Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: DHL Fake Email - Phishing Link leider angeklickt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.03.2015, 21:47   #1
Battleknabe
 
DHL Fake Email - Phishing Link leider angeklickt - Standard

DHL Fake Email - Phishing Link leider angeklickt



Hallo Leute,

ich hab im halbschlaf und einer erwarteten Bestellung zufolge blöderweise den Fake DHL Link angeklickt.

Ich hab dann auch Virusfehlermeldungen bekommen, die vom Avira Anti Vir entdeckt wurden. Malwares Anti Malware hatte auch was entdeckt.

FRST checks sind bereits ausgeführt und angehängt. Könnt ihr mir weiterhelfen? Was ist als nächstes zu tun?

Grüße

Battleknabe

-----------------------------------------------------------------------------------------

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 02.03.2015
Suchlauf-Zeit: 22:32:18
Logdatei:
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.03.02.06
Rootkit Datenbank: v2015.02.25.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Battleknabe

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 331407
Verstrichene Zeit: 7 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 1
Riskware.Vmdetector, C:\Users\Battleknabe\AppData\Local\Temp\nsaE023.tmp\InstallManager.exe, In Quarantäne, [f3cb76ca96f4053102cfb50a14f148b8],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

-----------------------------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Battleknabe (administrator) on BATTLESTATION on 05-03-2015 19:17:28
Running from C:\Users\Battleknabe\Desktop
Loaded Profiles: Battleknabe (Available profiles: Battleknabe)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avguard.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTSVCCDA.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WpsSupplicant.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
() C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) D:\Avira\AntiVir Desktop\avshadow.exe
(Piriform Ltd) D:\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) D:\Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAX] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [avgnt] => D:\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2197800 2014-02-17] (Palit Microsystems Ltd.)
HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\...\Run: [CCleaner Monitoring] => D:\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\...\Run: [CTSyncU.exe] => C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe [868352 2007-05-30] ()
HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\...\MountPoints2: {9b1c97fa-3d40-11e4-8c3f-806e6f6e6963} - F:\setup.exe /AUTORUN
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKU\S-1-5-21-1896363407-2378880804-2642663278-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1896363407-2378880804-2642663278-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D021115-A510D0E105D5B4CC49CF&form=CONBDF&conlogo=CT3330941&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1896363407-2378880804-2642663278-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = https://www.google.de/search?q={searchTerms}
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Battleknabe\AppData\Roaming\Mozilla\Firefox\Profiles\oi8tkkux.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> D:\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> D:\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> D:\AdobeReader\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Extension: Avira Browser Safety - C:\Users\Battleknabe\AppData\Roaming\Mozilla\Firefox\Profiles\oi8tkkux.default\Extensions\abs@avira.com [2015-02-02]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Battleknabe\AppData\Roaming\Mozilla\Firefox\Profiles\oi8tkkux.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-10-09]
FF Extension: NoScript - C:\Users\Battleknabe\AppData\Roaming\Mozilla\Firefox\Profiles\oi8tkkux.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-09]
FF Extension: Adblock Plus - C:\Users\Battleknabe\AppData\Roaming\Mozilla\Firefox\Profiles\oi8tkkux.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-09]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-11]
StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; D:\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 Creative Service for CDROM Access; C:\Windows\SysWOW64\CTsvcCDA.exe [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
S3 jswpsapi; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [954368 2013-01-22] (Wireless) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WpsSupplicant; C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WpsSupplicant.exe [61440 2013-01-22] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [104448 2012-05-10] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [221184 2012-05-10] (Renesas Electronics Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 19:17 - 2015-03-05 19:17 - 00015237 _____ () C:\Users\Battleknabe\Desktop\FRST.txt
2015-03-05 19:16 - 2015-03-05 19:16 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Battleknabe\Desktop\mbar-1.09.1.1004.exe
2015-03-05 19:15 - 2015-03-05 19:15 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Battleknabe\Desktop\tdsskiller.exe
2015-03-05 18:41 - 2015-03-05 19:17 - 00000000 ____D () C:\FRST
2015-03-05 18:36 - 2015-03-05 18:36 - 02092544 _____ (Farbar) C:\Users\Battleknabe\Desktop\FRST64.exe
2015-03-05 18:11 - 2015-03-05 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 18:11 - 2015-03-05 18:11 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-28 20:15 - 2015-02-28 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-28 20:15 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-28 20:15 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-28 20:14 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-28 20:12 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-28 20:12 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-28 20:12 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-28 20:12 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-28 20:12 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-28 20:12 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-28 20:12 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-28 20:12 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-22 10:42 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-22 10:42 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-22 10:42 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-22 10:42 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-22 10:42 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-22 10:42 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-22 10:42 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-22 10:42 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-22 10:42 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-22 10:42 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-22 10:42 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-22 10:42 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-22 10:42 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-22 10:42 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-22 10:42 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-22 10:42 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-22 10:42 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-22 10:42 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-22 10:42 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-22 10:42 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-22 10:42 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-22 10:42 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-22 10:42 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-22 10:42 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-22 10:42 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-22 10:42 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-22 10:42 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-22 10:42 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-22 10:42 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-22 10:42 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-22 10:42 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-22 10:42 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-22 10:42 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-22 10:42 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-22 10:42 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-22 10:42 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-22 10:42 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-22 10:42 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-22 10:42 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-22 10:42 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-22 10:42 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-22 10:42 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-22 10:42 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-22 10:42 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-22 10:42 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-22 10:42 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-22 10:42 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-22 10:42 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-22 10:42 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-22 10:42 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-22 10:42 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-22 10:42 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-22 10:42 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-22 10:42 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-22 10:42 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-22 10:42 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-22 10:42 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-22 10:42 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-22 10:42 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-22 10:42 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-22 10:42 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-22 10:42 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-22 10:42 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-22 10:42 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-22 10:42 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-22 10:42 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-22 10:42 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-22 10:42 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-22 10:42 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-22 10:42 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-22 10:42 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-22 10:42 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-22 10:42 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-22 10:42 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-22 10:42 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-22 10:42 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-22 10:42 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-22 10:42 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-22 10:42 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-22 10:42 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-22 10:42 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-22 10:42 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-22 10:42 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-22 10:42 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-22 10:42 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-22 10:42 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-22 10:42 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-22 10:42 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-22 10:42 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-22 10:42 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-22 10:42 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-22 10:42 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-22 10:42 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-22 10:42 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-22 10:42 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-22 10:42 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-22 10:42 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-22 10:42 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-22 10:42 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-22 10:42 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-22 10:42 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-22 10:42 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-22 10:42 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-22 10:41 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-20 01:18 - 2015-02-20 01:18 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 17253848 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-20 01:18 - 2015-02-20 01:18 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00399504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00345744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-02-20 01:18 - 2015-02-20 01:18 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-20 01:18 - 2015-02-20 01:18 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-02-11 21:10 - 2015-02-11 21:10 - 00000000 ____D () C:\Users\Battleknabe\AppData\Roaming\PDF Architect 2
2015-02-11 21:10 - 2015-02-11 21:10 - 00000000 ____D () C:\Users\Battleknabe\AppData\Local\PDFCreator
2015-02-11 21:09 - 2015-02-11 21:09 - 00001017 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk
2015-02-11 21:08 - 2015-02-11 21:09 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2
2015-02-11 21:08 - 2015-02-11 21:08 - 00000000 ____D () C:\Users\Battleknabe\Documents\PDF Architect 2
2015-02-11 21:08 - 2015-02-11 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2015-02-11 21:07 - 2015-02-11 21:07 - 00114872 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-02-11 21:07 - 2015-02-11 21:07 - 00005152 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2015-02-11 21:07 - 2015-02-11 21:07 - 00002848 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-02-11 21:07 - 2015-02-11 21:07 - 00002848 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-02-11 21:07 - 2015-02-11 21:07 - 00000569 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-02-11 21:07 - 2015-02-11 21:07 - 00000000 ____D () C:\Users\Battleknabe\AppData\Roaming\pdfforge
2015-02-11 21:07 - 2015-02-11 21:07 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2015-02-11 21:07 - 2015-02-11 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-02-11 21:07 - 2015-01-23 06:39 - 00378832 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-02-11 21:07 - 2015-01-23 06:39 - 00332216 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 19:03 - 2014-10-07 13:32 - 01984581 _____ () C:\Windows\WindowsUpdate.log
2015-03-05 18:43 - 2014-12-22 23:32 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-05 18:36 - 2014-10-09 19:26 - 00000000 ____D () C:\Users\Battleknabe\AppData\Roaming\PlayCatanClient
2015-03-05 18:20 - 2014-10-29 22:20 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {8E6AB9F5-05EA-4C0D-8613-8FFDA372E41F}.job
2015-03-05 18:19 - 2014-10-29 22:19 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {8E6AB9F5-05EA-4C0D-8613-8FFDA372E41F}.job
2015-03-05 18:17 - 2014-10-07 13:28 - 00015216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-05 18:17 - 2014-10-07 13:28 - 00015216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 18:16 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-03-05 18:16 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-03-05 18:16 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-05 18:11 - 2014-10-09 21:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 18:10 - 2014-12-22 23:32 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-05 18:10 - 2014-10-09 21:24 - 05269761 _____ () C:\Windows\setupact.log
2015-03-05 18:10 - 2014-10-07 17:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-05 18:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-04 22:50 - 2014-10-09 23:26 - 00000000 ____D () C:\Users\Battleknabe\AppData\Roaming\vlc
2015-03-04 22:26 - 2014-10-10 21:21 - 00364902 _____ () C:\Windows\PFRO.log
2015-03-02 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-03-02 22:32 - 2014-11-06 16:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-02 22:31 - 2014-11-06 16:45 - 00000622 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-02 22:31 - 2014-11-06 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-01 14:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-28 21:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-28 20:14 - 2014-10-07 17:07 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-02-22 18:20 - 2014-10-09 21:24 - 00286136 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-22 10:45 - 2014-10-12 14:43 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-22 10:43 - 2014-10-12 14:43 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-20 01:18 - 2014-10-07 17:36 - 18575880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-02-20 01:18 - 2014-10-07 17:36 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-02-20 01:18 - 2014-10-07 17:07 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-02-20 01:18 - 2014-10-07 17:07 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-02-20 01:18 - 2014-10-07 17:07 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-02-20 01:18 - 2014-10-07 17:05 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-02-20 01:18 - 2014-10-07 17:05 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-20 01:18 - 2014-10-07 17:04 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-02-20 01:18 - 2014-10-07 17:04 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-02-14 16:10 - 2014-10-07 13:28 - 00000000 ____D () C:\Users\Battleknabe
2015-02-14 16:10 - 2014-09-16 22:41 - 00000000 ____D () C:\Users\Battleknabe\AppData\Local\VirtualStore
2015-02-09 19:17 - 2014-10-09 18:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-09 19:17 - 2014-10-09 18:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-08 11:37 - 2014-12-22 23:32 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-08 11:37 - 2014-12-22 23:32 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-07 20:09 - 2015-01-02 22:32 - 00000920 _____ () C:\Users\Battleknabe\Desktop\Dune Legacy - Verknüpfung.lnk
2015-02-05 20:07 - 2014-10-07 17:08 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-02-05 20:07 - 2014-10-07 17:08 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-02-05 20:07 - 2014-10-07 17:08 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-02-05 20:07 - 2014-10-07 17:08 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-02-05 20:07 - 2014-10-07 17:08 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-02-05 20:06 - 2014-10-07 17:08 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-02-05 13:50 - 2014-10-07 17:08 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin

Some content of TEMP:
====================
C:\Users\Battleknabe\AppData\Local\Temp\avgnt.exe
C:\Users\Battleknabe\AppData\Local\Temp\CTPBSEQ.EXE
C:\Users\Battleknabe\AppData\Local\Temp\FileSystemView.dll
C:\Users\Battleknabe\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Battleknabe\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Battleknabe\AppData\Local\Temp\SpOrder.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-26 20:53

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Battleknabe at 2015-03-05 19:17:53
Running from C:\Users\Battleknabe\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
ANNO 1503 GOLD (HKLM-x32\...\{DB833EF9-A198-49BE-970A-BD46F30BFBB4}) (Version: 1.05.00 - )
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Castle of Illusion (HKLM-x32\...\Steam App 227600) (Version: - SEGA Studios Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: - )
Creative ZEN V Series (R2) (HKLM-x32\...\{E7F56612-69F7-4F85-AD0B-B04B1C5BC3BD}) (Version: 1.0 - )
Creative-Manager für Wechseldatenträger (HKLM-x32\...\Creative Removable Disk Manager) (Version: - )
Creative-Systeminformationen (HKLM-x32\...\SysInfo) (Version: - )
Druckerdeinstallation für EPSON XP-312 313 315 Series (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version: - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.10.5.3 - Marvell)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Firefox 35.0.1 (x86 de) (HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
PlayCatan Zugangssoftware (HKLM-x32\...\PlayCatan Client) (Version: 3.1148 - Catan GmbH)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.20.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.20.0 - Renesas Electronics Corporation) Hidden
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6585 - Analog Devices)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Thunder Master v2.1 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.1.0.2 - Palit Microsystems Ltd.)
TP-LINK TL-WN881ND Driver (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

28-02-2015 20:13:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {067C62B1-C267-4AA9-9AA4-E00CC91C4A03} - System32\Tasks\{DDDC9EB8-8C7B-4A8F-9694-F9A698603FB8} => pcalua.exe -a C:\Users\Battleknabe\AppData\Local\Temp\Temp1_SoundMAX2000B_Audio_V610X6585_Windows7.zip\SoundMAX2000B_Audio_V610X6585_Windows7\AsusSetup.exe
Task: {0AE1CFF2-3353-4529-B920-C0B9E35017AB} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {8E6AB9F5-05EA-4C0D-8613-8FFDA372E41F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {104CF8B1-A4CA-4D1F-BA4A-E67857F7BBBD} - System32\Tasks\CCleanerSkipUAC => D:\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {440DE437-B943-4BA7-B5DD-4248847F6C4D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-22] (Google Inc.)
Task: {64656EE7-A41D-4E25-A68C-1CDB9588487C} - System32\Tasks\EPSON XP-312 313 315 Series Update {8E6AB9F5-05EA-4C0D-8613-8FFDA372E41F} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {6C01EDF3-9BB3-4374-B80F-2FD8484F6F55} - System32\Tasks\{87F98AA4-BC0F-4602-A3F7-7E05AD13FF23} => pcalua.exe -a C:\Users\Battleknabe\AppData\Local\Temp\Temp1_MarvellYukon_Ethernet_V111053_Windows7.zip\MarvellYukon_Ethernet_V111053_Windows7\AsusSetup.exe
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {8DDE5430-B507-42C6-960E-FA7A1879A4F6} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2014-02-17] (Palit Microsystems Ltd.)
Task: {CDA09C1B-57F2-4831-99CC-CBF31D311E67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-22] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {8E6AB9F5-05EA-4C0D-8613-8FFDA372E41F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {8E6AB9F5-05EA-4C0D-8613-8FFDA372E41F}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{8E6AB9F5-05EA-4C0D-8613-8FFDA372E41F} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-10-07 17:08 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-07 12:51 - 2013-01-22 13:40 - 00061440 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WpsSupplicant.exe
2014-12-21 14:55 - 2007-05-30 13:52 - 00868352 ____N () C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
2014-10-07 12:51 - 2013-04-09 10:05 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-11-22 01:03 - 2014-11-22 01:03 - 00053248 _____ () D:\CCleaner\lang\lang-1031.dll
2014-12-21 14:55 - 2007-03-29 10:49 - 00192512 ____N () C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncRs.crl
2014-10-07 12:51 - 2013-01-22 13:40 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-10-07 12:51 - 2013-04-02 12:41 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2014-10-07 12:51 - 2013-05-07 10:16 - 00138752 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF.dll
2014-10-07 12:51 - 2013-05-07 10:16 - 00115712 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJWF\WJWF_WPS_WIN7.DLL
2015-01-26 22:30 - 2015-01-26 22:30 - 03925104 _____ () D:\Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1896363407-2378880804-2642663278-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Battleknabe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-1896363407-2378880804-2642663278-500 - Administrator - Disabled)
Battleknabe (S-1-5-21-1896363407-2378880804-2642663278-1000 - Administrator - Enabled) => C:\Users\Battleknabe
Gast (S-1-5-21-1896363407-2378880804-2642663278-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1896363407-2378880804-2642663278-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2015 06:12:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 10:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xdf4
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (03/04/2015 10:40:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xa44
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (03/04/2015 10:40:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x994
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (03/04/2015 10:28:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2015 11:09:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2015 08:17:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2015 08:13:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2015 11:34:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2015 11:52:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm EXCEL.EXE, Version 10.0.2614.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14d4

Startzeit: 01d0540d950a40be

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE

Berichts-ID: 1b4fc919-c001-11e4-853c-00221514fabf


System errors:
=============
Error: (02/11/2015 09:33:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "LavasoftTcpService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/07/2015 10:30:43 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/21/2014 02:32:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst wuauserv erreicht.

Error: (12/21/2014 02:31:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Appinfo erreicht.

Error: (12/21/2014 02:31:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (12/21/2014 02:30:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.

Error: (12/21/2014 02:30:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (12/21/2014 02:29:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (12/21/2014 02:29:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Anwendungserfahrung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/21/2014 02:29:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AeLookupSvc erreicht.


Microsoft Office Sessions:
=========================
Error: (03/05/2015 06:12:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/04/2015 10:50:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4df401d056c4f86fe82dD:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll8986091e-c2b8-11e4-8ebf-00221514fabf

Error: (03/04/2015 10:40:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4a4401d056c3d15702b0D:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll1063258b-c2b7-11e4-8ebf-00221514fabf

Error: (03/04/2015 10:40:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.5.000000000ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e499401d056c2e4f518d4D:\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll0881f637-c2b7-11e4-8ebf-00221514fabf

Error: (03/04/2015 10:28:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2015 11:09:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2015 08:17:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2015 08:13:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2015 11:34:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2015 11:52:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: EXCEL.EXE10.0.2614.014d401d0540d950a40be10C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE1b4fc919-c001-11e4-853c-00221514fabf


CodeIntegrity Errors:
===================================
Date: 2014-10-07 14:09:58.142
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:58.126
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:58.111
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:58.080
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:58.064
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:34.680
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:34.664
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:34.648
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:34.617
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-10-07 14:09:34.602
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 36%
Total physical RAM: 4095.04 MB
Available physical RAM: 2595.16 MB
Total Pagefile: 8188.27 MB
Available Pagefile: 6273.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:58.59 GB) (Free:25.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Programme) (Fixed) (Total:179.88 GB) (Free:171.19 GB) NTFS
Drive e: (Datenspeicher (DDR1)) (Fixed) (Total:149.05 GB) (Free:71.73 GB) NTFS
Drive f: (NEU) (CDROM) (Total:0.43 GB) (Free:0 GB) CDFS
Drive h: (USB-HDD) (Fixed) (Total:298.02 GB) (Free:34.91 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 8BE2DFA9)
Partition 1: (Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=179.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: E838E838)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 298.1 GB) (Disk ID: 09EBFBBD)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)

==================== End Of Log ============================

Alt 05.03.2015, 22:00   #2
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Fake Email - Phishing Link leider angeklickt - Standard

DHL Fake Email - Phishing Link leider angeklickt



Hi,

Logs bitte immer in codetags posten.

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 07.03.2015, 16:30   #3
Battleknabe
 
DHL Fake Email - Phishing Link leider angeklickt - Standard

DHL Fake Email - Phishing Link leider angeklickt



Danke für die Antwort, jetzt hab ich die Zeit gefunden. TDSKiller ist ohne Fund durchgelaufen. Gibt es noch was zu tun oder ist damit alles klar?

HTML-Code:
16:17:56.0911 0x0350  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:18:03.0653 0x0350  ============================================================
16:18:03.0653 0x0350  Current date / time: 2015/03/07 16:18:03.0653
16:18:03.0653 0x0350  SystemInfo:
16:18:03.0653 0x0350  
16:18:03.0653 0x0350  OS Version: 6.1.7601 ServicePack: 1.0
16:18:03.0653 0x0350  Product type: Workstation
16:18:03.0653 0x0350  ComputerName: BATTLESTATION
16:18:03.0653 0x0350  UserName: Battleknabe
16:18:03.0653 0x0350  Windows directory: C:\Windows
16:18:03.0653 0x0350  System windows directory: C:\Windows
16:18:03.0653 0x0350  Running under WOW64
16:18:03.0653 0x0350  Processor architecture: Intel x64
16:18:03.0653 0x0350  Number of processors: 2
16:18:03.0653 0x0350  Page size: 0x1000
16:18:03.0653 0x0350  Boot type: Normal boot
16:18:03.0653 0x0350  ============================================================
16:18:03.0865 0x0350  KLMD registered as C:\Windows\system32\drivers\00396154.sys
16:18:03.0945 0x0350  System UUID: {2DE1EDE4-A5E4-09B7-7E0D-473131B7BFEC}
16:18:04.0285 0x0350  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:18:04.0285 0x0350  Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:18:04.0285 0x0350  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:18:04.0585 0x0350  Drive \Device\Harddisk3\DR3 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:18:04.0965 0x0350  ============================================================
16:18:04.0965 0x0350  \Device\Harddisk0\DR0:
16:18:04.0965 0x0350  MBR partitions:
16:18:04.0965 0x0350  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7530000
16:18:04.0965 0x0350  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7530800, BlocksNum 0x167C2000
16:18:04.0965 0x0350  \Device\Harddisk1\DR1:
16:18:04.0975 0x0350  MBR partitions:
16:18:04.0975 0x0350  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
16:18:04.0975 0x0350  \Device\Harddisk2\DR2:
16:18:04.0975 0x0350  MBR partitions:
16:18:04.0975 0x0350  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74706D71
16:18:04.0975 0x0350  \Device\Harddisk3\DR3:
16:18:04.0975 0x0350  MBR partitions:
16:18:04.0975 0x0350  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682
16:18:04.0975 0x0350  ============================================================
16:18:04.0975 0x0350  C: <-> \Device\Harddisk0\DR0\Partition1
16:18:04.0975 0x0350  D: <-> \Device\Harddisk0\DR0\Partition2
16:18:04.0985 0x0350  E: <-> \Device\Harddisk1\DR1\Partition1
16:18:04.0985 0x0350  H: <-> \Device\Harddisk3\DR3\Partition1
16:18:05.0035 0x0350  I: <-> \Device\Harddisk2\DR2\Partition1
16:18:05.0035 0x0350  ============================================================
16:18:05.0035 0x0350  Initialize success
16:18:05.0035 0x0350  ============================================================
16:18:44.0493 0x0ef4  ============================================================
16:18:44.0493 0x0ef4  Scan started
16:18:44.0493 0x0ef4  Mode: Manual; SigCheck; TDLFS; 
16:18:44.0493 0x0ef4  ============================================================
16:18:44.0493 0x0ef4  KSN ping started
16:18:58.0143 0x0ef4  KSN ping finished: true
16:18:58.0403 0x0ef4  ================ Scan system memory ========================
16:18:58.0403 0x0ef4  System memory - ok
16:18:58.0403 0x0ef4  ================ Scan services =============================
16:18:58.0463 0x0ef4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:18:58.0513 0x0ef4  1394ohci - ok
16:18:58.0523 0x0ef4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:18:58.0543 0x0ef4  ACPI - ok
16:18:58.0543 0x0ef4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:18:58.0573 0x0ef4  AcpiPmi - ok
16:18:58.0583 0x0ef4  [ 1C090E86AFD15231377AD37436C3C719, 7C8C679ADB7AF0A965508012C4F3F2FA68D0BFE0E04941B94693D94DB0931B53 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
16:18:58.0613 0x0ef4  ADIHdAudAddService - ok
16:18:58.0623 0x0ef4  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:18:58.0633 0x0ef4  AdobeARMservice - ok
16:18:58.0653 0x0ef4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:18:58.0683 0x0ef4  adp94xx - ok
16:18:58.0703 0x0ef4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:18:58.0728 0x0ef4  adpahci - ok
16:18:58.0735 0x0ef4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:18:58.0745 0x0ef4  adpu320 - ok
16:18:58.0755 0x0ef4  [ 3BDB13C79CC8C06E2F8182595903ED69, 9E00D6649E862DE6812718B091C350E05A2C5C4D28DE8E05E3DD1F789A04EE96 ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE
16:18:58.0775 0x0ef4  AEADIFilters - ok
16:18:58.0775 0x0ef4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:18:58.0845 0x0ef4  AeLookupSvc - ok
16:18:58.0855 0x0ef4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:18:58.0885 0x0ef4  AFD - ok
16:18:58.0895 0x0ef4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:18:58.0915 0x0ef4  agp440 - ok
16:18:58.0915 0x0ef4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:18:58.0935 0x0ef4  ALG - ok
16:18:58.0935 0x0ef4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:18:58.0945 0x0ef4  aliide - ok
16:18:58.0955 0x0ef4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:18:58.0965 0x0ef4  amdide - ok
16:18:58.0965 0x0ef4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:18:58.0985 0x0ef4  AmdK8 - ok
16:18:58.0995 0x0ef4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:18:59.0005 0x0ef4  AmdPPM - ok
16:18:59.0015 0x0ef4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:18:59.0035 0x0ef4  amdsata - ok
16:18:59.0035 0x0ef4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:18:59.0055 0x0ef4  amdsbs - ok
16:18:59.0065 0x0ef4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:18:59.0075 0x0ef4  amdxata - ok
16:18:59.0085 0x0ef4  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService D:\Avira\AntiVir Desktop\sched.exe
16:18:59.0115 0x0ef4  AntiVirSchedulerService - ok
16:18:59.0125 0x0ef4  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService  D:\Avira\AntiVir Desktop\avguard.exe
16:18:59.0145 0x0ef4  AntiVirService - ok
16:18:59.0145 0x0ef4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:18:59.0215 0x0ef4  AppID - ok
16:18:59.0225 0x0ef4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:18:59.0255 0x0ef4  AppIDSvc - ok
16:18:59.0255 0x0ef4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:18:59.0275 0x0ef4  Appinfo - ok
16:18:59.0285 0x0ef4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:18:59.0295 0x0ef4  arc - ok
16:18:59.0305 0x0ef4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:18:59.0315 0x0ef4  arcsas - ok
16:18:59.0335 0x0ef4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:18:59.0345 0x0ef4  aspnet_state - ok
16:18:59.0355 0x0ef4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:18:59.0385 0x0ef4  AsyncMac - ok
16:18:59.0395 0x0ef4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:18:59.0405 0x0ef4  atapi - ok
16:18:59.0457 0x0ef4  [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:18:59.0509 0x0ef4  athr - ok
16:18:59.0529 0x0ef4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:18:59.0559 0x0ef4  AudioEndpointBuilder - ok
16:18:59.0579 0x0ef4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:18:59.0599 0x0ef4  AudioSrv - ok
16:18:59.0609 0x0ef4  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:18:59.0821 0x0ef4  avgntflt - ok
16:18:59.0831 0x0ef4  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:18:59.0841 0x0ef4  avipbb - ok
16:18:59.0851 0x0ef4  [ ABDAEBEB09E98D13D765A0C57F3FAF88, F9E5F9A13E983BEAF32FA53736FB188280AAA44740696DFB95B8C10E8FEA466D ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
16:18:59.0861 0x0ef4  Avira.OE.ServiceHost - ok
16:18:59.0871 0x0ef4  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:18:59.0881 0x0ef4  avkmgr - ok
16:18:59.0891 0x0ef4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:18:59.0911 0x0ef4  AxInstSV - ok
16:18:59.0921 0x0ef4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:18:59.0951 0x0ef4  b06bdrv - ok
16:18:59.0961 0x0ef4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:18:59.0981 0x0ef4  b57nd60a - ok
16:18:59.0991 0x0ef4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:19:00.0011 0x0ef4  BDESVC - ok
16:19:00.0021 0x0ef4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:19:00.0051 0x0ef4  Beep - ok
16:19:00.0071 0x0ef4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:19:00.0101 0x0ef4  BFE - ok
16:19:00.0121 0x0ef4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:19:00.0171 0x0ef4  BITS - ok
16:19:00.0171 0x0ef4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:19:00.0191 0x0ef4  blbdrive - ok
16:19:00.0201 0x0ef4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:19:00.0221 0x0ef4  bowser - ok
16:19:00.0221 0x0ef4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:19:00.0241 0x0ef4  BrFiltLo - ok
16:19:00.0251 0x0ef4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:19:00.0271 0x0ef4  BrFiltUp - ok
16:19:00.0271 0x0ef4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:19:00.0301 0x0ef4  Browser - ok
16:19:00.0311 0x0ef4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:19:00.0341 0x0ef4  Brserid - ok
16:19:00.0341 0x0ef4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:19:00.0361 0x0ef4  BrSerWdm - ok
16:19:00.0361 0x0ef4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:19:00.0397 0x0ef4  BrUsbMdm - ok
16:19:00.0400 0x0ef4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:19:00.0420 0x0ef4  BrUsbSer - ok
16:19:00.0426 0x0ef4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:19:00.0494 0x0ef4  BTHMODEM - ok
16:19:00.0506 0x0ef4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:19:00.0553 0x0ef4  bthserv - ok
16:19:00.0553 0x0ef4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:19:00.0593 0x0ef4  cdfs - ok
16:19:00.0593 0x0ef4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:19:00.0633 0x0ef4  cdrom - ok
16:19:00.0639 0x0ef4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:19:00.0680 0x0ef4  CertPropSvc - ok
16:19:00.0684 0x0ef4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:19:00.0716 0x0ef4  circlass - ok
16:19:00.0727 0x0ef4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:19:00.0755 0x0ef4  CLFS - ok
16:19:00.0765 0x0ef4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:19:00.0785 0x0ef4  clr_optimization_v2.0.50727_32 - ok
16:19:00.0795 0x0ef4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:19:00.0805 0x0ef4  clr_optimization_v2.0.50727_64 - ok
16:19:00.0824 0x0ef4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:19:00.0837 0x0ef4  clr_optimization_v4.0.30319_32 - ok
16:19:00.0837 0x0ef4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:19:00.0847 0x0ef4  clr_optimization_v4.0.30319_64 - ok
16:19:00.0857 0x0ef4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:19:00.0867 0x0ef4  CmBatt - ok
16:19:00.0877 0x0ef4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:19:00.0887 0x0ef4  cmdide - ok
16:19:00.0897 0x0ef4  [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:19:00.0937 0x0ef4  CNG - ok
16:19:00.0937 0x0ef4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:19:00.0960 0x0ef4  Compbatt - ok
16:19:00.0964 0x0ef4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:19:00.0979 0x0ef4  CompositeBus - ok
16:19:00.0979 0x0ef4  COMSysApp - ok
16:19:00.0979 0x0ef4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:19:00.0999 0x0ef4  crcdisk - ok
16:19:01.0019 0x0ef4  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\Windows\SysWOW64\CTsvcCDA.exe
16:19:01.0029 0x0ef4  Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic ( 1 )
16:19:03.0689 0x0ef4  Detect skipped due to KSN trusted
16:19:03.0689 0x0ef4  Creative Service for CDROM Access - ok
16:19:03.0699 0x0ef4  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:19:03.0719 0x0ef4  CryptSvc - ok
16:19:03.0729 0x0ef4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:19:03.0769 0x0ef4  DcomLaunch - ok
16:19:03.0779 0x0ef4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:19:03.0819 0x0ef4  defragsvc - ok
16:19:03.0829 0x0ef4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:19:03.0859 0x0ef4  DfsC - ok
16:19:03.0869 0x0ef4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:19:03.0899 0x0ef4  Dhcp - ok
16:19:03.0899 0x0ef4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:19:03.0939 0x0ef4  discache - ok
16:19:03.0939 0x0ef4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:19:03.0959 0x0ef4  Disk - ok
16:19:03.0959 0x0ef4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:19:03.0989 0x0ef4  Dnscache - ok
16:19:03.0999 0x0ef4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:19:04.0039 0x0ef4  dot3svc - ok
16:19:04.0039 0x0ef4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:19:04.0069 0x0ef4  DPS - ok
16:19:04.0079 0x0ef4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:19:04.0089 0x0ef4  drmkaud - ok
16:19:04.0119 0x0ef4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:19:04.0149 0x0ef4  DXGKrnl - ok
16:19:04.0159 0x0ef4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:19:04.0189 0x0ef4  EapHost - ok
16:19:04.0259 0x0ef4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:19:04.0349 0x0ef4  ebdrv - ok
16:19:04.0359 0x0ef4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
16:19:04.0379 0x0ef4  EFS - ok
16:19:04.0399 0x0ef4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:19:04.0447 0x0ef4  ehRecvr - ok
16:19:04.0453 0x0ef4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:19:04.0478 0x0ef4  ehSched - ok
16:19:04.0491 0x0ef4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:19:04.0511 0x0ef4  elxstor - ok
16:19:04.0521 0x0ef4  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
16:19:04.0541 0x0ef4  EpsonScanSvc - ok
16:19:04.0541 0x0ef4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:19:04.0551 0x0ef4  ErrDev - ok
16:19:04.0571 0x0ef4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:19:04.0619 0x0ef4  EventSystem - ok
16:19:04.0628 0x0ef4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:19:04.0663 0x0ef4  exfat - ok
16:19:04.0673 0x0ef4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:19:04.0705 0x0ef4  fastfat - ok
16:19:04.0725 0x0ef4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:19:04.0745 0x0ef4  Fax - ok
16:19:04.0755 0x0ef4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:19:04.0765 0x0ef4  fdc - ok
16:19:04.0775 0x0ef4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:19:04.0805 0x0ef4  fdPHost - ok
16:19:04.0805 0x0ef4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:19:04.0845 0x0ef4  FDResPub - ok
16:19:04.0845 0x0ef4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:19:04.0865 0x0ef4  FileInfo - ok
16:19:04.0865 0x0ef4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:19:04.0895 0x0ef4  Filetrace - ok
16:19:04.0905 0x0ef4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:19:04.0915 0x0ef4  flpydisk - ok
16:19:04.0925 0x0ef4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:19:04.0945 0x0ef4  FltMgr - ok
16:19:04.0975 0x0ef4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:19:05.0015 0x0ef4  FontCache - ok
16:19:05.0025 0x0ef4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:19:05.0035 0x0ef4  FontCache3.0.0.0 - ok
16:19:05.0045 0x0ef4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:19:05.0055 0x0ef4  FsDepends - ok
16:19:05.0065 0x0ef4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:19:05.0075 0x0ef4  Fs_Rec - ok
16:19:05.0085 0x0ef4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:19:05.0105 0x0ef4  fvevol - ok
16:19:05.0115 0x0ef4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:19:05.0125 0x0ef4  gagp30kx - ok
16:19:05.0155 0x0ef4  [ C511B8331F7CCB3FD7902958C261CC85, DCF70C551A559A539C3366657EBBAC9A39CEFA916010813FE70D51D7742C0C1B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:19:05.0195 0x0ef4  GfExperienceService - ok
16:19:05.0215 0x0ef4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:19:05.0265 0x0ef4  gpsvc - ok
16:19:05.0275 0x0ef4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:19:05.0285 0x0ef4  gupdate - ok
16:19:05.0285 0x0ef4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:19:05.0295 0x0ef4  gupdatem - ok
16:19:05.0295 0x0ef4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:19:05.0315 0x0ef4  hcw85cir - ok
16:19:05.0325 0x0ef4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:19:05.0355 0x0ef4  HdAudAddService - ok
16:19:05.0355 0x0ef4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:19:05.0375 0x0ef4  HDAudBus - ok
16:19:05.0375 0x0ef4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:19:05.0401 0x0ef4  HidBatt - ok
16:19:05.0407 0x0ef4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:19:05.0428 0x0ef4  HidBth - ok
16:19:05.0435 0x0ef4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:19:05.0457 0x0ef4  HidIr - ok
16:19:05.0467 0x0ef4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:19:05.0513 0x0ef4  hidserv - ok
16:19:05.0517 0x0ef4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:19:05.0529 0x0ef4  HidUsb - ok
16:19:05.0529 0x0ef4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:19:05.0569 0x0ef4  hkmsvc - ok
16:19:05.0579 0x0ef4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:19:05.0599 0x0ef4  HomeGroupListener - ok
16:19:05.0609 0x0ef4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:19:05.0639 0x0ef4  HomeGroupProvider - ok
16:19:05.0649 0x0ef4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:19:05.0668 0x0ef4  HpSAMD - ok
16:19:05.0681 0x0ef4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:19:05.0731 0x0ef4  HTTP - ok
16:19:05.0741 0x0ef4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:19:05.0751 0x0ef4  hwpolicy - ok
16:19:05.0761 0x0ef4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:19:05.0771 0x0ef4  i8042prt - ok
16:19:05.0791 0x0ef4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:19:05.0811 0x0ef4  iaStorV - ok
16:19:05.0831 0x0ef4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:19:05.0871 0x0ef4  idsvc - ok
16:19:05.0881 0x0ef4  IEEtwCollectorService - ok
16:19:05.0881 0x0ef4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:19:05.0901 0x0ef4  iirsp - ok
16:19:05.0921 0x0ef4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:19:05.0951 0x0ef4  IKEEXT - ok
16:19:05.0961 0x0ef4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:19:05.0971 0x0ef4  intelide - ok
16:19:05.0981 0x0ef4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:19:05.0991 0x0ef4  intelppm - ok
16:19:05.0991 0x0ef4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:19:06.0031 0x0ef4  IPBusEnum - ok
16:19:06.0041 0x0ef4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:19:06.0071 0x0ef4  IpFilterDriver - ok
16:19:06.0081 0x0ef4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:19:06.0111 0x0ef4  iphlpsvc - ok
16:19:06.0111 0x0ef4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:19:06.0131 0x0ef4  IPMIDRV - ok
16:19:06.0141 0x0ef4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:19:06.0171 0x0ef4  IPNAT - ok
16:19:06.0171 0x0ef4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:19:06.0201 0x0ef4  IRENUM - ok
16:19:06.0201 0x0ef4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:19:06.0211 0x0ef4  isapnp - ok
16:19:06.0221 0x0ef4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:19:06.0251 0x0ef4  iScsiPrt - ok
16:19:06.0271 0x0ef4  [ E712A6B57943D65AA587655335EF9DAD, 8F3D46C1BA612EA845722B2D7C568BFE3AB00763094AE163EE8B5672D9D3B071 ] jswpsapi        C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe
16:19:06.0311 0x0ef4  jswpsapi - detected UnsignedFile.Multi.Generic ( 1 )
16:19:09.0051 0x0ef4  Detect skipped due to KSN trusted
16:19:09.0051 0x0ef4  jswpsapi - ok
16:19:09.0051 0x0ef4  [ 5BE640E88814B77A9E84B4549B5DCC2C, 2ECF73254D701EFCC135B81EC951A76BCE5E74435521A061B05E9445C8D3C843 ] JSWPSLWF        C:\Windows\system32\DRIVERS\jswpslwfx.sys
16:19:09.0081 0x0ef4  JSWPSLWF - ok
16:19:09.0081 0x0ef4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:19:09.0101 0x0ef4  kbdclass - ok
16:19:09.0101 0x0ef4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:19:09.0121 0x0ef4  kbdhid - ok
16:19:09.0121 0x0ef4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
16:19:09.0131 0x0ef4  KeyIso - ok
16:19:09.0141 0x0ef4  [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:19:09.0151 0x0ef4  KSecDD - ok
16:19:09.0161 0x0ef4  [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:19:09.0181 0x0ef4  KSecPkg - ok
16:19:09.0181 0x0ef4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:19:09.0211 0x0ef4  ksthunk - ok
16:19:09.0221 0x0ef4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:19:09.0271 0x0ef4  KtmRm - ok
16:19:09.0271 0x0ef4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:19:09.0311 0x0ef4  LanmanServer - ok
16:19:09.0321 0x0ef4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:19:09.0361 0x0ef4  LanmanWorkstation - ok
16:19:09.0361 0x0ef4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:19:09.0401 0x0ef4  lltdio - ok
16:19:09.0411 0x0ef4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:19:09.0463 0x0ef4  lltdsvc - ok
16:19:09.0473 0x0ef4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:19:09.0505 0x0ef4  lmhosts - ok
16:19:09.0515 0x0ef4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:19:09.0535 0x0ef4  LSI_FC - ok
16:19:09.0535 0x0ef4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:19:09.0555 0x0ef4  LSI_SAS - ok
16:19:09.0555 0x0ef4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:19:09.0575 0x0ef4  LSI_SAS2 - ok
16:19:09.0585 0x0ef4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:19:09.0605 0x0ef4  LSI_SCSI - ok
16:19:09.0605 0x0ef4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:19:09.0645 0x0ef4  luafv - ok
16:19:09.0655 0x0ef4  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
16:19:09.0685 0x0ef4  LVRS64 - ok
16:19:09.0785 0x0ef4  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
16:19:09.0915 0x0ef4  LVUVC64 - ok
16:19:09.0925 0x0ef4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:19:09.0945 0x0ef4  Mcx2Svc - ok
16:19:09.0955 0x0ef4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:19:09.0965 0x0ef4  megasas - ok
16:19:09.0975 0x0ef4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:19:09.0995 0x0ef4  MegaSR - ok
16:19:10.0005 0x0ef4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:19:10.0035 0x0ef4  MMCSS - ok
16:19:10.0035 0x0ef4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:19:10.0075 0x0ef4  Modem - ok
16:19:10.0075 0x0ef4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:19:10.0085 0x0ef4  monitor - ok
16:19:10.0095 0x0ef4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
16:19:10.0105 0x0ef4  mouclass - ok
16:19:10.0115 0x0ef4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:19:10.0125 0x0ef4  mouhid - ok
16:19:10.0135 0x0ef4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:19:10.0145 0x0ef4  mountmgr - ok
16:19:10.0155 0x0ef4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:19:10.0175 0x0ef4  mpio - ok
16:19:10.0175 0x0ef4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:19:10.0215 0x0ef4  mpsdrv - ok
16:19:10.0225 0x0ef4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:19:10.0285 0x0ef4  MpsSvc - ok
16:19:10.0295 0x0ef4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:19:10.0305 0x0ef4  MRxDAV - ok
16:19:10.0315 0x0ef4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:19:10.0335 0x0ef4  mrxsmb - ok
16:19:10.0345 0x0ef4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:19:10.0365 0x0ef4  mrxsmb10 - ok
16:19:10.0375 0x0ef4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:19:10.0395 0x0ef4  mrxsmb20 - ok
16:19:10.0395 0x0ef4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:19:10.0415 0x0ef4  msahci - ok
16:19:10.0425 0x0ef4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:19:10.0448 0x0ef4  msdsm - ok
16:19:10.0456 0x0ef4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:19:10.0477 0x0ef4  MSDTC - ok
16:19:10.0477 0x0ef4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:19:10.0517 0x0ef4  Msfs - ok
16:19:10.0517 0x0ef4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:19:10.0590 0x0ef4  mshidkmdf - ok
16:19:10.0595 0x0ef4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:19:10.0599 0x0ef4  msisadrv - ok
16:19:10.0609 0x0ef4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:19:10.0649 0x0ef4  MSiSCSI - ok
16:19:10.0659 0x0ef4  msiserver - ok
16:19:10.0669 0x0ef4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:19:10.0702 0x0ef4  MSKSSRV - ok
16:19:10.0707 0x0ef4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:19:10.0731 0x0ef4  MSPCLOCK - ok
16:19:10.0741 0x0ef4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:19:10.0775 0x0ef4  MSPQM - ok
16:19:10.0783 0x0ef4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:19:10.0803 0x0ef4  MsRPC - ok
16:19:10.0813 0x0ef4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:19:10.0823 0x0ef4  mssmbios - ok
16:19:10.0823 0x0ef4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:19:10.0853 0x0ef4  MSTEE - ok
16:19:10.0863 0x0ef4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:19:10.0873 0x0ef4  MTConfig - ok
16:19:10.0873 0x0ef4  [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
16:19:10.0893 0x0ef4  MTsensor - ok
16:19:10.0893 0x0ef4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:19:10.0903 0x0ef4  Mup - ok
16:19:10.0923 0x0ef4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:19:10.0953 0x0ef4  napagent - ok
16:19:10.0963 0x0ef4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:19:11.0003 0x0ef4  NativeWifiP - ok
16:19:11.0023 0x0ef4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:19:11.0053 0x0ef4  NDIS - ok
16:19:11.0053 0x0ef4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:19:11.0083 0x0ef4  NdisCap - ok
16:19:11.0093 0x0ef4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:19:11.0123 0x0ef4  NdisTapi - ok
16:19:11.0123 0x0ef4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:19:11.0163 0x0ef4  Ndisuio - ok
16:19:11.0163 0x0ef4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:19:11.0203 0x0ef4  NdisWan - ok
16:19:11.0213 0x0ef4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:19:11.0243 0x0ef4  NDProxy - ok
16:19:11.0243 0x0ef4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:19:11.0283 0x0ef4  NetBIOS - ok
16:19:11.0293 0x0ef4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:19:11.0333 0x0ef4  NetBT - ok
16:19:11.0333 0x0ef4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
16:19:11.0343 0x0ef4  Netlogon - ok
16:19:11.0363 0x0ef4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:19:11.0403 0x0ef4  Netman - ok
16:19:11.0413 0x0ef4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:19:11.0444 0x0ef4  NetMsmqActivator - ok
16:19:11.0462 0x0ef4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:19:11.0482 0x0ef4  NetPipeActivator - ok
16:19:11.0496 0x0ef4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:19:11.0535 0x0ef4  netprofm - ok
16:19:11.0545 0x0ef4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:19:11.0555 0x0ef4  NetTcpActivator - ok
16:19:11.0555 0x0ef4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:19:11.0575 0x0ef4  NetTcpPortSharing - ok
16:19:11.0585 0x0ef4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:19:11.0595 0x0ef4  nfrd960 - ok
16:19:11.0605 0x0ef4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:19:11.0637 0x0ef4  NlaSvc - ok
16:19:11.0637 0x0ef4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:19:11.0677 0x0ef4  Npfs - ok
16:19:11.0677 0x0ef4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:19:11.0719 0x0ef4  nsi - ok
16:19:11.0729 0x0ef4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:19:11.0759 0x0ef4  nsiproxy - ok
16:19:11.0799 0x0ef4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:19:11.0849 0x0ef4  Ntfs - ok
16:19:11.0859 0x0ef4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:19:11.0889 0x0ef4  Null - ok
16:19:11.0889 0x0ef4  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:19:11.0909 0x0ef4  NVHDA - ok
16:19:12.0109 0x0ef4  [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:19:12.0329 0x0ef4  nvlddmkm - ok
16:19:12.0389 0x0ef4  [ CF4905C5F3179F20DA550CD135EE90EE, D887773F537268CD1141776FC439299C2C9F2986D7962D83FE534E3CD4F983AD ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:19:12.0449 0x0ef4  NvNetworkService - ok
16:19:12.0472 0x0ef4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:19:12.0497 0x0ef4  nvraid - ok
16:19:12.0504 0x0ef4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:19:12.0521 0x0ef4  nvstor - ok
16:19:12.0521 0x0ef4  [ 6B2CFB1BF233F6946F293B5B30FD599A, 91FC84D5D0497235015850FA1DFFFD8EDEB3C89FAB0BAD65AC86E161CC3593BD ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:19:12.0531 0x0ef4  NvStreamKms - ok
16:19:12.0913 0x0ef4  [ 2FAD0F3004D0CFEE5148CB36E6999DBD, 4EE62420BBC6B81048B35E549F2332EA3640B41101FC174C74CCCC412AF0D6E3 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:19:13.0363 0x0ef4  NvStreamSvc - ok
16:19:13.0427 0x0ef4  [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:19:13.0466 0x0ef4  nvsvc - ok
16:19:13.0479 0x0ef4  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:19:13.0497 0x0ef4  nvvad_WaveExtensible - ok
16:19:13.0503 0x0ef4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:19:13.0515 0x0ef4  nv_agp - ok
16:19:13.0525 0x0ef4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:19:13.0535 0x0ef4  ohci1394 - ok
16:19:13.0545 0x0ef4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:19:13.0565 0x0ef4  p2pimsvc - ok
16:19:13.0575 0x0ef4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:19:13.0605 0x0ef4  p2psvc - ok
16:19:13.0615 0x0ef4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:19:13.0635 0x0ef4  Parport - ok
16:19:13.0635 0x0ef4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:19:13.0655 0x0ef4  partmgr - ok
16:19:13.0665 0x0ef4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:19:13.0697 0x0ef4  PcaSvc - ok
16:19:13.0704 0x0ef4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:19:13.0717 0x0ef4  pci - ok
16:19:13.0727 0x0ef4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:19:13.0737 0x0ef4  pciide - ok
16:19:13.0747 0x0ef4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:19:13.0767 0x0ef4  pcmcia - ok
16:19:13.0767 0x0ef4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:19:13.0777 0x0ef4  pcw - ok
16:19:13.0817 0x0ef4  [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
16:19:13.0877 0x0ef4  PDF Architect 2 - ok
16:19:13.0897 0x0ef4  [ B2309F132A31AF03C0A249AEDE8CF289, BBAE32AA55E495ACB9A8089C090ADD78BE1DC16233CAA61BBED1456CA718D430 ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
16:19:13.0927 0x0ef4  PDF Architect 2 Creator - ok
16:19:13.0947 0x0ef4  [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
16:19:13.0987 0x0ef4  pdfforge CrashHandler - ok
16:19:13.0997 0x0ef4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:19:14.0047 0x0ef4  PEAUTH - ok
16:19:14.0077 0x0ef4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:19:14.0097 0x0ef4  PerfHost - ok
16:19:14.0127 0x0ef4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:19:14.0187 0x0ef4  pla - ok
16:19:14.0207 0x0ef4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:19:14.0237 0x0ef4  PlugPlay - ok
16:19:14.0237 0x0ef4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:19:14.0257 0x0ef4  PNRPAutoReg - ok
16:19:14.0267 0x0ef4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:19:14.0277 0x0ef4  PNRPsvc - ok
16:19:14.0287 0x0ef4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:19:14.0337 0x0ef4  PolicyAgent - ok
16:19:14.0347 0x0ef4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:19:14.0377 0x0ef4  Power - ok
16:19:14.0387 0x0ef4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:19:14.0423 0x0ef4  PptpMiniport - ok
16:19:14.0427 0x0ef4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:19:14.0444 0x0ef4  Processor - ok
16:19:14.0449 0x0ef4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:19:14.0479 0x0ef4  ProfSvc - ok
16:19:14.0479 0x0ef4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:19:14.0489 0x0ef4  ProtectedStorage - ok
16:19:14.0499 0x0ef4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:19:14.0529 0x0ef4  Psched - ok
16:19:14.0559 0x0ef4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:19:14.0609 0x0ef4  ql2300 - ok
16:19:14.0625 0x0ef4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:19:14.0644 0x0ef4  ql40xx - ok
16:19:14.0655 0x0ef4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:19:14.0681 0x0ef4  QWAVE - ok
16:19:14.0681 0x0ef4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:19:14.0701 0x0ef4  QWAVEdrv - ok
16:19:14.0711 0x0ef4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:19:14.0741 0x0ef4  RasAcd - ok
16:19:14.0741 0x0ef4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:19:14.0771 0x0ef4  RasAgileVpn - ok
16:19:14.0781 0x0ef4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:19:14.0821 0x0ef4  RasAuto - ok
16:19:14.0821 0x0ef4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:19:14.0851 0x0ef4  Rasl2tp - ok
16:19:14.0861 0x0ef4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:19:14.0901 0x0ef4  RasMan - ok
16:19:14.0911 0x0ef4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:19:14.0941 0x0ef4  RasPppoe - ok
16:19:14.0951 0x0ef4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:19:14.0981 0x0ef4  RasSstp - ok
16:19:14.0991 0x0ef4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:19:15.0031 0x0ef4  rdbss - ok
16:19:15.0031 0x0ef4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:19:15.0051 0x0ef4  rdpbus - ok
16:19:15.0051 0x0ef4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:19:15.0081 0x0ef4  RDPCDD - ok
16:19:15.0091 0x0ef4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:19:15.0121 0x0ef4  RDPENCDD - ok
16:19:15.0121 0x0ef4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:19:15.0151 0x0ef4  RDPREFMP - ok
16:19:15.0161 0x0ef4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:19:15.0171 0x0ef4  RdpVideoMiniport - ok
16:19:15.0181 0x0ef4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:19:15.0201 0x0ef4  RDPWD - ok
16:19:15.0201 0x0ef4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:19:15.0221 0x0ef4  rdyboost - ok
16:19:15.0231 0x0ef4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:19:15.0261 0x0ef4  RemoteAccess - ok
16:19:15.0271 0x0ef4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:19:15.0311 0x0ef4  RemoteRegistry - ok
16:19:15.0311 0x0ef4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:19:15.0351 0x0ef4  RpcEptMapper - ok
16:19:15.0351 0x0ef4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:19:15.0371 0x0ef4  RpcLocator - ok
16:19:15.0381 0x0ef4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:19:15.0424 0x0ef4  RpcSs - ok
16:19:15.0430 0x0ef4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:19:15.0473 0x0ef4  rspndr - ok
16:19:15.0473 0x0ef4  [ 82CA49238FDAE1251C5C6DD59EB1E3B7, A919900E4B171A1EFBAAC8D2C43B159F29D03792DAC19C5F3FF26A80631E93F9 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys
16:19:15.0500 0x0ef4  rusb3hub - ok
16:19:15.0505 0x0ef4  [ C3556D7131F2C00EEFB6C7DC7CD3ACA8, 512E7B48A3DA83C18950C44E517C0122E6AF056AC8A383B26ACE6138061352BF ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys
16:19:15.0525 0x0ef4  rusb3xhc - ok
16:19:15.0525 0x0ef4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
16:19:15.0535 0x0ef4  SamSs - ok
16:19:15.0545 0x0ef4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:19:15.0555 0x0ef4  sbp2port - ok
16:19:15.0565 0x0ef4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:19:15.0615 0x0ef4  SCardSvr - ok
16:19:15.0615 0x0ef4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:19:15.0652 0x0ef4  scfilter - ok
16:19:15.0677 0x0ef4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:19:15.0737 0x0ef4  Schedule - ok
16:19:15.0747 0x0ef4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:19:15.0767 0x0ef4  SCPolicySvc - ok
16:19:15.0777 0x0ef4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:19:15.0797 0x0ef4  SDRSVC - ok
16:19:15.0797 0x0ef4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:19:15.0837 0x0ef4  secdrv - ok
16:19:15.0837 0x0ef4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:19:15.0867 0x0ef4  seclogon - ok
16:19:15.0867 0x0ef4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:19:15.0907 0x0ef4  SENS - ok
16:19:15.0907 0x0ef4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:19:15.0927 0x0ef4  SensrSvc - ok
16:19:15.0927 0x0ef4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:19:15.0947 0x0ef4  Serenum - ok
16:19:15.0947 0x0ef4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:19:15.0967 0x0ef4  Serial - ok
16:19:15.0967 0x0ef4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:19:15.0987 0x0ef4  sermouse - ok
16:19:15.0997 0x0ef4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:19:16.0037 0x0ef4  SessionEnv - ok
16:19:16.0037 0x0ef4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:19:16.0047 0x0ef4  sffdisk - ok
16:19:16.0057 0x0ef4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:19:16.0067 0x0ef4  sffp_mmc - ok
16:19:16.0067 0x0ef4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:19:16.0087 0x0ef4  sffp_sd - ok
16:19:16.0087 0x0ef4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:19:16.0107 0x0ef4  sfloppy - ok
16:19:16.0117 0x0ef4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:19:16.0157 0x0ef4  SharedAccess - ok
16:19:16.0177 0x0ef4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:19:16.0217 0x0ef4  ShellHWDetection - ok
16:19:16.0217 0x0ef4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:19:16.0227 0x0ef4  SiSRaid2 - ok
16:19:16.0237 0x0ef4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:19:16.0257 0x0ef4  SiSRaid4 - ok
16:19:16.0257 0x0ef4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:19:16.0287 0x0ef4  Smb - ok
16:19:16.0297 0x0ef4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:19:16.0317 0x0ef4  SNMPTRAP - ok
16:19:16.0317 0x0ef4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:19:16.0327 0x0ef4  spldr - ok
16:19:16.0347 0x0ef4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:19:16.0377 0x0ef4  Spooler - ok
16:19:16.0466 0x0ef4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:19:16.0559 0x0ef4  sppsvc - ok
16:19:16.0579 0x0ef4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:19:16.0619 0x0ef4  sppuinotify - ok
16:19:16.0629 0x0ef4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:19:16.0661 0x0ef4  srv - ok
16:19:16.0681 0x0ef4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:19:16.0701 0x0ef4  srv2 - ok
16:19:16.0711 0x0ef4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:19:16.0731 0x0ef4  srvnet - ok
16:19:16.0731 0x0ef4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:19:16.0771 0x0ef4  SSDPSRV - ok
16:19:16.0781 0x0ef4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:19:16.0811 0x0ef4  SstpSvc - ok
16:19:16.0831 0x0ef4  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:19:16.0871 0x0ef4  Steam Client Service - ok
16:19:16.0881 0x0ef4  [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:19:16.0911 0x0ef4  Stereo Service - ok
16:19:16.0911 0x0ef4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:19:16.0921 0x0ef4  stexstor - ok
16:19:16.0941 0x0ef4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:19:16.0981 0x0ef4  stisvc - ok
16:19:16.0981 0x0ef4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:19:16.0991 0x0ef4  swenum - ok
16:19:17.0011 0x0ef4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:19:17.0061 0x0ef4  swprv - ok
16:19:17.0091 0x0ef4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:19:17.0151 0x0ef4  SysMain - ok
16:19:17.0151 0x0ef4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:19:17.0181 0x0ef4  TabletInputService - ok
16:19:17.0191 0x0ef4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:19:17.0231 0x0ef4  TapiSrv - ok
16:19:17.0231 0x0ef4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:19:17.0261 0x0ef4  TBS - ok
16:19:17.0301 0x0ef4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:19:17.0361 0x0ef4  Tcpip - ok
16:19:17.0411 0x0ef4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:19:17.0466 0x0ef4  TCPIP6 - ok
16:19:17.0480 0x0ef4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:19:17.0498 0x0ef4  tcpipreg - ok
16:19:17.0503 0x0ef4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:19:17.0513 0x0ef4  TDPIPE - ok
16:19:17.0513 0x0ef4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:19:17.0533 0x0ef4  TDTCP - ok
16:19:17.0533 0x0ef4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:19:17.0553 0x0ef4  tdx - ok
16:19:17.0553 0x0ef4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:19:17.0573 0x0ef4  TermDD - ok
16:19:17.0593 0x0ef4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:19:17.0623 0x0ef4  TermService - ok
16:19:17.0633 0x0ef4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:19:17.0663 0x0ef4  Themes - ok
16:19:17.0663 0x0ef4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:19:17.0695 0x0ef4  THREADORDER - ok
16:19:17.0705 0x0ef4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:19:17.0735 0x0ef4  TrkWks - ok
16:19:17.0745 0x0ef4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:19:17.0775 0x0ef4  TrustedInstaller - ok
16:19:17.0785 0x0ef4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:19:17.0795 0x0ef4  tssecsrv - ok
16:19:17.0795 0x0ef4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:19:17.0815 0x0ef4  TsUsbFlt - ok
16:19:17.0825 0x0ef4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:19:17.0855 0x0ef4  tunnel - ok
16:19:17.0855 0x0ef4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:19:17.0875 0x0ef4  uagp35 - ok
16:19:17.0875 0x0ef4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:19:17.0915 0x0ef4  udfs - ok
16:19:17.0925 0x0ef4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:19:17.0945 0x0ef4  UI0Detect - ok
16:19:17.0945 0x0ef4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:19:17.0965 0x0ef4  uliagpkx - ok
16:19:17.0965 0x0ef4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:19:17.0985 0x0ef4  umbus - ok
16:19:17.0985 0x0ef4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:19:18.0005 0x0ef4  UmPass - ok
16:19:18.0015 0x0ef4  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
16:19:18.0035 0x0ef4  UMVPFSrv - ok
16:19:18.0045 0x0ef4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:19:18.0085 0x0ef4  upnphost - ok
16:19:18.0095 0x0ef4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:19:18.0115 0x0ef4  usbaudio - ok
16:19:18.0115 0x0ef4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:19:18.0135 0x0ef4  usbccgp - ok
16:19:18.0135 0x0ef4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:19:18.0155 0x0ef4  usbcir - ok
16:19:18.0165 0x0ef4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:19:18.0175 0x0ef4  usbehci - ok
16:19:18.0185 0x0ef4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:19:18.0215 0x0ef4  usbhub - ok
16:19:18.0215 0x0ef4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:19:18.0225 0x0ef4  usbohci - ok
16:19:18.0235 0x0ef4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:19:18.0245 0x0ef4  usbprint - ok
16:19:18.0255 0x0ef4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:19:18.0265 0x0ef4  USBSTOR - ok
16:19:18.0275 0x0ef4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:19:18.0285 0x0ef4  usbuhci - ok
16:19:18.0295 0x0ef4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:19:18.0315 0x0ef4  usbvideo - ok
16:19:18.0315 0x0ef4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:19:18.0355 0x0ef4  UxSms - ok
16:19:18.0355 0x0ef4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
16:19:18.0365 0x0ef4  VaultSvc - ok
16:19:18.0375 0x0ef4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:19:18.0385 0x0ef4  vdrvroot - ok
16:19:18.0405 0x0ef4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:19:18.0473 0x0ef4  vds - ok
16:19:18.0483 0x0ef4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:19:18.0497 0x0ef4  vga - ok
16:19:18.0497 0x0ef4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:19:18.0527 0x0ef4  VgaSave - ok
16:19:18.0537 0x0ef4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:19:18.0557 0x0ef4  vhdmp - ok
16:19:18.0557 0x0ef4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:19:18.0577 0x0ef4  viaide - ok
16:19:18.0587 0x0ef4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:19:18.0607 0x0ef4  volmgr - ok
16:19:18.0621 0x0ef4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:19:18.0639 0x0ef4  volmgrx - ok
16:19:18.0649 0x0ef4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:19:18.0679 0x0ef4  volsnap - ok
16:19:18.0689 0x0ef4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:19:18.0699 0x0ef4  vsmraid - ok
16:19:18.0739 0x0ef4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:19:18.0809 0x0ef4  VSS - ok
16:19:18.0809 0x0ef4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:19:18.0829 0x0ef4  vwifibus - ok
16:19:18.0829 0x0ef4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:19:18.0849 0x0ef4  vwififlt - ok
16:19:18.0859 0x0ef4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:19:18.0909 0x0ef4  W32Time - ok
16:19:18.0909 0x0ef4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:19:18.0929 0x0ef4  WacomPen - ok
16:19:18.0929 0x0ef4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:19:18.0959 0x0ef4  WANARP - ok
16:19:18.0969 0x0ef4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:19:18.0999 0x0ef4  Wanarpv6 - ok
16:19:19.0029 0x0ef4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:19:19.0079 0x0ef4  wbengine - ok
16:19:19.0089 0x0ef4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:19:19.0109 0x0ef4  WbioSrvc - ok
16:19:19.0119 0x0ef4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:19:19.0149 0x0ef4  wcncsvc - ok
16:19:19.0159 0x0ef4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:19:19.0179 0x0ef4  WcsPlugInService - ok
16:19:19.0179 0x0ef4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:19:19.0199 0x0ef4  Wd - ok
16:19:19.0209 0x0ef4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:19:19.0249 0x0ef4  Wdf01000 - ok
16:19:19.0249 0x0ef4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:19:19.0269 0x0ef4  WdiServiceHost - ok
16:19:19.0279 0x0ef4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:19:19.0289 0x0ef4  WdiSystemHost - ok
16:19:19.0299 0x0ef4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:19:19.0319 0x0ef4  WebClient - ok
16:19:19.0329 0x0ef4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:19:19.0369 0x0ef4  Wecsvc - ok
16:19:19.0379 0x0ef4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:19:19.0420 0x0ef4  wercplsupport - ok
16:19:19.0424 0x0ef4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:19:19.0461 0x0ef4  WerSvc - ok
16:19:19.0461 0x0ef4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:19:19.0503 0x0ef4  WfpLwf - ok
16:19:19.0503 0x0ef4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:19:19.0523 0x0ef4  WIMMount - ok
16:19:19.0523 0x0ef4  WinDefend - ok
16:19:19.0533 0x0ef4  WinHttpAutoProxySvc - ok
16:19:19.0543 0x0ef4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:19:19.0583 0x0ef4  Winmgmt - ok
16:19:19.0635 0x0ef4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:19:19.0695 0x0ef4  WinRM - ok
16:19:19.0714 0x0ef4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:19:19.0727 0x0ef4  WinUsb - ok
16:19:19.0747 0x0ef4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:19:19.0787 0x0ef4  Wlansvc - ok
16:19:19.0797 0x0ef4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:19:19.0807 0x0ef4  WmiAcpi - ok
16:19:19.0817 0x0ef4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:19:19.0837 0x0ef4  wmiApSrv - ok
16:19:19.0837 0x0ef4  WMPNetworkSvc - ok
16:19:19.0847 0x0ef4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:19:19.0867 0x0ef4  WPCSvc - ok
16:19:19.0867 0x0ef4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:19:19.0887 0x0ef4  WPDBusEnum - ok
16:19:19.0887 0x0ef4  [ F41B4726BE452724737ECFE1FB17E4E7, B0FEBBAFE87785998DCFF3BE41CDA49427AE139DA859E83D3C499D1133091498 ] WpsSupplicant   C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\WpsSupplicant.exe
16:19:19.0907 0x0ef4  WpsSupplicant - detected UnsignedFile.Multi.Generic ( 1 )
16:19:22.0547 0x0ef4  Detect skipped due to KSN trusted
16:19:22.0547 0x0ef4  WpsSupplicant - ok
16:19:22.0547 0x0ef4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:19:22.0597 0x0ef4  ws2ifsl - ok
16:19:22.0607 0x0ef4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:19:22.0631 0x0ef4  wscsvc - ok
16:19:22.0637 0x0ef4  WSearch - ok
16:19:22.0689 0x0ef4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:19:22.0759 0x0ef4  wuauserv - ok
16:19:22.0769 0x0ef4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:19:22.0779 0x0ef4  WudfPf - ok
16:19:22.0789 0x0ef4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:19:22.0809 0x0ef4  WUDFRd - ok
16:19:22.0809 0x0ef4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:19:22.0829 0x0ef4  wudfsvc - ok
16:19:22.0839 0x0ef4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:19:22.0859 0x0ef4  WwanSvc - ok
16:19:22.0879 0x0ef4  [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
16:19:22.0899 0x0ef4  yukonw7 - ok
16:19:22.0899 0x0ef4  ================ Scan global ===============================
16:19:22.0899 0x0ef4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:19:22.0919 0x0ef4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:19:22.0939 0x0ef4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:19:22.0939 0x0ef4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:19:22.0959 0x0ef4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:19:22.0969 0x0ef4  [ Global ] - ok
16:19:22.0969 0x0ef4  ================ Scan MBR ==================================
16:19:22.0969 0x0ef4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:19:23.0059 0x0ef4  \Device\Harddisk0\DR0 - ok
16:19:23.0059 0x0ef4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:19:23.0109 0x0ef4  \Device\Harddisk1\DR1 - ok
16:19:23.0119 0x0ef4  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk2\DR2
16:19:23.0689 0x0ef4  \Device\Harddisk2\DR2 - ok
16:19:23.0689 0x0ef4  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk3\DR3
16:19:24.0149 0x0ef4  \Device\Harddisk3\DR3 - ok
16:19:24.0149 0x0ef4  ================ Scan VBR ==================================
16:19:24.0149 0x0ef4  [ 89FAE9272C7CDEF75ADA5BD75C67F80C ] \Device\Harddisk0\DR0\Partition1
16:19:24.0149 0x0ef4  \Device\Harddisk0\DR0\Partition1 - ok
16:19:24.0149 0x0ef4  [ 8FE02974BC6EFCC26B6EB5B1B7D91767 ] \Device\Harddisk0\DR0\Partition2
16:19:24.0159 0x0ef4  \Device\Harddisk0\DR0\Partition2 - ok
16:19:24.0159 0x0ef4  [ BF72251CC89EE8729CA0980F44A37789 ] \Device\Harddisk1\DR1\Partition1
16:19:24.0159 0x0ef4  \Device\Harddisk1\DR1\Partition1 - ok
16:19:24.0159 0x0ef4  [ 9C95D52E00F1DBE38AAF8F3D881038F9 ] \Device\Harddisk2\DR2\Partition1
16:19:24.0229 0x0ef4  \Device\Harddisk2\DR2\Partition1 - ok
16:19:24.0229 0x0ef4  [ A3C75FFC36233FA046A38341FE0A8CCC ] \Device\Harddisk3\DR3\Partition1
16:19:24.0239 0x0ef4  \Device\Harddisk3\DR3\Partition1 - ok
16:19:24.0249 0x0ef4  ================ Scan generic autorun ======================
16:19:24.0329 0x0ef4  [ CA6DE8C65A9178FB6639D781B0BA9EB2, 2D7DF39A952CCE0E21BADE59329E90A90565E45BFF2C41C31B3E124833D42E19 ] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe
16:19:24.0441 0x0ef4  SoundMAX - detected UnsignedFile.Multi.Generic ( 1 )
16:19:27.0101 0x0ef4  Detect skipped due to KSN trusted
16:19:27.0101 0x0ef4  SoundMAX - ok
16:19:27.0161 0x0ef4  [ D6DBF46C5CAE0EEDA1DF1BD080D6FE3B, F93A5992B384B663F3A9D60BADA8E031A45B96A66C9AEA4B948563520DB69992 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:19:27.0221 0x0ef4  NvBackend - ok
16:19:27.0231 0x0ef4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:19:27.0241 0x0ef4  ShadowPlay - ok
16:19:27.0271 0x0ef4  [ 20FFCFC9D896DA49D5F542E76F3DC0F1, 8FE9C01B2F8B924B49377C53B5C3FF08A337905BC6B90E33677F090D04EB68B6 ] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
16:19:27.0321 0x0ef4  SoundMAXPnP - ok
16:19:27.0321 0x0ef4  [ 5A77E2A4DD76B0733CF30AAD21AB3587, 345C43F209CD29C7A1E8BD88C725D154C29F47B767CD3749EE61601EB4DDDC03 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
16:19:27.0341 0x0ef4  RUSB3MON - ok
16:19:27.0361 0x0ef4  [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] D:\Avira\AntiVir Desktop\avgnt.exe
16:19:27.0381 0x0ef4  avgnt - ok
16:19:27.0414 0x0ef4  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:19:27.0433 0x0ef4  Adobe ARM - ok
16:19:27.0470 0x0ef4  [ 9153F2335BCDB87F41559CF066223BF9, C0F89F9A63B1F49F007A971F5180128EC0AFBBBF7CFA82CA1FA44CB9DB5F8BB3 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:19:27.0498 0x0ef4  SunJavaUpdateSched - ok
16:19:27.0505 0x0ef4  [ 8CB85437667AEDBD8497D2CA85F4A17A, 196F1F3208674944C554624E5DA6A614F8070467E32F0C1BAB9AC409783E5804 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
16:19:27.0515 0x0ef4  Avira Systray - ok
16:19:27.0545 0x0ef4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:19:27.0595 0x0ef4  Sidebar - ok
16:19:27.0605 0x0ef4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:19:27.0634 0x0ef4  mctadmin - ok
16:19:27.0661 0x0ef4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:19:27.0695 0x0ef4  Sidebar - ok
16:19:27.0697 0x0ef4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:19:27.0707 0x0ef4  mctadmin - ok
16:19:27.0747 0x0ef4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:19:27.0797 0x0ef4  Sidebar - ok
16:19:27.0837 0x0ef4  [ DFA30F50064C7A181982DF6285CA20C9, FDC494C3A109C8DCA846DE6392299AD296F6AAA26FF937575169B56A98C34957 ] C:\Program Files (x86)\Thunder Master\THPanel.exe
16:19:27.0887 0x0ef4  THPanel - ok
16:19:28.0037 0x0ef4  [ 18EE6C694976C4D205AF24D6CCE3B660, 262F8B929CBBC8BFDD465826A27625ED9508A7C325C45F1964A4EFAC36D60056 ] D:\CCleaner\CCleaner64.exe
16:19:28.0187 0x0ef4  CCleaner Monitoring - ok
16:19:28.0217 0x0ef4  [ EFC73875D6A2DECAD030633A9A75F00A, AA7B65649B37FFC68A6FFB23CBBE73E1BB873C840B9EA0049421D2B4C0EC364F ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE
16:19:28.0237 0x0ef4  EPLTarget\P0000000000000000 - ok
16:19:28.0257 0x0ef4  [ 7AD7938740BB1A6694E8E85E14DEAF51, EAECDB27226FC43A3037937E1BCF36DAF478D8CC7DCF0407B07274784C7F7AAA ] C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe
16:19:28.0277 0x0ef4  CTSyncU.exe - detected UnsignedFile.Multi.Generic ( 1 )
16:19:30.0929 0x0ef4  Detect skipped due to KSN trusted
16:19:30.0929 0x0ef4  CTSyncU.exe - ok
16:19:30.0929 0x0ef4  Waiting for KSN requests completion. In queue: 16
16:19:31.0929 0x0ef4  Waiting for KSN requests completion. In queue: 16
16:19:32.0929 0x0ef4  Waiting for KSN requests completion. In queue: 16
16:19:33.0949 0x0ef4  AV detected via SS2: Avira Desktop, D:\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
16:19:33.0949 0x0ef4  Win FW state via NFP2: enabled
16:19:36.0609 0x0ef4  ============================================================
16:19:36.0609 0x0ef4  Scan finished
16:19:36.0609 0x0ef4  ============================================================
16:19:36.0609 0x0a60  Detected object count: 0
16:19:36.0609 0x0a60  Actual detected object count: 0
__________________

Alt 08.03.2015, 08:40   #4
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Fake Email - Phishing Link leider angeklickt - Standard

DHL Fake Email - Phishing Link leider angeklickt



Sieh gut aus. Kommen noch Meldungen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.03.2015, 18:07   #5
Battleknabe
 
DHL Fake Email - Phishing Link leider angeklickt - Standard

DHL Fake Email - Phishing Link leider angeklickt



Bislang keine Fehlermeldungen mehr. Auf den ersten Blick haben Virenscanner und AntiMalware das schlimmste vermieden.

Danke für die Hilfe! Super das es Leute mit Ahnung gibt, die das ganze hier ehrenamtlich machen.


Alt 08.03.2015, 19:31   #6
schrauber
/// the machine
/// TB-Ausbilder
 

DHL Fake Email - Phishing Link leider angeklickt - Standard

DHL Fake Email - Phishing Link leider angeklickt



Gern Geschehen
__________________
--> DHL Fake Email - Phishing Link leider angeklickt

Antwort

Themen zu DHL Fake Email - Phishing Link leider angeklickt
adware, antivir, antivirus, avira, browser, dhl-delivery-email, email, firefox, flash player, helper, home, homepage, installmanager.exe, kaspersky, mozilla, newtab, phishing, programm, registry, rundll, schutz, secur, security, services.exe, software, svchost.exe, usb, windows



Ähnliche Themen: DHL Fake Email - Phishing Link leider angeklickt


  1. Phishing SMS iPhone Link angeklickt
    Alles rund um Mac OSX & Linux - 04.11.2015 (1)
  2. Phishing SMS iPhone Link angeklickt
    Smartphone, Tablet & Handy Security - 04.11.2015 (6)
  3. Hab leider einen Link in einer Email angeklickt
    Plagegeister aller Art und deren Bekämpfung - 17.08.2015 (9)
  4. DHL Paketankündigung fake email - leider versehentlich den Sendungsstatus link angeklickt - Infiziert?
    Plagegeister aller Art und deren Bekämpfung - 13.05.2015 (38)
  5. Phishing Mail DHL Link angeklickt
    Log-Analyse und Auswertung - 26.03.2015 (13)
  6. DHL Phishing Mail Link angeklickt
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (7)
  7. Windows 7: UPS Paketankündigungsmail bekommen und (leider) Link angeklickt
    Log-Analyse und Auswertung - 09.03.2015 (12)
  8. DHL Fake Email - Phishing Link leider angeklickt
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (8)
  9. Amazon Phishing Link angeklickt...
    Plagegeister aller Art und deren Bekämpfung - 08.02.2015 (6)
  10. Amazon Phishing Mail Link angeklickt
    Plagegeister aller Art und deren Bekämpfung - 24.06.2014 (11)
  11. Phishing Link angeklickt TNT Delivery (Logfile)
    Log-Analyse und Auswertung - 14.03.2014 (5)
  12. Phishing Link angeklickt TNT Delivery
    Smartphone, Tablet & Handy Security - 13.03.2014 (6)
  13. Phishing-Link von Paypal angeklickt
    Plagegeister aller Art und deren Bekämpfung - 07.10.2013 (11)
  14. Phishing Mail von WoW Link angeklickt!
    Plagegeister aller Art und deren Bekämpfung - 07.07.2013 (4)
  15. In Phishing-Mail den Link angeklickt :( Panik
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (34)
  16. Phishing/Spam email geöffnet und angeklickt
    Überwachung, Datenschutz und Spam - 05.10.2010 (1)
  17. Per ICQ geschickter Link, leider angeklickt. Jetzt Viren.(?)
    Log-Analyse und Auswertung - 22.02.2007 (8)

Zum Thema DHL Fake Email - Phishing Link leider angeklickt - Hallo Leute, ich hab im halbschlaf und einer erwarteten Bestellung zufolge blöderweise den Fake DHL Link angeklickt. Ich hab dann auch Virusfehlermeldungen bekommen, die vom Avira Anti Vir entdeckt wurden. - DHL Fake Email - Phishing Link leider angeklickt...
Archiv
Du betrachtest: DHL Fake Email - Phishing Link leider angeklickt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.