-22 16:02 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-19 23:58 - 2015-07-18 18:00 - 00000000 ____D C:\Users\sony_
2015-09-19 23:57 - 2015-07-18 22:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-19 23:57 - 2015-07-18 22:43 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-19 23:57 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2015-09-19 23:57 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-19 23:56 - 2015-07-22 16:34 - 00000000 ____D C:\ProgramData\Atheros
2015-09-19 23:56 - 2015-07-22 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-19 23:56 - 2015-07-22 15:49 - 00000000 ____D C:\ProgramData\Intel
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-19 23:51 - 2015-07-22 16:50 - 00000000 ____D C:\ProgramData\Oracle
2015-09-19 23:18 - 2015-07-18 21:45 - 00000000 ____D C:\Users\sony_\Documents\Bluetooth Folder
2015-09-16 21:39 - 2015-08-30 14:16 - 00000000 ____D C:\Users\sony_\Desktop\BMW E36
2015-09-11 21:31 - 2015-07-18 22:40 - 00000000 ____D C:\Windows\system32\MRT
2015-09-05 14:43 - 2015-08-30 14:14 - 00000000 ____D C:\Users\sony_\Desktop\Mercedes Benz E200
2015-09-05 13:52 - 2015-07-18 17:59 - 01722627 _____ C:\Windows\WindowsUpdate(130).log
Einige Dateien in TEMP:
====================
C:\Users\sony_\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-04 16:53
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:03-10-2015
durchgeführt von sony_ (2015-10-03 21:20:06)
Gestartet von C:\Users\sony_\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-07-18 16:00:31)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3702522348-1086711315-1832465872-500 - Administrator - Disabled)
Gast (S-1-5-21-3702522348-1086711315-1832465872-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3702522348-1086711315-1832465872-1002 - Limited - Enabled)
sony_ (S-1-5-21-3702522348-1086711315-1832465872-1000 - Administrator - Enabled) => C:\Users\sony_
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 41.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 de)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
VAIO Care (HKLM\...\{934ACD4F-3E96-4B2A-96A8-158A5E057288}) (Version: 8.4.3.07161 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
17-09-2015 16:54:02 avast! antivirus system restore point
19-09-2015 23:47:19 Wiederherstellungsvorgang
19-09-2015 23:59:13 avast! antivirus system restore point
23-09-2015 22:10:02 Entfernt VAIO Update
23-09-2015 22:10:36 Installiert VAIO Update
23-09-2015 22:12:25 Removed Java 8 Update 51
23-09-2015 22:37:43 zoek.exe restore point
23-09-2015 23:18:37 Removed Apple Application Support (64-Bit)
23-09-2015 23:20:53 Removed Apple Software Update
23-09-2015 23:21:55 Removed Bonjour
23-09-2015 23:22:19 Removed Apple Application Support (64-Bit)
02-10-2015 20:07:21 avast! antivirus system restore point
02-10-2015 22:30:59 Installiert WebCam Companion
03-10-2015 21:05:42 JRT Pre-Junkware Removal
03-10-2015 21:09:30 JRT Pre-Junkware Removal
03-10-2015 21:17:03 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {110DBA63-29E3-410C-A6CA-55F2CF73395D} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {147B96BD-86CF-4FA0-BED7-19083630AD34} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {19BAC51A-63CD-400E-BE38-7B179E1B5C8A} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {19C66770-2B3D-4BF1-949E-97B1FE477721} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {23538302-7D82-4161-8723-33F9D7D850E2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-02] (AVAST Software)
Task: {2EF9E6E9-E55F-4245-A4CD-1BBC9407EA7D} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2015-02-04] (Sony Corporation)
Task: {343BF8CB-EFEC-40EB-B5AC-D0851A8218B8} - System32\Tasks\{51B5A9C7-E38E-438A-885D-8AB6FF36DD5A} => pcalua.exe -a C:\Users\sony_\AppData\Local\Temp\Temp1_INAOTH-00246595-0042.zip\INAOTH-00246595-0042.EXE
Task: {53724F31-4835-4391-895E-CB2EBC0C7753} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {5CBBDEE1-7071-4C78-9D43-668A67F37BCF} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {61088920-1063-4180-94EC-5EE65E7EDC32} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {6C0859EC-04D7-4E3E-B635-110B04309DD8} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {6DF9B524-A118-4296-8C81-90DC332DE7EA} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {7705CA69-B3C6-4301-A68F-170179FC6F28} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2015-07-13] (Sony Corporation)
Task: {78FC4E19-F5C4-40CB-B6E6-67DA25E14794} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {7E550FE2-C133-410E-B742-A44A191B4C5F} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {A5EAFB32-9853-4D2C-851C-F519DCA437AB} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {B407BE6C-AAF8-4E57-94EF-D2BDA56F5FE9} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {B55BD769-FD6D-4061-858A-66C86F68B0C9} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {BD4F70B9-1B26-471A-AFF9-6880F7B9F7D3} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2015-07-13] (Sony Corporation)
Task: {C36F09CF-13CC-49EF-8232-7BC5A9B3C8F5} - System32\Tasks\{A2369A87-3B35-40D1-A888-C039116DD9E5} => pcalua.exe -a C:\Users\sony_\AppData\Local\Temp\Temp1_SODFEP-00224384-0042.zip\SODFEP-00224384-0042.EXE
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-15 21:34 - 2015-08-15 21:34 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-15 21:34 - 2015-08-15 21:34 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-10-03 17:18 - 2015-10-03 17:18 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100300\algo.dll
2015-10-03 21:03 - 2015-10-03 21:03 - 02966528 _____ () C:\Program Files\AVAST Software\Avast\defs\15100301\algo.dll
2015-07-22 16:00 - 2015-07-22 16:00 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-22 16:32 - 2015-07-22 16:32 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2015-07-22 16:29 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\sony_\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7D29CA0F-7312-4E3E-9A67-FB45E23EDC4B}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{63334D99-7DD7-4699-93B5-6C2B435ADA13}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{5A4F11E0-3242-4D31-9005-A8F66FDAD6D1}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{8EDBB27F-F9BC-4CEC-BD47-65BDFC48D291}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{4E1D08F3-3E41-4B9D-91B8-67AEA29F29D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4001CD5D-1B21-473A-826F-7A08EEE7B02D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/03/2015 09:16:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 3.10.2015.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 80
Startzeit: 01d0fe0fdfa22087
Endzeit: 16
Anwendungspfad: C:\Users\sony_\Desktop\FRST64.exe
Berichts-ID:
Error: (09/25/2015 03:28:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/24/2015 11:12:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/24/2015 03:02:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DaS_21.exe, Version: 2.1.0.4, Zeitstempel: 0x540c90b2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366fd
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0xb34
Startzeit der fehlerhaften Anwendung: 0xDaS_21.exe0
Pfad der fehlerhaften Anwendung: DaS_21.exe1
Pfad des fehlerhaften Moduls: DaS_21.exe2
Berichtskennung: DaS_21.exe3
Error: (09/24/2015 03:02:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DaS_21.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.String.InternalSubStringWithChecks(Int32, Int32, Boolean)
bei DriverAndServicesOut.GetProcess.GetPathName(System.String)
bei DriverAndServicesOut.GetProcess.GetAllServices(System.String)
bei DriverAndServicesOut.Program.Main(System.String[])
Error: (09/24/2015 02:32:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DaS_21.exe, Version: 2.1.0.4, Zeitstempel: 0x540c90b2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366fd
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0x13f0
Startzeit der fehlerhaften Anwendung: 0xDaS_21.exe0
Pfad der fehlerhaften Anwendung: DaS_21.exe1
Pfad des fehlerhaften Moduls: DaS_21.exe2
Berichtskennung: DaS_21.exe3
Error: (09/24/2015 02:32:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DaS_21.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.String.InternalSubStringWithChecks(Int32, Int32, Boolean)
bei DriverAndServicesOut.GetProcess.GetPathName(System.String)
bei DriverAndServicesOut.GetProcess.GetAllServices(System.String)
bei DriverAndServicesOut.Program.Main(System.String[])
Error: (09/23/2015 10:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DaS_21.exe, Version: 2.1.0.4, Zeitstempel: 0x540c90b2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18869, Zeitstempel: 0x556366fd
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000b3dd
ID des fehlerhaften Prozesses: 0x708
Startzeit der fehlerhaften Anwendung: 0xDaS_21.exe0
Pfad der fehlerhaften Anwendung: DaS_21.exe1
Pfad des fehlerhaften Moduls: DaS_21.exe2
Berichtskennung: DaS_21.exe3
Error: (09/23/2015 10:38:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: DaS_21.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ArgumentOutOfRangeException
Stapel:
bei System.String.InternalSubStringWithChecks(Int32, Int32, Boolean)
bei DriverAndServicesOut.GetProcess.GetPathName(System.String)
bei DriverAndServicesOut.GetProcess.GetAllServices(System.String)
bei DriverAndServicesOut.Program.Main(System.String[])
Error: (09/23/2015 10:35:17 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Systemfehler:
=============
Error: (10/03/2015 09:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (10/03/2015 09:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (10/03/2015 09:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (10/03/2015 09:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (10/03/2015 09:10:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/03/2015 09:10:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Erkennung interaktiver Dienste" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/03/2015 09:10:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/03/2015 09:10:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VUAgent" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (10/03/2015 09:10:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/03/2015 09:10:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8139.86 MB
Verfügbarer physikalischer RAM: 6257.66 MB
Summe virtueller Speicher: 16277.93 MB
Verfügbarer virtueller Speicher: 14098.34 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:250.72 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2FB00DA5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
04.10.2015, 07:32
| #11 |
| /// the machine /// TB-Ausbilder | Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager Da ist nix großartiges auf dem Rechner. Machen wir noch einen Onlinescan. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.10.2015, 22:12
| #12 |
| | Nach Javaws.exe*32 Virus neue *32 Programme im TaskmanagerCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=702a07fcc0d808439033d0f859f010e9
# end=init
# utc_time=2015-10-04 08:09:33
# local_time=2015-10-04 10:09:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26075
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=702a07fcc0d808439033d0f859f010e9
# end=updated
# utc_time=2015-10-04 08:29:55
# local_time=2015-10-04 10:29:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=702a07fcc0d808439033d0f859f010e9
# engine=26075
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-04 09:03:20
# local_time=2015-10-04 11:03:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 88 183305 6418962 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 1244364 195622450 0 0
# scanned=145918
# found=0
# cleaned=0
# scan_time=2005
Code:
ATTFilter Results of screen317's Security Check version 1.008
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 19.0.0.185
Mozilla Firefox (41.0.1)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von sony_ (Administrator) auf DANYAL (04-10-2015 23:11:21)
Gestartet von C:\Users\sony_\Desktop
Geladene Profile: sony_ (Verfügbare Profile: sony_)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-09-15] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-22] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-15] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{080235DC-3C36-4883-BA13-C5BE4C32572B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{8117FB30-D23F-46AB-916A-AAA04E8623E9}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3702522348-1086711315-1832465872-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-15] (AVAST Software)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-15] (AVAST Software)
FireFox:
========
FF ProfilePath: C:\Users\sony_\AppData\Roaming\Mozilla\Firefox\Profiles\31b6azlq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-23] ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Extension: Adblock Plus - C:\Users\sony_\AppData\Roaming\Mozilla\Firefox\Profiles\31b6azlq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-22]
Chrome:
=======
CHR HKU\S-1-5-21-3702522348-1086711315-1832465872-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-22]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-15] (AVAST Software)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2015-02-04] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2015-02-04] (Intel Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-02] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-08-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-04 23:11 - 2015-10-04 23:11 - 00000000 ____D C:\Users\sony_\Desktop\FRST-OlderVersion
2015-10-04 22:02 - 2015-10-04 22:02 - 02870984 _____ (ESET) C:\Users\sony_\Desktop\esetsmartinstaller_deu.exe
2015-10-04 22:02 - 2015-10-04 22:02 - 00852704 _____ C:\Users\sony_\Desktop\SecurityCheck.exe
2015-10-04 20:17 - 2015-10-04 20:22 - 10126572 _____ C:\Users\sony_\Desktop\bilder.zip
2015-10-04 19:06 - 2015-10-04 19:06 - 00000000 ___RD C:\Users\sony_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-10-03 22:20 - 2015-10-03 22:20 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
2015-10-03 22:19 - 2015-10-03 22:20 - 00000000 ____D C:\Program Files (x86)\Sony
2015-10-03 21:26 - 2015-10-03 21:26 - 00000000 ____D C:\Users\sony_\Desktop\zu verkaufen
2015-10-03 21:20 - 2015-10-03 21:20 - 00024144 _____ C:\Users\sony_\Desktop\Addition.txt
2015-10-03 21:19 - 2015-10-04 23:11 - 00011546 _____ C:\Users\sony_\Desktop\FRST.txt
2015-10-03 21:19 - 2015-10-03 21:19 - 00000605 _____ C:\Users\sony_\Desktop\JRT.txt
2015-10-03 20:55 - 2015-10-03 20:55 - 01670656 _____ C:\Users\sony_\Desktop\AdwCleaner_5.009.exe
2015-10-03 20:52 - 2015-10-03 20:52 - 00001202 _____ C:\Users\sony_\Desktop\mbam.txt.txt
2015-10-03 20:38 - 2015-10-03 20:38 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-03 20:38 - 2015-10-03 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-10-03 20:38 - 2015-10-03 20:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-10-03 20:38 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-10-03 20:38 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-10-03 20:36 - 2015-10-03 20:36 - 01798976 _____ (Malwarebytes) C:\Users\sony_\Desktop\JRT.exe
2015-10-03 20:34 - 2015-10-04 23:11 - 02193920 _____ (Farbar) C:\Users\sony_\Desktop\FRST64.exe
2015-10-03 20:33 - 2015-10-03 20:34 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\sony_\Desktop\mbam-setup-2.1.8.1057.exe
2015-10-03 10:42 - 2015-10-03 10:48 - 00000000 ____D C:\ComboFix
2015-10-02 22:27 - 2015-10-02 22:33 - 00000000 ____D C:\Users\sony_\Documents\WebCam Media
2015-10-02 20:09 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-10-02 20:09 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-10-02 20:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-10-02 20:09 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-10-02 20:08 - 2015-10-03 10:48 - 00000000 ____D C:\Qoobox
2015-10-02 20:08 - 2015-10-02 20:08 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-02 20:08 - 2015-10-02 20:08 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-02 20:08 - 2015-08-15 21:34 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA90B.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9EB.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9FB.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9FC.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9B8.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9D9.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9DA.tmp
2015-10-02 20:08 - 2015-08-15 21:34 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA9C8.tmp
2015-10-02 20:07 - 2015-10-02 20:13 - 00000000 ____D C:\Windows\erdnt
2015-10-02 20:06 - 2015-10-02 20:06 - 05636125 ____R (Swearware) C:\Users\sony_\Desktop\ComboFix.exe
2015-10-01 18:51 - 2015-10-03 22:57 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-01 18:51 - 2015-10-02 23:59 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-01 18:50 - 2015-10-02 23:59 - 00000000 ____D C:\Users\sony_\Desktop\mbar
2015-10-01 18:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-10-01 18:49 - 2015-10-01 18:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\sony_\Desktop\mbar-1.09.3.1001.exe
2015-10-01 18:49 - 2015-10-01 18:49 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\sony_\Desktop\tdsskiller.exe
2015-09-30 20:27 - 2015-10-01 18:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-30 20:25 - 2015-10-04 23:11 - 00000000 ____D C:\FRST
2015-09-25 15:44 - 2015-10-02 21:23 - 00000000 ____D C:\Users\sony_\Desktop\Musik
2015-09-24 22:47 - 2015-09-24 22:48 - 00001137 _____ C:\Windows\SysWOW64\mwXface.log
2015-09-24 22:22 - 2015-09-24 22:22 - 00000000 ____D C:\Users\sony_\AppData\Local\VirtualStore
2015-09-24 15:25 - 2015-09-24 15:00 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-09-24 14:26 - 2015-09-24 14:26 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-24 14:26 - 2015-09-24 14:26 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-23 22:10 - 2015-09-23 22:10 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-09-20 13:25 - 2015-10-01 18:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-15 15:20 - 2015-09-15 15:20 - 00000000 ____D C:\Users\sony_\AppData\LocalLow\Temp
2015-09-15 15:13 - 2015-09-24 15:02 - 00000000 ____D C:\Users\sony_\AppData\Local\CrashDumps
2015-09-15 15:13 - 2015-09-15 15:13 - 00000000 ____D C:\ProgramData\HP
2015-09-15 15:11 - 2015-09-15 15:13 - 00000000 ____D C:\Program Files (x86)\HP
2015-09-15 15:09 - 2015-09-16 21:13 - 00000000 ____D C:\Users\sony_\AppData\Local\HP
2015-09-11 21:35 - 2015-09-16 21:12 - 00000000 ____D C:\Windows\system32\GWX
2015-09-08 22:22 - 2015-09-08 23:11 - 00000000 ____D C:\Users\sony_\Desktop\Handy
2015-09-05 22:27 - 2015-09-05 22:27 - 00000000 ____D C:\Users\sony_\AppData\Roaming\Sun
2015-09-05 22:27 - 2015-09-05 22:27 - 00000000 ____D C:\Users\sony_\.oracle_jre_usage
2015-09-05 14:30 - 2015-09-04 19:35 - 01221814 _____ C:\Users\sony_\Desktop\IMG_3533.mp4
2015-09-05 14:28 - 2015-09-08 22:46 - 00000000 ____D C:\Users\sony_\Desktop\Bilder
2015-09-05 13:44 - 2015-09-17 16:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-05 13:44 - 2015-09-05 13:50 - 00000000 ____D C:\Users\sony_\AppData\Roaming\Apple Computer
2015-09-05 13:44 - 2015-09-05 13:44 - 00000000 ____D C:\Users\sony_\AppData\Local\Apple Computer
2015-09-05 13:43 - 2015-09-19 23:56 - 00000000 ____D C:\ProgramData\Apple
2015-09-05 13:43 - 2015-09-05 13:43 - 00000000 ____D C:\Users\sony_\AppData\Local\Apple
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-04 19:59 - 2015-07-18 17:59 - 01182461 _____ C:\Windows\WindowsUpdate.log
2015-10-04 19:14 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-04 19:14 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-04 19:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-04 19:05 - 2009-07-14 06:51 - 00028740 _____ C:\Windows\setupact.log
2015-10-03 22:20 - 2015-07-18 18:27 - 00000000 ____D C:\ProgramData\Sony Corporation
2015-10-03 22:20 - 2015-07-18 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-03 22:18 - 2015-07-18 21:44 - 00000021 _____ C:\Windows\Model.txt
2015-10-03 22:18 - 2015-07-18 21:44 - 00000000 _____ C:\Windows\Model.log
2015-10-03 22:13 - 2015-07-18 21:12 - 00010708 _____ C:\Windows\DPINST.LOG
2015-10-03 21:02 - 2015-07-18 20:39 - 00155666 _____ C:\Windows\PFRO.log
2015-10-03 21:00 - 2015-07-24 00:20 - 00000000 ____D C:\AdwCleaner
2015-10-03 17:18 - 2015-07-22 16:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-03 10:47 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-10-02 22:27 - 2015-07-20 15:22 - 00000000 ___HD C:\ProgramData\ArcSoft
2015-10-02 22:27 - 2015-07-20 15:22 - 00000000 ____D C:\Users\sony_\AppData\Roaming\ArcSoft
2015-10-02 20:14 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-10-02 20:08 - 2015-07-22 16:00 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-02 20:08 - 2015-07-22 16:00 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-01 18:31 - 2015-07-22 16:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-23 22:35 - 2003-02-02 05:00 - 01308672 _____ C:\Users\sony_\Desktop\zoek.exe
2015-09-23 22:12 - 2015-07-22 16:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-23 22:12 - 2015-07-22 16:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-23 22:10 - 2015-07-18 18:36 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2015-09-20 13:27 - 2009-07-14 19:58 - 00696370 _____ C:\Windows\system32\perfh007.dat
2015-09-20 13:27 - 2009-07-14 19:58 - 00147634 _____ C:\Windows\system32\perfc007.dat
2015-09-20 13:27 - 2009-07-14 07:13 - 01611160 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-20 00:02 - 2015-07-22 16:02 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-09-19 23:58 - 2015-07-18 18:00 - 00000000 ____D C:\Users\sony_
2015-09-19 23:57 - 2015-07-18 22:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-19 23:57 - 2015-07-18 22:43 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-19 23:57 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\ShellNew
2015-09-19 23:57 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-09-19 23:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-19 23:56 - 2015-07-22 16:34 - 00000000 ____D C:\ProgramData\Atheros
2015-09-19 23:56 - 2015-07-22 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-09-19 23:56 - 2015-07-22 15:49 - 00000000 ____D C:\ProgramData\Intel
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-09-19 23:56 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-09-19 23:51 - 2015-07-22 16:50 - 00000000 ____D C:\ProgramData\Oracle
2015-09-19 23:18 - 2015-07-18 21:45 - 00000000 ____D C:\Users\sony_\Documents\Bluetooth Folder
2015-09-11 21:31 - 2015-07-18 22:40 - 00000000 ____D C:\Windows\system32\MRT
2015-09-05 13:52 - 2015-07-18 17:59 - 01722627 _____ C:\Windows\WindowsUpdate(130).log
Einige Dateien in TEMP:
====================
C:\Users\sony_\AppData\Local\Temp\GLF172E.EXE
C:\Users\sony_\AppData\Local\Temp\GLF1A0C.EXE
C:\Users\sony_\AppData\Local\Temp\GLF2DC8.EXE
C:\Users\sony_\AppData\Local\Temp\GLF4C51.EXE
C:\Users\sony_\AppData\Local\Temp\GLF769C.EXE
C:\Users\sony_\AppData\Local\Temp\GLF7C28.EXE
C:\Users\sony_\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-04 16:53
==================== Ende von FRST.txt ============================
|
|
05.10.2015, 18:40
| #13 |
| /// the machine /// TB-Ausbilder | Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Nach Javaws.exe*32 Virus neue *32 Programme im Taskmanager |
| cpu, diverse, einfach, gelöscht, home, hängt, installiert, javaws.exe, laptop, neu, neue, nicht mehr, plötzlich, problem, programme, prozesse, rechner, schadsoftware, seite, seiten, starten, taskmanager, treiber, trojaner, vaio, verschwunden, viren, virus, windows 7 64 bit, öffnen |
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
