| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internetexplorer öffnet mehrere prozesse im HintergrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.09.2014, 13:09
| #16 |
| /// the machine /// TB-Ausbilder    |  Internetexplorer öffnet mehrere prozesse im Hintergrund Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread. Frisches FRST log bitte ebenso.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2014, 17:06
| #17 |
 | Internetexplorer öffnet mehrere prozesse im Hintergrund Hier der TDSSKiller
__________________Code:
ATTFilter 17:52:30.0916 0x28b4 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:52:34.0994 0x28b4 ============================================================
17:52:34.0994 0x28b4 Current date / time: 2014/09/01 17:52:34.0994
17:52:34.0994 0x28b4 SystemInfo:
17:52:34.0994 0x28b4
17:52:34.0994 0x28b4 OS Version: 6.1.7601 ServicePack: 1.0
17:52:34.0994 0x28b4 Product type: Workstation
17:52:34.0994 0x28b4 ComputerName: LUKAS-PC
17:52:34.0995 0x28b4 UserName: Lukas
17:52:34.0995 0x28b4 Windows directory: C:\Windows
17:52:34.0995 0x28b4 System windows directory: C:\Windows
17:52:34.0995 0x28b4 Running under WOW64
17:52:34.0995 0x28b4 Processor architecture: Intel x64
17:52:34.0995 0x28b4 Number of processors: 8
17:52:34.0995 0x28b4 Page size: 0x1000
17:52:34.0995 0x28b4 Boot type: Normal boot
17:52:34.0995 0x28b4 ============================================================
17:52:35.0479 0x28b4 KLMD registered as C:\Windows\system32\drivers\00101099.sys
17:52:35.0836 0x28b4 System UUID: {6B1A2F23-276C-A91F-D0A3-9D7F126AFD21}
17:52:36.0308 0x28b4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:52:36.0312 0x28b4 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:52:36.0325 0x28b4 ============================================================
17:52:36.0325 0x28b4 \Device\Harddisk0\DR0:
17:52:36.0326 0x28b4 MBR partitions:
17:52:36.0326 0x28b4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
17:52:36.0326 0x28b4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x18FFF800
17:52:36.0326 0x28b4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x190AF000, BlocksNum 0x212D6800
17:52:36.0326 0x28b4 \Device\Harddisk1\DR1:
17:52:36.0326 0x28b4 MBR partitions:
17:52:36.0326 0x28b4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
17:52:36.0326 0x28b4 ============================================================
17:52:36.0350 0x28b4 C: <-> \Device\Harddisk0\DR0\Partition2
17:52:36.0369 0x28b4 D: <-> \Device\Harddisk0\DR0\Partition3
17:52:36.0391 0x28b4 F: <-> \Device\Harddisk1\DR1\Partition1
17:52:36.0391 0x28b4 ============================================================
17:52:36.0391 0x28b4 Initialize success
17:52:36.0391 0x28b4 ============================================================
17:53:49.0793 0x3b34 ============================================================
17:53:49.0793 0x3b34 Scan started
17:53:49.0793 0x3b34 Mode: Manual; SigCheck; TDLFS;
17:53:49.0793 0x3b34 ============================================================
17:53:49.0793 0x3b34 KSN ping started
17:54:15.0651 0x3b34 KSN ping finished: true
17:54:17.0154 0x3b34 ================ Scan system memory ========================
17:54:17.0154 0x3b34 System memory - ok
17:54:17.0154 0x3b34 ================ Scan services =============================
17:54:17.0293 0x3b34 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:54:17.0472 0x3b34 1394ohci - ok
17:54:17.0501 0x3b34 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:54:17.0517 0x3b34 ACPI - ok
17:54:17.0533 0x3b34 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:54:17.0594 0x3b34 AcpiPmi - ok
17:54:17.0643 0x3b34 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:54:17.0669 0x3b34 adp94xx - ok
17:54:17.0707 0x3b34 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:54:17.0731 0x3b34 adpahci - ok
17:54:17.0745 0x3b34 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:54:17.0755 0x3b34 adpu320 - ok
17:54:17.0761 0x3b34 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:54:17.0865 0x3b34 AeLookupSvc - ok
17:54:17.0923 0x3b34 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
17:54:17.0983 0x3b34 AFD - ok
17:54:17.0988 0x3b34 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:54:17.0996 0x3b34 agp440 - ok
17:54:18.0006 0x3b34 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:54:18.0035 0x3b34 ALG - ok
17:54:18.0050 0x3b34 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:54:18.0059 0x3b34 aliide - ok
17:54:18.0067 0x3b34 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:54:18.0075 0x3b34 amdide - ok
17:54:18.0080 0x3b34 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:54:18.0092 0x3b34 AmdK8 - ok
17:54:18.0096 0x3b34 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:54:18.0123 0x3b34 AmdPPM - ok
17:54:18.0139 0x3b34 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:54:18.0149 0x3b34 amdsata - ok
17:54:18.0175 0x3b34 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:54:18.0187 0x3b34 amdsbs - ok
17:54:18.0190 0x3b34 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:54:18.0199 0x3b34 amdxata - ok
17:54:18.0214 0x3b34 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:54:18.0351 0x3b34 AppID - ok
17:54:18.0355 0x3b34 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:54:18.0400 0x3b34 AppIDSvc - ok
17:54:18.0406 0x3b34 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:54:18.0467 0x3b34 Appinfo - ok
17:54:18.0530 0x3b34 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:54:18.0544 0x3b34 Apple Mobile Device - ok
17:54:18.0593 0x3b34 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:54:18.0607 0x3b34 arc - ok
17:54:18.0614 0x3b34 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:54:18.0628 0x3b34 arcsas - ok
17:54:18.0676 0x3b34 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:54:18.0697 0x3b34 aspnet_state - ok
17:54:18.0717 0x3b34 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:54:18.0768 0x3b34 AsyncMac - ok
17:54:18.0787 0x3b34 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:54:18.0794 0x3b34 atapi - ok
17:54:18.0818 0x3b34 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:54:18.0878 0x3b34 AudioEndpointBuilder - ok
17:54:18.0916 0x3b34 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:54:18.0944 0x3b34 AudioSrv - ok
17:54:18.0983 0x3b34 [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
17:54:19.0009 0x3b34 Avgdiska - ok
17:54:19.0236 0x3b34 [ 76AB36635951D8C96B485C9F8DCE7DE1, 1F57E2D85A0E766F79DCAC2CD2BBCBFDFBF88982CC01C2399255218B3DE18164 ] AVGIDSAgent F:\AVG\AVG2014\avgidsagent.exe
17:54:19.0317 0x3b34 AVGIDSAgent - ok
17:54:19.0336 0x3b34 [ 50E7E80BB5F3E2BB0B48F3F7E17ED6B1, 4E254506E03C9DC7376D47267CC987B0D4D93C064310CC8BA6FB679542638298 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:54:19.0347 0x3b34 AVGIDSDriver - ok
17:54:19.0355 0x3b34 [ B0E4A1F342A3F8B75C4A4ADB044761C9, 208D033EE04206FEDFC99102025A53D53EF2D3FB373882776DE43D663BE9A01B ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:54:19.0364 0x3b34 AVGIDSHA - ok
17:54:19.0399 0x3b34 [ 5D115BF49AE159D4D7D1EBC640CB138F, F529FB749AB8098B657DEB4637B9B87FA2DE4806F37AC9257542B7E522BA487E ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:54:19.0409 0x3b34 Avgldx64 - ok
17:54:19.0454 0x3b34 [ 197F28711B4B71E6575E5298CCEDC737, 16B7A9E59CA5EF8241029E16408CC1DD77004B195C9FE0677DE35A723FCA3DB4 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
17:54:19.0466 0x3b34 Avgloga - ok
17:54:19.0492 0x3b34 [ D9CED15E158573DE1BB67330C4206763, 6EEA9932318434448E167600A10FCD4C9DC8225A958708484E3A6EC5EF570012 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:54:19.0501 0x3b34 Avgmfx64 - ok
17:54:19.0522 0x3b34 [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:54:19.0529 0x3b34 Avgrkx64 - ok
17:54:19.0544 0x3b34 [ 0971913995F5FAFD711B0B2426A175E9, 1009E628997B56697BA976E376A9E9D39082E7057D6EFF37D57FDCA2057B9498 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:54:19.0555 0x3b34 Avgtdia - ok
17:54:19.0559 0x3b34 [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
17:54:19.0566 0x3b34 avgtp - ok
17:54:19.0589 0x3b34 [ 5A63285CC0D3323D720E0C518FE74CA3, D990A75CC5FAC5B68DA8515A519D2B5F6312E546E31D54E36CB98271C1B308F3 ] avgwd F:\AVG\AVG2014\avgwdsvc.exe
17:54:19.0601 0x3b34 avgwd - ok
17:54:19.0638 0x3b34 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
17:54:19.0651 0x3b34 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
17:54:22.0084 0x3b34 Detect skipped due to KSN trusted
17:54:22.0084 0x3b34 AVM WLAN Connection Service - ok
17:54:22.0108 0x3b34 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
17:54:22.0122 0x3b34 avmeject - ok
17:54:22.0155 0x3b34 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:54:22.0225 0x3b34 AxInstSV - ok
17:54:22.0273 0x3b34 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:54:22.0312 0x3b34 b06bdrv - ok
17:54:22.0335 0x3b34 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:54:22.0370 0x3b34 b57nd60a - ok
17:54:22.0390 0x3b34 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:54:22.0424 0x3b34 BDESVC - ok
17:54:22.0445 0x3b34 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:54:22.0495 0x3b34 Beep - ok
17:54:22.0547 0x3b34 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:54:22.0595 0x3b34 BFE - ok
17:54:22.0631 0x3b34 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
17:54:22.0772 0x3b34 BITS - ok
17:54:22.0790 0x3b34 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:54:22.0813 0x3b34 blbdrive - ok
17:54:22.0854 0x3b34 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:54:22.0867 0x3b34 Bonjour Service - ok
17:54:22.0873 0x3b34 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:54:22.0896 0x3b34 bowser - ok
17:54:22.0899 0x3b34 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:54:22.0909 0x3b34 BrFiltLo - ok
17:54:22.0912 0x3b34 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:54:22.0925 0x3b34 BrFiltUp - ok
17:54:22.0953 0x3b34 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:54:23.0015 0x3b34 BridgeMP - ok
17:54:23.0023 0x3b34 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:54:23.0047 0x3b34 Browser - ok
17:54:23.0069 0x3b34 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:54:23.0129 0x3b34 Brserid - ok
17:54:23.0148 0x3b34 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:54:23.0190 0x3b34 BrSerWdm - ok
17:54:23.0208 0x3b34 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:54:23.0226 0x3b34 BrUsbMdm - ok
17:54:23.0232 0x3b34 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:54:23.0247 0x3b34 BrUsbSer - ok
17:54:23.0252 0x3b34 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:54:23.0272 0x3b34 BTHMODEM - ok
17:54:23.0279 0x3b34 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:54:23.0303 0x3b34 bthserv - ok
17:54:23.0329 0x3b34 catchme - ok
17:54:23.0333 0x3b34 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:54:23.0374 0x3b34 cdfs - ok
17:54:23.0383 0x3b34 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:54:23.0399 0x3b34 cdrom - ok
17:54:23.0414 0x3b34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:54:23.0435 0x3b34 CertPropSvc - ok
17:54:23.0447 0x3b34 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:54:23.0457 0x3b34 circlass - ok
17:54:23.0476 0x3b34 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:54:23.0489 0x3b34 CLFS - ok
17:54:23.0545 0x3b34 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:54:23.0556 0x3b34 clr_optimization_v2.0.50727_32 - ok
17:54:23.0582 0x3b34 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:54:23.0593 0x3b34 clr_optimization_v2.0.50727_64 - ok
17:54:23.0616 0x3b34 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:54:23.0659 0x3b34 clr_optimization_v4.0.30319_32 - ok
17:54:23.0695 0x3b34 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:54:23.0707 0x3b34 clr_optimization_v4.0.30319_64 - ok
17:54:23.0710 0x3b34 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:54:23.0737 0x3b34 CmBatt - ok
17:54:23.0756 0x3b34 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:54:23.0763 0x3b34 cmdide - ok
17:54:23.0788 0x3b34 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
17:54:23.0808 0x3b34 CNG - ok
17:54:23.0811 0x3b34 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:54:23.0818 0x3b34 Compbatt - ok
17:54:23.0829 0x3b34 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:54:23.0841 0x3b34 CompositeBus - ok
17:54:23.0843 0x3b34 COMSysApp - ok
17:54:23.0852 0x3b34 cpuz134 - ok
17:54:23.0871 0x3b34 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:54:23.0878 0x3b34 crcdisk - ok
17:54:23.0905 0x3b34 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:54:23.0946 0x3b34 CryptSvc - ok
17:54:23.0982 0x3b34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:54:24.0029 0x3b34 DcomLaunch - ok
17:54:24.0054 0x3b34 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:54:24.0081 0x3b34 defragsvc - ok
17:54:24.0086 0x3b34 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:54:24.0108 0x3b34 DfsC - ok
17:54:24.0128 0x3b34 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:54:24.0150 0x3b34 Dhcp - ok
17:54:24.0164 0x3b34 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:54:24.0217 0x3b34 discache - ok
17:54:24.0241 0x3b34 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:54:24.0249 0x3b34 Disk - ok
17:54:24.0257 0x3b34 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:54:24.0346 0x3b34 Dnscache - ok
17:54:24.0362 0x3b34 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:54:24.0400 0x3b34 dot3svc - ok
17:54:24.0427 0x3b34 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:54:24.0480 0x3b34 DPS - ok
17:54:24.0501 0x3b34 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:54:24.0523 0x3b34 drmkaud - ok
17:54:24.0559 0x3b34 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:54:24.0570 0x3b34 dtsoftbus01 - ok
17:54:24.0602 0x3b34 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:54:24.0635 0x3b34 DXGKrnl - ok
17:54:24.0653 0x3b34 EagleX64 - ok
17:54:24.0669 0x3b34 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:54:24.0691 0x3b34 EapHost - ok
17:54:24.0818 0x3b34 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:54:24.0994 0x3b34 ebdrv - ok
17:54:25.0014 0x3b34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
17:54:25.0073 0x3b34 EFS - ok
17:54:25.0112 0x3b34 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:54:25.0197 0x3b34 ehRecvr - ok
17:54:25.0211 0x3b34 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:54:25.0248 0x3b34 ehSched - ok
17:54:25.0282 0x3b34 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:54:25.0310 0x3b34 elxstor - ok
17:54:25.0315 0x3b34 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:54:25.0326 0x3b34 ErrDev - ok
17:54:25.0343 0x3b34 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:54:25.0384 0x3b34 EventSystem - ok
17:54:25.0409 0x3b34 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:54:25.0432 0x3b34 exfat - ok
17:54:25.0438 0x3b34 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:54:25.0466 0x3b34 fastfat - ok
17:54:25.0522 0x3b34 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:54:25.0581 0x3b34 Fax - ok
17:54:25.0595 0x3b34 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:54:25.0607 0x3b34 fdc - ok
17:54:25.0610 0x3b34 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:54:25.0645 0x3b34 fdPHost - ok
17:54:25.0675 0x3b34 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:54:25.0715 0x3b34 FDResPub - ok
17:54:25.0739 0x3b34 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:54:25.0747 0x3b34 FileInfo - ok
17:54:25.0751 0x3b34 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:54:25.0792 0x3b34 Filetrace - ok
17:54:25.0820 0x3b34 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:54:25.0828 0x3b34 flpydisk - ok
17:54:25.0853 0x3b34 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:54:25.0865 0x3b34 FltMgr - ok
17:54:25.0895 0x3b34 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
17:54:25.0980 0x3b34 FontCache - ok
17:54:25.0986 0x3b34 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:54:25.0993 0x3b34 FontCache3.0.0.0 - ok
17:54:25.0996 0x3b34 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:54:26.0003 0x3b34 FsDepends - ok
17:54:26.0013 0x3b34 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:54:26.0021 0x3b34 Fs_Rec - ok
17:54:26.0035 0x3b34 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:54:26.0046 0x3b34 fvevol - ok
17:54:26.0079 0x3b34 [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
17:54:26.0102 0x3b34 fwlanusbn - ok
17:54:26.0116 0x3b34 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:54:26.0124 0x3b34 gagp30kx - ok
17:54:26.0127 0x3b34 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:54:26.0133 0x3b34 GEARAspiWDM - ok
17:54:26.0170 0x3b34 GGSAFERDriver - ok
17:54:26.0212 0x3b34 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:54:26.0274 0x3b34 gpsvc - ok
17:54:26.0306 0x3b34 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:54:26.0317 0x3b34 hamachi - ok
17:54:26.0476 0x3b34 [ EE54F8C7DA3C4B2D2077EA811980F6FC, A2F2CF7EFA9058D73A1908616597B7E328724D8F7BE0A7628F0118072BFB8193 ] Hamachi2Svc F:\LogMeIn Hamachi\hamachi-2.exe
17:54:26.0557 0x3b34 Hamachi2Svc - ok
17:54:26.0562 0x3b34 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:54:26.0594 0x3b34 hcw85cir - ok
17:54:26.0619 0x3b34 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:54:26.0647 0x3b34 HdAudAddService - ok
17:54:26.0668 0x3b34 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:54:26.0692 0x3b34 HDAudBus - ok
17:54:26.0711 0x3b34 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:54:26.0741 0x3b34 HidBatt - ok
17:54:26.0759 0x3b34 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:54:26.0780 0x3b34 HidBth - ok
17:54:26.0783 0x3b34 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:54:26.0793 0x3b34 HidIr - ok
17:54:26.0807 0x3b34 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
17:54:26.0843 0x3b34 hidserv - ok
17:54:26.0880 0x3b34 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:54:26.0907 0x3b34 HidUsb - ok
17:54:26.0954 0x3b34 [ DFD1D30D8B68D883B5858748F7E35AD2, 051C9940054558DCB96746C0425A52F5294194163946B4A2A9CAEA64CFA855A1 ] HiPatchService F:\Hi-Rez Studios\HiPatchService.exe
17:54:26.0969 0x3b34 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
17:54:29.0426 0x3b34 Detect skipped due to KSN trusted
17:54:29.0426 0x3b34 HiPatchService - ok
17:54:29.0535 0x3b34 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:54:29.0601 0x3b34 hkmsvc - ok
17:54:29.0625 0x3b34 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:54:29.0641 0x3b34 HomeGroupListener - ok
17:54:29.0650 0x3b34 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:54:29.0663 0x3b34 HomeGroupProvider - ok
17:54:29.0710 0x3b34 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:54:29.0733 0x3b34 hpqcxs08 - ok
17:54:29.0753 0x3b34 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:54:29.0764 0x3b34 hpqddsvc - ok
17:54:29.0770 0x3b34 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:54:29.0781 0x3b34 HpSAMD - ok
17:54:29.0823 0x3b34 [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:54:29.0866 0x3b34 HPSLPSVC - ok
17:54:29.0890 0x3b34 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:54:29.0959 0x3b34 HTTP - ok
17:54:29.0964 0x3b34 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:54:29.0971 0x3b34 hwpolicy - ok
17:54:29.0984 0x3b34 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:54:29.0994 0x3b34 i8042prt - ok
17:54:30.0014 0x3b34 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:54:30.0028 0x3b34 iaStor - ok
17:54:30.0039 0x3b34 [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:54:30.0045 0x3b34 IAStorDataMgrSvc - ok
17:54:30.0066 0x3b34 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:54:30.0079 0x3b34 iaStorV - ok
17:54:30.0121 0x3b34 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:54:30.0134 0x3b34 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:54:32.0600 0x3b34 Detect skipped due to KSN trusted
17:54:32.0600 0x3b34 IDriverT - ok
17:54:32.0688 0x3b34 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:54:32.0728 0x3b34 idsvc - ok
17:54:32.0755 0x3b34 IEEtwCollectorService - ok
17:54:32.0773 0x3b34 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:54:32.0788 0x3b34 iirsp - ok
17:54:32.0841 0x3b34 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:54:32.0890 0x3b34 IKEEXT - ok
17:54:33.0016 0x3b34 [ 5F6A3EA5BD7CA861863A3A06CECC115C, 312B27BB6664A2DFF3B48CF9DA04511AAB281A2521A6140C7DB1613DC6562D59 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:54:33.0141 0x3b34 IntcAzAudAddService - ok
17:54:33.0189 0x3b34 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:54:33.0226 0x3b34 Intel(R) Capability Licensing Service Interface - ok
17:54:33.0247 0x3b34 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:54:33.0254 0x3b34 intelide - ok
17:54:33.0271 0x3b34 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:54:33.0308 0x3b34 intelppm - ok
17:54:33.0317 0x3b34 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:54:33.0360 0x3b34 IPBusEnum - ok
17:54:33.0365 0x3b34 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:54:33.0389 0x3b34 IpFilterDriver - ok
17:54:33.0410 0x3b34 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:54:33.0447 0x3b34 iphlpsvc - ok
17:54:33.0453 0x3b34 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:54:33.0463 0x3b34 IPMIDRV - ok
17:54:33.0469 0x3b34 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:54:33.0507 0x3b34 IPNAT - ok
17:54:33.0564 0x3b34 [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:54:33.0611 0x3b34 iPod Service - ok
17:54:33.0617 0x3b34 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:54:33.0650 0x3b34 IRENUM - ok
17:54:33.0675 0x3b34 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:54:33.0684 0x3b34 isapnp - ok
17:54:33.0707 0x3b34 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:54:33.0722 0x3b34 iScsiPrt - ok
17:54:33.0727 0x3b34 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:54:33.0736 0x3b34 iusb3hcs - ok
17:54:33.0757 0x3b34 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
17:54:33.0774 0x3b34 iusb3hub - ok
17:54:33.0804 0x3b34 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:54:33.0828 0x3b34 iusb3xhc - ok
17:54:33.0859 0x3b34 [ 16FB3C63287DC1E0061101012844F26F, D469275B6843E09B889912F8CBA41DE7C2F72001C888A990850B592B535E34F1 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:54:33.0869 0x3b34 jhi_service - ok
17:54:33.0873 0x3b34 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:54:33.0882 0x3b34 kbdclass - ok
17:54:33.0894 0x3b34 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:54:33.0921 0x3b34 kbdhid - ok
17:54:33.0925 0x3b34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
17:54:33.0934 0x3b34 KeyIso - ok
17:54:33.0940 0x3b34 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:54:33.0949 0x3b34 KSecDD - ok
17:54:33.0957 0x3b34 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:54:33.0967 0x3b34 KSecPkg - ok
17:54:33.0971 0x3b34 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:54:33.0995 0x3b34 ksthunk - ok
17:54:34.0025 0x3b34 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:54:34.0063 0x3b34 KtmRm - ok
17:54:34.0097 0x3b34 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:54:34.0122 0x3b34 LanmanServer - ok
17:54:34.0140 0x3b34 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:54:34.0163 0x3b34 LanmanWorkstation - ok
17:54:34.0169 0x3b34 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:54:34.0191 0x3b34 lltdio - ok
17:54:34.0214 0x3b34 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:54:34.0266 0x3b34 lltdsvc - ok
17:54:34.0284 0x3b34 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:54:34.0316 0x3b34 lmhosts - ok
17:54:34.0338 0x3b34 [ 8D7E37CDE7393D59C46A3A61D30C6228, 328E374075B73560E9F45B07A3331BC2E032C33309011DC47B0959B8B8D0E937 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:54:34.0348 0x3b34 LMS - ok
17:54:34.0369 0x3b34 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:54:34.0377 0x3b34 LSI_FC - ok
17:54:34.0388 0x3b34 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:54:34.0397 0x3b34 LSI_SAS - ok
17:54:34.0410 0x3b34 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:54:34.0418 0x3b34 LSI_SAS2 - ok
17:54:34.0432 0x3b34 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:54:34.0441 0x3b34 LSI_SCSI - ok
17:54:34.0446 0x3b34 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:54:34.0480 0x3b34 luafv - ok
17:54:34.0504 0x3b34 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:54:34.0516 0x3b34 Mcx2Svc - ok
17:54:34.0530 0x3b34 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:54:34.0537 0x3b34 megasas - ok
17:54:34.0578 0x3b34 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:54:34.0590 0x3b34 MegaSR - ok
17:54:34.0603 0x3b34 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:54:34.0611 0x3b34 MEIx64 - ok
17:54:34.0622 0x3b34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:54:34.0644 0x3b34 MMCSS - ok
17:54:34.0668 0x3b34 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:54:34.0690 0x3b34 Modem - ok
17:54:34.0694 0x3b34 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:54:34.0705 0x3b34 monitor - ok
17:54:34.0746 0x3b34 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
17:54:34.0762 0x3b34 MotioninJoyXFilter - ok
17:54:34.0783 0x3b34 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:54:34.0793 0x3b34 mouclass - ok
17:54:34.0797 0x3b34 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:54:34.0808 0x3b34 mouhid - ok
17:54:34.0819 0x3b34 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:54:34.0828 0x3b34 mountmgr - ok
17:54:34.0847 0x3b34 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:54:34.0857 0x3b34 MozillaMaintenance - ok
17:54:34.0880 0x3b34 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:54:34.0891 0x3b34 mpio - ok
17:54:34.0906 0x3b34 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:54:34.0931 0x3b34 mpsdrv - ok
17:54:34.0979 0x3b34 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:54:35.0020 0x3b34 MpsSvc - ok
17:54:35.0061 0x3b34 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:54:35.0091 0x3b34 MRxDAV - ok
17:54:35.0113 0x3b34 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:54:35.0140 0x3b34 mrxsmb - ok
17:54:35.0161 0x3b34 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:54:35.0174 0x3b34 mrxsmb10 - ok
17:54:35.0180 0x3b34 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:54:35.0190 0x3b34 mrxsmb20 - ok
17:54:35.0193 0x3b34 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:54:35.0200 0x3b34 msahci - ok
17:54:35.0214 0x3b34 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:54:35.0223 0x3b34 msdsm - ok
17:54:35.0235 0x3b34 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:54:35.0256 0x3b34 MSDTC - ok
17:54:35.0275 0x3b34 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:54:35.0297 0x3b34 Msfs - ok
17:54:35.0301 0x3b34 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:54:35.0331 0x3b34 mshidkmdf - ok
17:54:35.0334 0x3b34 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:54:35.0340 0x3b34 msisadrv - ok
17:54:35.0358 0x3b34 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:54:35.0395 0x3b34 MSiSCSI - ok
17:54:35.0397 0x3b34 msiserver - ok
17:54:35.0411 0x3b34 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:54:35.0432 0x3b34 MSKSSRV - ok
17:54:35.0443 0x3b34 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:54:35.0475 0x3b34 MSPCLOCK - ok
17:54:35.0490 0x3b34 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:54:35.0531 0x3b34 MSPQM - ok
17:54:35.0573 0x3b34 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:54:35.0586 0x3b34 MsRPC - ok
17:54:35.0597 0x3b34 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:54:35.0604 0x3b34 mssmbios - ok
17:54:35.0616 0x3b34 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:54:35.0637 0x3b34 MSTEE - ok
17:54:35.0652 0x3b34 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:54:35.0662 0x3b34 MTConfig - ok
17:54:35.0665 0x3b34 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:54:35.0673 0x3b34 Mup - ok
17:54:35.0690 0x3b34 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:54:35.0720 0x3b34 napagent - ok
17:54:35.0750 0x3b34 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:54:35.0781 0x3b34 NativeWifiP - ok
17:54:35.0821 0x3b34 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:54:35.0854 0x3b34 NDIS - ok
17:54:35.0869 0x3b34 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:54:35.0890 0x3b34 NdisCap - ok
17:54:35.0894 0x3b34 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:54:35.0914 0x3b34 NdisTapi - ok
17:54:35.0926 0x3b34 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:54:35.0947 0x3b34 Ndisuio - ok
17:54:35.0954 0x3b34 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:54:35.0992 0x3b34 NdisWan - ok
17:54:35.0996 0x3b34 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:54:36.0024 0x3b34 NDProxy - ok
17:54:36.0045 0x3b34 [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:54:36.0051 0x3b34 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:54:38.0494 0x3b34 Detect skipped due to KSN trusted
17:54:38.0495 0x3b34 Net Driver HPZ12 - ok
17:54:38.0623 0x3b34 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:54:38.0675 0x3b34 NetBIOS - ok
17:54:38.0697 0x3b34 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:54:38.0723 0x3b34 NetBT - ok
17:54:38.0728 0x3b34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
17:54:38.0736 0x3b34 Netlogon - ok
17:54:38.0767 0x3b34 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:54:38.0795 0x3b34 Netman - ok
17:54:38.0812 0x3b34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:54:38.0834 0x3b34 NetMsmqActivator - ok
17:54:38.0847 0x3b34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:54:38.0856 0x3b34 NetPipeActivator - ok
17:54:38.0877 0x3b34 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:54:38.0907 0x3b34 netprofm - ok
17:54:38.0923 0x3b34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:54:38.0932 0x3b34 NetTcpActivator - ok
17:54:38.0936 0x3b34 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:54:38.0945 0x3b34 NetTcpPortSharing - ok
17:54:38.0957 0x3b34 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:54:38.0964 0x3b34 nfrd960 - ok
17:54:38.0981 0x3b34 [ 2FF6B48563AAFC12BB8CE2B4E4D7C65F, AAA77EBD643D4EE7EF40E9388CC6F8EA9AC19E491DDE64A8D8B0CAD666B21C94 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
17:54:38.0990 0x3b34 NitroReaderDriverReadSpool3 - ok
17:54:39.0010 0x3b34 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:54:39.0039 0x3b34 NlaSvc - ok
17:54:39.0045 0x3b34 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:54:39.0090 0x3b34 Npfs - ok
17:54:39.0092 0x3b34 npggsvc - ok
17:54:39.0098 0x3b34 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:54:39.0132 0x3b34 nsi - ok
17:54:39.0152 0x3b34 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:54:39.0174 0x3b34 nsiproxy - ok
17:54:39.0220 0x3b34 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:54:39.0275 0x3b34 Ntfs - ok
17:54:39.0279 0x3b34 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:54:39.0305 0x3b34 Null - ok
17:54:39.0314 0x3b34 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:54:39.0324 0x3b34 NVHDA - ok
17:54:39.0616 0x3b34 [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:54:39.0931 0x3b34 nvlddmkm - ok
17:54:40.0042 0x3b34 [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:54:40.0128 0x3b34 NvNetworkService - ok
17:54:40.0148 0x3b34 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:54:40.0158 0x3b34 nvraid - ok
17:54:40.0167 0x3b34 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:54:40.0178 0x3b34 nvstor - ok
17:54:40.0209 0x3b34 [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:54:40.0216 0x3b34 NvStreamKms - ok
17:54:40.0624 0x3b34 [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:54:41.0104 0x3b34 NvStreamSvc - ok
17:54:41.0160 0x3b34 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:54:41.0184 0x3b34 nvsvc - ok
17:54:41.0194 0x3b34 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:54:41.0201 0x3b34 nvvad_WaveExtensible - ok
17:54:41.0213 0x3b34 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:54:41.0222 0x3b34 nv_agp - ok
17:54:41.0226 0x3b34 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:54:41.0251 0x3b34 ohci1394 - ok
17:54:41.0263 0x3b34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:54:41.0289 0x3b34 p2pimsvc - ok
17:54:41.0312 0x3b34 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:54:41.0329 0x3b34 p2psvc - ok
17:54:41.0340 0x3b34 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:54:41.0351 0x3b34 Parport - ok
17:54:41.0356 0x3b34 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:54:41.0364 0x3b34 partmgr - ok
17:54:41.0381 0x3b34 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:54:41.0410 0x3b34 PcaSvc - ok
17:54:41.0418 0x3b34 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:54:41.0427 0x3b34 pci - ok
17:54:41.0431 0x3b34 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:54:41.0437 0x3b34 pciide - ok
17:54:41.0446 0x3b34 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:54:41.0456 0x3b34 pcmcia - ok
17:54:41.0460 0x3b34 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:54:41.0467 0x3b34 pcw - ok
17:54:41.0492 0x3b34 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:54:41.0525 0x3b34 PEAUTH - ok
17:54:41.0578 0x3b34 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:54:41.0609 0x3b34 PerfHost - ok
17:54:41.0666 0x3b34 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:54:41.0776 0x3b34 pla - ok
17:54:41.0805 0x3b34 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:54:41.0823 0x3b34 PlugPlay - ok
17:54:41.0829 0x3b34 [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:54:41.0852 0x3b34 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:54:44.0302 0x3b34 Detect skipped due to KSN trusted
17:54:44.0302 0x3b34 Pml Driver HPZ12 - ok
17:54:44.0363 0x3b34 PnkBstrA - ok
17:54:44.0377 0x3b34 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:54:44.0395 0x3b34 PNRPAutoReg - ok
17:54:44.0406 0x3b34 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:54:44.0421 0x3b34 PNRPsvc - ok
17:54:44.0444 0x3b34 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:54:44.0479 0x3b34 PolicyAgent - ok
17:54:44.0491 0x3b34 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:54:44.0515 0x3b34 Power - ok
17:54:44.0521 0x3b34 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:54:44.0554 0x3b34 PptpMiniport - ok
17:54:44.0557 0x3b34 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:54:44.0567 0x3b34 Processor - ok
17:54:44.0593 0x3b34 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
17:54:44.0622 0x3b34 ProfSvc - ok
17:54:44.0625 0x3b34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:54:44.0633 0x3b34 ProtectedStorage - ok
17:54:44.0655 0x3b34 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:54:44.0677 0x3b34 Psched - ok
17:54:44.0727 0x3b34 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:54:44.0778 0x3b34 ql2300 - ok
17:54:44.0797 0x3b34 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:54:44.0806 0x3b34 ql40xx - ok
17:54:44.0818 0x3b34 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:54:44.0833 0x3b34 QWAVE - ok
17:54:44.0842 0x3b34 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:54:44.0853 0x3b34 QWAVEdrv - ok
17:54:44.0869 0x3b34 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:54:44.0909 0x3b34 RasAcd - ok
17:54:44.0914 0x3b34 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:54:44.0936 0x3b34 RasAgileVpn - ok
17:54:44.0944 0x3b34 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:54:44.0970 0x3b34 RasAuto - ok
17:54:44.0976 0x3b34 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:54:45.0010 0x3b34 Rasl2tp - ok
17:54:45.0038 0x3b34 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:54:45.0065 0x3b34 RasMan - ok
17:54:45.0070 0x3b34 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:54:45.0102 0x3b34 RasPppoe - ok
17:54:45.0124 0x3b34 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:54:45.0163 0x3b34 RasSstp - ok
17:54:45.0186 0x3b34 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:54:45.0224 0x3b34 rdbss - ok
17:54:45.0228 0x3b34 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:54:45.0249 0x3b34 rdpbus - ok
17:54:45.0252 0x3b34 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:54:45.0272 0x3b34 RDPCDD - ok
17:54:45.0276 0x3b34 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:54:45.0308 0x3b34 RDPENCDD - ok
17:54:45.0312 0x3b34 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:54:45.0366 0x3b34 RDPREFMP - ok
17:54:45.0390 0x3b34 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:54:45.0432 0x3b34 RdpVideoMiniport - ok
17:54:45.0456 0x3b34 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:54:45.0486 0x3b34 RDPWD - ok
17:54:45.0514 0x3b34 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:54:45.0526 0x3b34 rdyboost - ok
17:54:45.0533 0x3b34 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:54:45.0559 0x3b34 RemoteAccess - ok
17:54:45.0567 0x3b34 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:54:45.0592 0x3b34 RemoteRegistry - ok
17:54:45.0609 0x3b34 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:54:45.0631 0x3b34 RpcEptMapper - ok
17:54:45.0634 0x3b34 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:54:45.0643 0x3b34 RpcLocator - ok
17:54:45.0675 0x3b34 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:54:45.0702 0x3b34 RpcSs - ok
17:54:45.0719 0x3b34 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:54:45.0741 0x3b34 rspndr - ok
17:54:45.0780 0x3b34 [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:54:45.0799 0x3b34 RTL8167 - ok
17:54:45.0802 0x3b34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
17:54:45.0810 0x3b34 SamSs - ok
17:54:45.0815 0x3b34 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:54:45.0823 0x3b34 sbp2port - ok
17:54:45.0840 0x3b34 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:54:45.0864 0x3b34 SCardSvr - ok
17:54:45.0886 0x3b34 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:54:45.0934 0x3b34 scfilter - ok
17:54:45.0993 0x3b34 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:54:46.0056 0x3b34 Schedule - ok
17:54:46.0061 0x3b34 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:54:46.0081 0x3b34 SCPolicySvc - ok
17:54:46.0099 0x3b34 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:54:46.0143 0x3b34 SDRSVC - ok
17:54:46.0149 0x3b34 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:54:46.0188 0x3b34 secdrv - ok
17:54:46.0209 0x3b34 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:54:46.0230 0x3b34 seclogon - ok
17:54:46.0243 0x3b34 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
17:54:46.0265 0x3b34 SENS - ok
17:54:46.0277 0x3b34 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:54:46.0297 0x3b34 SensrSvc - ok
17:54:46.0311 0x3b34 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:54:46.0332 0x3b34 Serenum - ok
17:54:46.0358 0x3b34 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
17:54:46.0369 0x3b34 Serial - ok
17:54:46.0390 0x3b34 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:54:46.0416 0x3b34 sermouse - ok
17:54:46.0431 0x3b34 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:54:46.0489 0x3b34 SessionEnv - ok
17:54:46.0507 0x3b34 [ DDA1B38A59DE5096E2619D4CFDE01F4A, 95E2244EC8FD87741169B75A25458C788A9355EBC7D12C5CD6509DBBB89D4EE6 ] sfdrv01a C:\Windows\system32\drivers\sfdrv01a.sys
17:54:46.0516 0x3b34 sfdrv01a - ok
17:54:46.0533 0x3b34 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:54:46.0543 0x3b34 sffdisk - ok
17:54:46.0546 0x3b34 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:54:46.0557 0x3b34 sffp_mmc - ok
17:54:46.0571 0x3b34 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:54:46.0593 0x3b34 sffp_sd - ok
17:54:46.0608 0x3b34 [ 17F6BD95BF04B924F4C05CE78BEF8AE6, 68D38DC04349DA476B62F853B165EE6B6F42054BCAF2B8F615A6E6BAACD35EB4 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
17:54:46.0614 0x3b34 sfhlp02 - ok
17:54:46.0631 0x3b34 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:54:46.0659 0x3b34 sfloppy - ok
17:54:46.0690 0x3b34 [ 40CF333266E10137F805B8956FE19031, 9A0C296465E0D9E1F7534E6970090378646A21D168E67CB90810C642F7F33C9E ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
17:54:46.0697 0x3b34 sfsync02 - ok
17:54:46.0708 0x3b34 [ 4D31B845E4874E1D366EE7B2D8B45AC1, 6AB6D0A3CB5A2A0E0945F4BFCE1DD1ECE8A8B24C2DC33EABC7AB0E0A8413AF00 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
17:54:46.0716 0x3b34 sfvfs02 - ok
17:54:46.0734 0x3b34 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:54:46.0765 0x3b34 SharedAccess - ok
17:54:46.0780 0x3b34 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:54:46.0808 0x3b34 ShellHWDetection - ok
17:54:46.0820 0x3b34 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:54:46.0827 0x3b34 SiSRaid2 - ok
17:54:46.0839 0x3b34 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:54:46.0846 0x3b34 SiSRaid4 - ok
17:54:46.0864 0x3b34 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:54:46.0874 0x3b34 SkypeUpdate - ok
17:54:46.0884 0x3b34 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:54:46.0925 0x3b34 Smb - ok
17:54:46.0930 0x3b34 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:54:46.0940 0x3b34 SNMPTRAP - ok
17:54:46.0942 0x3b34 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:54:46.0949 0x3b34 spldr - ok
17:54:46.0972 0x3b34 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
17:54:46.0996 0x3b34 Spooler - ok
17:54:47.0091 0x3b34 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:54:47.0233 0x3b34 sppsvc - ok
17:54:47.0260 0x3b34 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:54:47.0282 0x3b34 sppuinotify - ok
17:54:47.0310 0x3b34 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:54:47.0341 0x3b34 srv - ok
17:54:47.0361 0x3b34 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:54:47.0394 0x3b34 srv2 - ok
17:54:47.0418 0x3b34 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:54:47.0429 0x3b34 srvnet - ok
17:54:47.0438 0x3b34 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:54:47.0462 0x3b34 SSDPSRV - ok
17:54:47.0467 0x3b34 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:54:47.0488 0x3b34 SstpSvc - ok
17:54:47.0563 0x3b34 [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:54:47.0611 0x3b34 Steam Client Service - ok
17:54:47.0672 0x3b34 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:54:47.0699 0x3b34 Stereo Service - ok
17:54:47.0718 0x3b34 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:54:47.0725 0x3b34 stexstor - ok
17:54:47.0728 0x3b34 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:54:47.0753 0x3b34 StillCam - ok
17:54:47.0794 0x3b34 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:54:47.0840 0x3b34 stisvc - ok
17:54:47.0844 0x3b34 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:54:47.0852 0x3b34 swenum - ok
17:54:47.0878 0x3b34 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:54:47.0909 0x3b34 swprv - ok
17:54:47.0974 0x3b34 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:54:48.0044 0x3b34 SysMain - ok
17:54:48.0050 0x3b34 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:54:48.0064 0x3b34 TabletInputService - ok
17:54:48.0079 0x3b34 [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
17:54:48.0100 0x3b34 tap0901 - ok
17:54:48.0117 0x3b34 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:54:48.0154 0x3b34 TapiSrv - ok
17:54:48.0158 0x3b34 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:54:48.0180 0x3b34 TBS - ok
17:54:48.0248 0x3b34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:54:48.0347 0x3b34 Tcpip - ok
17:54:48.0390 0x3b34 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:54:48.0421 0x3b34 TCPIP6 - ok
17:54:48.0447 0x3b34 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:54:48.0456 0x3b34 tcpipreg - ok
17:54:48.0465 0x3b34 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:54:48.0501 0x3b34 TDPIPE - ok
17:54:48.0525 0x3b34 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:54:48.0534 0x3b34 TDTCP - ok
17:54:48.0539 0x3b34 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:54:48.0561 0x3b34 tdx - ok
17:54:48.0708 0x3b34 [ 9A019ABD9CEAA6EA528E5438402907F7, E1B58B376D142B4472C64D020800AE0AC868C8F4EC18EA45D236E0EB8C3CB6F4 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
17:54:48.0861 0x3b34 TeamViewer9 - ok
17:54:48.0876 0x3b34 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:54:48.0883 0x3b34 TermDD - ok
17:54:48.0907 0x3b34 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
17:54:48.0940 0x3b34 TermService - ok
17:54:48.0943 0x3b34 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:54:48.0955 0x3b34 Themes - ok
17:54:48.0959 0x3b34 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:54:48.0980 0x3b34 THREADORDER - ok
17:54:48.0986 0x3b34 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:54:49.0012 0x3b34 TrkWks - ok
17:54:49.0021 0x3b34 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:54:49.0047 0x3b34 TrustedInstaller - ok
17:54:49.0068 0x3b34 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:54:49.0091 0x3b34 tssecsrv - ok
17:54:49.0103 0x3b34 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:54:49.0122 0x3b34 TsUsbFlt - ok
17:54:49.0137 0x3b34 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:54:49.0166 0x3b34 TsUsbGD - ok
17:54:49.0194 0x3b34 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:54:49.0233 0x3b34 tunnel - ok
17:54:49.0251 0x3b34 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:54:49.0259 0x3b34 uagp35 - ok
17:54:49.0288 0x3b34 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:54:49.0323 0x3b34 udfs - ok
17:54:49.0329 0x3b34 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:54:49.0338 0x3b34 UI0Detect - ok
17:54:49.0359 0x3b34 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:54:49.0366 0x3b34 uliagpkx - ok
17:54:49.0381 0x3b34 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:54:49.0411 0x3b34 umbus - ok
17:54:49.0434 0x3b34 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:54:49.0443 0x3b34 UmPass - ok
17:54:49.0469 0x3b34 [ F8626F1D56FA417C3B4AB6114D8471D5, C8AC74A6B0395A2C317F4600630B47D433CF483F7E516EF7356084DA1E8C3275 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:54:49.0481 0x3b34 UNS - ok
17:54:49.0494 0x3b34 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:54:49.0533 0x3b34 upnphost - ok
17:54:49.0538 0x3b34 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:54:49.0547 0x3b34 USBAAPL64 - ok
17:54:49.0554 0x3b34 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:54:49.0565 0x3b34 usbccgp - ok
17:54:49.0584 0x3b34 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:54:49.0604 0x3b34 usbcir - ok
17:54:49.0609 0x3b34 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:54:49.0617 0x3b34 usbehci - ok
17:54:49.0635 0x3b34 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:54:49.0667 0x3b34 usbhub - ok
17:54:49.0682 0x3b34 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:54:49.0690 0x3b34 usbohci - ok
17:54:49.0704 0x3b34 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:54:49.0723 0x3b34 usbprint - ok
17:54:49.0728 0x3b34 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:54:49.0747 0x3b34 USBSTOR - ok
17:54:49.0764 0x3b34 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:54:49.0787 0x3b34 usbuhci - ok
17:54:49.0790 0x3b34 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:54:49.0812 0x3b34 UxSms - ok
17:54:49.0815 0x3b34 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
17:54:49.0823 0x3b34 VaultSvc - ok
17:54:49.0852 0x3b34 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:54:49.0859 0x3b34 vdrvroot - ok
17:54:49.0878 0x3b34 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:54:49.0909 0x3b34 vds - ok
17:54:49.0925 0x3b34 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:54:49.0935 0x3b34 vga - ok
17:54:49.0945 0x3b34 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:54:49.0980 0x3b34 VgaSave - ok
17:54:49.0988 0x3b34 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:54:49.0998 0x3b34 vhdmp - ok
17:54:50.0019 0x3b34 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:54:50.0025 0x3b34 viaide - ok
17:54:50.0030 0x3b34 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:54:50.0037 0x3b34 volmgr - ok
17:54:50.0057 0x3b34 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:54:50.0070 0x3b34 volmgrx - ok
17:54:50.0087 0x3b34 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:54:50.0098 0x3b34 volsnap - ok
17:54:50.0114 0x3b34 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:54:50.0124 0x3b34 vsmraid - ok
17:54:50.0168 0x3b34 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:54:50.0236 0x3b34 VSS - ok
17:54:50.0360 0x3b34 [ C3382C99F1D10BCBEBC689BF847B77B5, BB11A866595D745BA7427CCB9E1F39F2340BC55B3E61B48B47B8E64384D3FFEA ] vToolbarUpdater3.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
17:54:50.0446 0x3b34 vToolbarUpdater3.2.0 - ok
17:54:50.0452 0x3b34 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:54:50.0483 0x3b34 vwifibus - ok
17:54:50.0516 0x3b34 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:54:50.0544 0x3b34 W32Time - ok
17:54:50.0569 0x3b34 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:54:50.0594 0x3b34 WacomPen - ok
17:54:50.0611 0x3b34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:54:50.0651 0x3b34 WANARP - ok
17:54:50.0654 0x3b34 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:54:50.0674 0x3b34 Wanarpv6 - ok
17:54:50.0721 0x3b34 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:54:50.0793 0x3b34 wbengine - ok
17:54:50.0802 0x3b34 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:54:50.0818 0x3b34 WbioSrvc - ok
17:54:50.0844 0x3b34 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:54:50.0863 0x3b34 wcncsvc - ok
17:54:50.0867 0x3b34 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:54:50.0909 0x3b34 WcsPlugInService - ok
17:54:50.0914 0x3b34 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:54:50.0928 0x3b34 Wd - ok
17:54:50.0972 0x3b34 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:54:51.0019 0x3b34 Wdf01000 - ok
17:54:51.0025 0x3b34 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:54:51.0104 0x3b34 WdiServiceHost - ok
17:54:51.0110 0x3b34 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:54:51.0126 0x3b34 WdiSystemHost - ok
17:54:51.0157 0x3b34 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
17:54:51.0185 0x3b34 WebClient - ok
17:54:51.0206 0x3b34 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:54:51.0245 0x3b34 Wecsvc - ok
17:54:51.0254 0x3b34 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:54:51.0276 0x3b34 wercplsupport - ok
17:54:51.0282 0x3b34 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:54:51.0304 0x3b34 WerSvc - ok
17:54:51.0328 0x3b34 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:54:51.0348 0x3b34 WfpLwf - ok
17:54:51.0370 0x3b34 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:54:51.0377 0x3b34 WIMMount - ok
17:54:51.0379 0x3b34 WinDefend - ok
17:54:51.0388 0x3b34 WinHttpAutoProxySvc - ok
17:54:51.0413 0x3b34 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:54:51.0464 0x3b34 Winmgmt - ok
17:54:51.0524 0x3b34 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:54:51.0602 0x3b34 WinRM - ok
17:54:51.0627 0x3b34 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:54:51.0638 0x3b34 WinUsb - ok
17:54:51.0670 0x3b34 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:54:51.0714 0x3b34 Wlansvc - ok
17:54:51.0781 0x3b34 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:54:51.0885 0x3b34 wlidsvc - ok
17:54:51.0893 0x3b34 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:54:51.0906 0x3b34 WmiAcpi - ok
17:54:51.0956 0x3b34 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:54:52.0002 0x3b34 wmiApSrv - ok
17:54:52.0020 0x3b34 WMPNetworkSvc - ok
17:54:52.0026 0x3b34 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:54:52.0056 0x3b34 WPCSvc - ok
17:54:52.0065 0x3b34 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:54:52.0105 0x3b34 WPDBusEnum - ok
17:54:52.0110 0x3b34 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:54:52.0148 0x3b34 ws2ifsl - ok
17:54:52.0161 0x3b34 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
17:54:52.0192 0x3b34 wscsvc - ok
17:54:52.0193 0x3b34 WSearch - ok
17:54:52.0259 0x3b34 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
17:54:52.0365 0x3b34 wuauserv - ok
17:54:52.0390 0x3b34 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:54:52.0426 0x3b34 WudfPf - ok
17:54:52.0450 0x3b34 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:54:52.0475 0x3b34 WUDFRd - ok
17:54:52.0496 0x3b34 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:54:52.0517 0x3b34 wudfsvc - ok
17:54:52.0547 0x3b34 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:54:52.0587 0x3b34 WwanSvc - ok
17:54:52.0613 0x3b34 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
17:54:52.0621 0x3b34 xusb21 - ok
17:54:52.0625 0x3b34 ================ Scan global ===============================
17:54:52.0629 0x3b34 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:54:52.0639 0x3b34 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:54:52.0648 0x3b34 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:54:52.0664 0x3b34 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:54:52.0676 0x3b34 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:54:52.0683 0x3b34 [ Global ] - ok
17:54:52.0683 0x3b34 ================ Scan MBR ==================================
17:54:52.0689 0x3b34 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:54:52.0991 0x3b34 \Device\Harddisk0\DR0 - ok
17:54:53.0002 0x3b34 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:54:53.0104 0x3b34 \Device\Harddisk1\DR1 - ok
17:54:53.0104 0x3b34 ================ Scan VBR ==================================
17:54:53.0107 0x3b34 [ 9443E5EEA4F81B7171F0FE33359D4FFD ] \Device\Harddisk0\DR0\Partition1
17:54:53.0123 0x3b34 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
17:54:53.0123 0x3b34 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
17:54:55.0543 0x3b34 [ 8A811C0242ACD6F3CF191030C8E621CB ] \Device\Harddisk0\DR0\Partition2
17:54:55.0567 0x3b34 \Device\Harddisk0\DR0\Partition2 - ok
17:54:55.0588 0x3b34 [ CB1F0DF030BB01E5AAF437785A89057B ] \Device\Harddisk0\DR0\Partition3
17:54:55.0603 0x3b34 \Device\Harddisk0\DR0\Partition3 - ok
17:54:55.0606 0x3b34 [ B40BC0A08101F64916E605AE52C91653 ] \Device\Harddisk1\DR1\Partition1
17:54:55.0686 0x3b34 \Device\Harddisk1\DR1\Partition1 - ok
17:54:55.0687 0x3b34 ================ Scan generic autorun ======================
17:54:55.0880 0x3b34 [ C3803F8E0FC107EFC1F9DE4FB7B7D797, 2D78DE29F4791FCF9A5B358F8266A0E64338B84B95E695EAF1CE958676EEEEB6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:54:56.0077 0x3b34 RTHDVCPL - ok
17:54:56.0170 0x3b34 [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:54:56.0240 0x3b34 NvBackend - ok
17:54:56.0245 0x3b34 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:54:56.0272 0x3b34 ShadowPlay - ok
17:54:56.0301 0x3b34 [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
17:54:56.0311 0x3b34 USB3MON - ok
17:54:56.0361 0x3b34 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
17:54:56.0429 0x3b34 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
17:54:58.0883 0x3b34 Detect skipped due to KSN trusted
17:54:58.0883 0x3b34 AVMWlanClient - ok
17:54:59.0022 0x3b34 [ 6FA1F6B8090F04D581E16212886BD861, 1A0D90C6BC9EBE319BF4524FA0EA326073A256252377B860AF48AECE46B6DAC2 ] C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
17:54:59.0079 0x3b34 Spotify Web Helper - ok
17:54:59.0080 0x3b34 Waiting for KSN requests completion. In queue: 5
17:55:00.0080 0x3b34 Waiting for KSN requests completion. In queue: 5
17:55:01.0080 0x3b34 Waiting for KSN requests completion. In queue: 5
17:55:02.0117 0x3b34 AV detected via SS2: AVG AntiVirus Free Edition 2014, F:\AVG\AVG2014\avgwsc.exe ( 14.0.0.4745 ), 0x41000 ( enabled : updated )
17:55:02.0172 0x3b34 Win FW state via NFP2: enabled
17:55:22.0173 0x3b34 ============================================================
17:55:22.0173 0x3b34 Scan finished
17:55:22.0173 0x3b34 ============================================================
17:55:22.0181 0x1cac Detected object count: 1
17:55:22.0181 0x1cac Actual detected object count: 1
17:55:47.0565 0x1cac \Device\Harddisk0\DR0\Partition1 - copied to quarantine
17:55:47.0570 0x1cac \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
17:55:47.0572 0x1cac \Device\Harddisk0\DR0\Partition1 - ok
17:55:47.0572 0x1cac \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
17:55:47.0697 0x1cac KLMD registered as C:\Windows\system32\drivers\43791328.sys
17:55:57.0050 0x12b8 Deinitialize success
|
|
02.09.2014, 11:19
| #18 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Und das FRST
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Lukas (administrator) on LUKAS-PC on 01-09-2014 18:03:00
Running from C:\Users\Lukas\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgwdsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) F:\Hi-Rez Studios\HiPatchService.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgcsrva.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) F:\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
(LogMeIn, Inc.) F:\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify Ltd) C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sysinternals - www.sysinternals.com) F:\Taskneu\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoccatIsku] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [AVG_UI] => F:\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2680344 2014-08-21] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-180031569-961694194-23704048-1001\...\Run: [Spotify Web Helper] => C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-17] (Spotify Ltd)
IFEO\taskmgr.exe: [Debugger] "F:\TASKNEU\PROCESSEXPLORER\PROCEXP.EXE"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84EBF4972A10CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default
FF DefaultSearchEngine: Startpage (SSL)
FF SelectedSearchEngine: Startpage (SSL)
FF Homepage: https://mysearch.avg.com?cid={0AD14F67-F534-4502-BC19-6CC463CA048D}&mid=0a482b91193847d2af4d6d4c05ea62f3-1da56f1b2d98c9bf287923e5d312cc0311e6d429&lang=de&ds=AVG&coid=avgtbavg&pr=fr&d=2014-08-21 11:21:41&v=3.2.0.14&pid=wtu&sg=&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lukas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @t.garena.com/garenatalk -> F:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\abs@avira.com [2014-08-31]
FF Extension: AVG Web TuneUp - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\avg@toolbar [2014-08-21]
FF Extension: GFACE Experience Plugin - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: YouTube Unblocker - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-21]
FF Extension: YouTube Center - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-10-24]
FF Extension: Flagfox - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: NoScript - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-24]
FF Extension: {b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25} - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25}.xpi [2014-04-19]
FF Extension: SkypeConverter - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{c683a396-4b39-47a4-8598-31b999693be8}.xpi [2014-04-22]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-24]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; F:\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; F:\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 Hamachi2Svc; F:\LogMeIn Hamachi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)
R2 HiPatchService; F:\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-21] ()
R2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-08-21] (AVG Secure Search)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-21] (AVG Technologies)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-04] (DT Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce))
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Administrator\Desktop\Install_Test\MIFcom\Support\pcwiz_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\F:\Garena Plus\Room\safedrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-01 18:03 - 2014-09-01 18:03 - 00020395 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-09-01 17:55 - 2014-09-01 17:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-08-31 21:40 - 2014-08-31 21:41 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Lukas\Desktop\tdsskiller.exe
2014-08-31 17:20 - 2014-08-31 17:20 - 01397992 _____ () C:\Users\Lukas\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 14:52 - 2014-09-01 18:02 - 00000000 ____D () C:\Users\Lukas\Downloads\FRST-OlderVersion
2014-08-31 14:41 - 2014-08-31 14:41 - 00002757 _____ () C:\Users\Lukas\Desktop\FSS.txt
2014-08-31 14:31 - 2014-08-31 14:31 - 00415232 _____ (Farbar) C:\Users\Lukas\Desktop\FSS.exe
2014-08-31 11:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-31 11:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-31 11:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 14:40 - 2014-08-21 14:40 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-21 11:21 - 2014-08-21 17:43 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-21 11:21 - 2014-08-21 16:24 - 00000000 ____D () C:\Users\Lukas\AppData\Local\AVG Web TuneUp
2014-08-21 11:21 - 2014-08-21 11:21 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-08-20 22:48 - 2014-09-01 17:57 - 00001008 _____ () C:\Windows\setupact.log
2014-08-20 22:48 - 2014-08-20 22:48 - 00000826 _____ () C:\Windows\PFRO.log
2014-08-20 22:48 - 2014-08-20 22:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-20 14:34 - 2014-08-20 14:34 - 00854417 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-08-20 14:05 - 2014-08-20 14:05 - 02347384 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2014-08-19 22:56 - 2014-08-19 22:56 - 00000646 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ___HD () C:\$AVG
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:04 - 2014-08-19 22:10 - 00000000 ____D () C:\AdwCleaner
2014-08-19 21:46 - 2014-08-19 22:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-19 21:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-19 21:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:50 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 00:49 - 2014-09-01 11:12 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-19 00:49 - 2014-08-19 00:53 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:08 - 2014-08-19 00:26 - 00000000 ____D () C:\Qoobox
2014-08-19 00:08 - 2014-08-19 00:25 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:07 - 2014-08-18 22:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:33 - 2014-09-01 18:03 - 00000000 ____D () C:\FRST
2014-08-17 18:32 - 2014-09-01 18:02 - 02104832 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 21:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 21:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 21:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 21:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 21:52 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 21:52 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 21:52 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 21:52 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 21:52 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 21:52 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 21:52 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 21:52 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 21:52 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 21:52 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 21:52 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 21:52 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 21:52 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 21:52 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 21:52 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 21:52 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 21:52 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 21:52 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 21:52 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 21:52 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 21:52 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 21:52 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 21:52 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 21:52 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 21:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 21:52 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 21:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 21:51 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 21:51 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-02 23:32 - 2014-08-06 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-02 23:00 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 23:00 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 23:00 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 23:00 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 23:00 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 23:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-01 18:03 - 2014-09-01 18:03 - 00020395 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-09-01 18:03 - 2014-08-17 18:33 - 00000000 ____D () C:\FRST
2014-09-01 18:02 - 2014-08-31 14:52 - 00000000 ____D () C:\Users\Lukas\Downloads\FRST-OlderVersion
2014-09-01 18:02 - 2014-08-17 18:32 - 02104832 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-09-01 18:00 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-01 18:00 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-01 17:57 - 2014-08-20 22:48 - 00001008 _____ () C:\Windows\setupact.log
2014-09-01 17:57 - 2012-12-20 13:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-01 17:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-01 17:57 - 2009-07-14 06:45 - 00309008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 17:56 - 2012-12-20 13:10 - 01183660 _____ () C:\Windows\WindowsUpdate.log
2014-09-01 17:55 - 2014-09-01 17:55 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-01 17:55 - 2012-12-24 01:24 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TS3Client
2014-09-01 11:12 - 2014-08-19 00:49 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-01 11:07 - 2013-09-13 00:11 - 00000000 ____D () C:\Users\Lukas\Desktop\Herunterfahren
2014-08-31 23:28 - 2014-04-09 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Nitro PDF
2014-08-31 21:41 - 2014-08-31 21:40 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Lukas\Desktop\tdsskiller.exe
2014-08-31 21:39 - 2013-01-24 18:08 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-08-31 17:53 - 2013-08-15 17:30 - 00000000 ____D () C:\ProgramData\Origin
2014-08-31 17:52 - 2012-12-22 00:43 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-31 17:29 - 2013-01-31 17:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Spotify
2014-08-31 17:21 - 2012-12-22 00:43 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-31 17:21 - 2012-12-22 00:43 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-31 17:20 - 2014-08-31 17:20 - 01397992 _____ () C:\Users\Lukas\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 17:20 - 2013-08-23 12:57 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-31 17:06 - 2013-01-31 17:42 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Spotify
2014-08-31 14:41 - 2014-08-31 14:41 - 00002757 _____ () C:\Users\Lukas\Desktop\FSS.txt
2014-08-31 14:31 - 2014-08-31 14:31 - 00415232 _____ (Farbar) C:\Users\Lukas\Desktop\FSS.exe
2014-08-31 13:56 - 2012-12-21 21:10 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-23 04:07 - 2014-08-31 11:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-31 11:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-31 11:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 22:37 - 2012-12-24 18:33 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-08-22 22:37 - 2012-12-24 18:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-22 20:15 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Game Dev Tycoon - Steam
2014-08-21 23:33 - 2012-12-22 00:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-21 17:43 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-21 16:24 - 2014-08-21 11:21 - 00000000 ____D () C:\Users\Lukas\AppData\Local\AVG Web TuneUp
2014-08-21 14:40 - 2014-08-21 14:40 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-21 14:40 - 2013-10-28 14:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-21 14:40 - 2013-06-23 02:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 11:21 - 2014-08-21 11:21 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-08-21 11:21 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-20 22:52 - 2012-12-20 13:04 - 00000000 ____D () C:\Windows\Panther
2014-08-20 22:48 - 2014-08-20 22:48 - 00000826 _____ () C:\Windows\PFRO.log
2014-08-20 22:48 - 2014-08-20 22:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-20 18:08 - 2013-12-11 18:59 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-08-20 14:34 - 2014-08-20 14:34 - 00854417 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-08-20 14:05 - 2014-08-20 14:05 - 02347384 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2014-08-19 22:56 - 2014-08-19 22:56 - 00000646 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ___HD () C:\$AVG
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-19 22:56 - 2014-08-19 00:50 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:16 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 22:16 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 22:16 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:10 - 2014-08-19 22:04 - 00000000 ____D () C:\AdwCleaner
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:05 - 2012-12-21 19:36 - 00000000 ____D () C:\Users\Lukas
2014-08-19 22:00 - 2014-08-19 21:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 21:19 - 2012-12-24 01:19 - 00000000 ___RD () C:\Users\Lukas\Desktop\Spiele
2014-08-19 21:18 - 2013-01-06 00:40 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Apps\2.0
2014-08-19 00:53 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:26 - 2014-08-19 00:08 - 00000000 ____D () C:\Qoobox
2014-08-19 00:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-19 00:25 - 2014-08-19 00:08 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-19 00:10 - 2014-01-02 22:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 22:19 - 2014-08-18 20:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-18 18:46 - 2013-06-18 17:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-18 16:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 18:16 - 2014-01-07 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-17 17:59 - 2013-06-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:58 - 2013-07-24 11:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 21:56 - 2012-12-21 20:07 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 16:10 - 2012-12-21 20:02 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 16:10 - 2012-12-21 20:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-12 18:37 - 2012-12-21 21:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 20:58 - 2012-12-27 22:06 - 00000000 ____D () C:\Users\Lukas\Documents\My Games
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-06 15:14 - 2014-08-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
Files to move or delete:
====================
C:\Users\Lukas\jagex_cl_runescape_LIVE.dat
C:\Users\Lukas\random.dat
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\install_flashplayer14x32axau_mssa_aaa_aih.exe
C:\Users\Lukas\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
C:\Users\Lukas\AppData\Local\Temp\{F280A06E-0FA8-4596-9171-61525725C521}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-01 15:40
==================== End Of Log ============================
--- --- --- Es öffnen sich jetzt auch keine Internetexplorer mehr im Hintergrund  |
|
03.09.2014, 08:06
| #19 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im Hintergrund Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig  Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.09.2014, 13:20
| #20 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Hier ist der Log und danke für die Hilfe  Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-08-2014 02
Ran by Lukas at 2014-09-03 14:17:01 Run:1
Running from C:\Users\Lukas\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
*****************
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" => Value not found.
==== End of Fixlog ====
Geändert von Sctman (03.09.2014 um 13:26 Uhr) |
|
03.09.2014, 20:55
| #21 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im Hintergrund Gern Geschehen
__________________ --> Internetexplorer öffnet mehrere prozesse im Hintergrund |
|
Linear-Darstellung
