| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1 Pro N - DHL Spamm-Mail - ZIP DateiWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
19.03.2015, 11:38
| #1 |
| |  Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei Guten Tag, ich erwarte zufällig seit 2 Tagen ein Paket von DHL und war heute 5 Minuten bevor diese Spammail bei mir eingegangen ist mit DHL in Kontakt  Irgendwie hat es da bei mir ausgesetzt und ich habe das erste Mal so eine blöde Mail angeklickt. Habe ausversehen auch die ZIP Datei runtergeladen und wollte diese öffnen. Windows 8.1 hatte mich jedoch davor gewarnt und ich glaube es ist auch nicht zum entpacken der ZIP gekommen. Trotzdem habe ich mir Malwarebytes Anti-Rootkit runtergeladen , habe es geupdated und mein System scannen lassen. Es hat nichts gefunden. Anschließend habe ich TDDSKiller runtergeladen und dieen auch einen SCAN durchführen lassen. Hat eine Bedrohung gefunden! Jetzt stellt sich mir die Frage, ob durch das runterladen der ZIP Datei auch schon mein System gefährtdet ist oder nur durch das Entpacken? PS. Sorry , abe ich kann die logfiles wegen der Größe nicht anhängen und wegen deren länge auch nicht ale CODE Text einfügen. Warte jetzt auf eine Antwort und füge Sie dann in einem seperaten Kommentar ein! Viele Grüße logicy |
|
19.03.2015, 11:44
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
19.03.2015, 11:58
| #3 |
| | Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei ---------------------------------------
__________________Malwarebytes Anti-Rootkit BETA 1.09.1.1004 (c) Malwarebytes Corporation 2011-2012 OS version: 6.3.9200 Windows 8.1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17690 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 3.293000 GHz Memory total: 8526925824, free: 6337974272 Downloaded database version: v2015.03.19.03 Downloaded database version: v2015.02.25.01 Downloaded database version: v2015.03.09.01 ======================================= Initializing... ------------ Kernel report ------------ 03/19/2015 10:41:23 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\avkmgr.sys \SystemRoot\system32\DRIVERS\avipbb.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\Drivers\ElbyCDIO.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\system32\DRIVERS\Neo_VPN.sys \SystemRoot\system32\DRIVERS\tap0901.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\avmaura.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\System32\drivers\parport.sys \SystemRoot\System32\drivers\serial.sys \SystemRoot\System32\drivers\serenum.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\VClone.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\HdAudio.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\AtihdWB6.sys \SystemRoot\system32\drivers\AMDACPKSL.SYS \SystemRoot\System32\drivers\xusb22.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\system32\drivers\usbaudio.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\system32\drivers\ZCinema_SRS_amd64.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \??\C:\Windows\system32\drivers\amdacpksd.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \SystemRoot\System32\drivers\rdpvideominiport.sys \SystemRoot\system32\DRIVERS\rtwlanu.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\System32\cdd.dll \SystemRoot\system32\DRIVERS\avgntflt.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! Scan started Database versions: main: v2015.03.19.03 rootkit: v2015.02.25.01 <<<2>>> Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffe000231c9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe000231c9b20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000231c9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xffffe00021fe3d10, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xffffe00021fde060, DeviceName: \Device\0000002f\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1) Done! Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffe000231ca060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe000231cab20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000231ca060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xffffe00021fe4060, DeviceName: \Device\0000002e\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: B32DEE41 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 3907024896 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000398934016 bytes Sector size: 512 bytes Done! Drive 1 This is a System drive Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: C4B24272 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 716800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 718848 Numsec = 233719808 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 120034123776 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 2, DevicePointer: 0xffffe000243f0060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe000243f1770, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000243f0060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ DevicePointer: 0xffffe000243bdb10, DeviceName: \Device\0000003d\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 2 Scanning MBR on drive 2... Inspecting partition table: MBR Signature: 55AA Disk Signature: C3072E18 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 32 Numsec = 31506400 Partition file system is NTFS Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 16131293184 bytes Sector size: 512 bytes Done! Physical Sector Size: 0 Drive: 3, DevicePointer: 0xffffe000261e1770, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe00026264b20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000261e1770, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\ DevicePointer: 0xffffe00026261180, DeviceName: \Device\0000004b\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-32-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam... Removal finished --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.09.1.1004 (c) Malwarebytes Corporation 2011-2012 OS version: 6.3.9200 Windows 8.1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17690 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 3.293000 GHz Memory total: 8526925824, free: 6407020544 --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.09.1.1004 (c) Malwarebytes Corporation 2011-2012 OS version: 6.3.9200 Windows 8.1 x64 Account is Administrative Internet Explorer version: 11.0.9600.17690 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 3.293000 GHz Memory total: 8526925824, free: 7182319616 ======================================= Initializing... ------------ Kernel report ------------ 03/19/2015 10:55:31 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\avkmgr.sys \SystemRoot\system32\DRIVERS\avipbb.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\csc.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\Drivers\ElbyCDIO.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\system32\DRIVERS\Neo_VPN.sys \SystemRoot\system32\DRIVERS\tap0901.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\avmaura.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\System32\drivers\parport.sys \SystemRoot\System32\drivers\serial.sys \SystemRoot\System32\drivers\serenum.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\VClone.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\HdAudio.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\AtihdWB6.sys \SystemRoot\system32\drivers\AMDACPKSL.SYS \SystemRoot\System32\drivers\xusb22.sys \SystemRoot\System32\drivers\USBSTOR.SYS \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\system32\drivers\usbaudio.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\kbdhid.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\system32\drivers\ZCinema_SRS_amd64.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \??\C:\Windows\system32\drivers\amdacpksd.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \SystemRoot\System32\drivers\WpdUpFltr.sys \SystemRoot\System32\drivers\rdpvideominiport.sys \SystemRoot\system32\DRIVERS\rtwlanu.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\DRIVERS\avgntflt.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \SystemRoot\System32\cdd.dll \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys ----------- End ----------- Done! Scan started Database versions: main: v2015.03.19.03 rootkit: v2015.02.25.01 <<<2>>> Physical Sector Size: 512 Drive: 1, DevicePointer: 0xffffe000231c9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe000231c9b20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000231c9060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ DevicePointer: 0xffffe00021fe3d10, DeviceName: Unknown, DriverName: \Driver\ACPI\ DevicePointer: 0xffffe00021fde060, DeviceName: \Device\0000002f\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1) File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1) File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1) File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1) Done! Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffe000231ca060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe000231cab20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000231ca060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xffffe00021fe4060, DeviceName: \Device\0000002e\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: B32DEE41 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 3907024896 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000398934016 bytes Sector size: 512 bytes Done! Drive 1 This is a System drive Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: C4B24272 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 716800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 718848 Numsec = 233719808 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 120034123776 bytes Sector size: 512 bytes Done! Physical Sector Size: 512 Drive: 2, DevicePointer: 0xffffe000243f0060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe000243f1770, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000243f0060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ DevicePointer: 0xffffe000243bdb10, DeviceName: \Device\0000003d\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 2 Scanning MBR on drive 2... Inspecting partition table: MBR Signature: 55AA Disk Signature: C3072E18 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 32 Numsec = 31506400 Partition file system is NTFS Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 16131293184 bytes Sector size: 512 bytes Done! Physical Sector Size: 0 Drive: 3, DevicePointer: 0xffffe000261e1770, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xffffe00026264b20, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffe000261e1770, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\disk\ DevicePointer: 0xffffe00026261180, DeviceName: \Device\0000004b\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-32-i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam... Removal finished |
|
19.03.2015, 12:01
| #4 |
| | Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei 11:05:42.0170 0x0f04 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04 11:05:45.0092 0x0f04 ============================================================ 11:05:45.0092 0x0f04 Current date / time: 2015/03/19 11:05:45.0092 11:05:45.0092 0x0f04 SystemInfo: 11:05:45.0092 0x0f04 11:05:45.0092 0x0f04 OS Version: 6.3.9600 ServicePack: 0.0 11:05:45.0092 0x0f04 Product type: Workstation 11:05:45.0092 0x0f04 ComputerName: LOGICY 11:05:45.0092 0x0f04 UserName: Daniel 11:05:45.0092 0x0f04 Windows directory: C:\Windows 11:05:45.0092 0x0f04 System windows directory: C:\Windows 11:05:45.0092 0x0f04 Running under WOW64 11:05:45.0092 0x0f04 Processor architecture: Intel x64 11:05:45.0092 0x0f04 Number of processors: 8 11:05:45.0092 0x0f04 Page size: 0x1000 11:05:45.0092 0x0f04 Boot type: Normal boot 11:05:45.0092 0x0f04 ============================================================ 11:05:45.0217 0x0f04 KLMD registered as C:\Windows\system32\drivers\46656853.sys 11:05:45.0264 0x0f04 System UUID: {3AE514F4-D41F-31CA-0276-D054D7FDBEC9} 11:05:45.0436 0x0f04 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:05:45.0436 0x0f04 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:05:45.0452 0x0f04 Drive \Device\Harddisk2\DR2 - Size: 0x3C1800000 ( 15.02 Gb ), SectorSize: 0x200, Cylinders: 0x7A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 11:05:45.0452 0x0f04 ============================================================ 11:05:45.0452 0x0f04 \Device\Harddisk0\DR0: 11:05:45.0452 0x0f04 MBR partitions: 11:05:45.0452 0x0f04 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 11:05:45.0452 0x0f04 \Device\Harddisk1\DR1: 11:05:45.0452 0x0f04 MBR partitions: 11:05:45.0452 0x0f04 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000 11:05:45.0452 0x0f04 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xDEE4800 11:05:45.0452 0x0f04 \Device\Harddisk2\DR2: 11:05:45.0452 0x0f04 MBR partitions: 11:05:45.0452 0x0f04 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x1E0BFE0 11:05:45.0452 0x0f04 ============================================================ 11:05:45.0452 0x0f04 C: <-> \Device\Harddisk1\DR1\Partition2 11:05:45.0452 0x0f04 D: <-> \Device\Harddisk0\DR0\Partition1 11:05:45.0452 0x0f04 ============================================================ 11:05:45.0452 0x0f04 Initialize success 11:05:45.0452 0x0f04 ============================================================ 11:05:47.0358 0x12b4 ============================================================ 11:05:47.0358 0x12b4 Scan started 11:05:47.0358 0x12b4 Mode: Manual; 11:05:47.0358 0x12b4 ============================================================ 11:05:47.0358 0x12b4 KSN ping started 11:05:49.0686 0x12b4 KSN ping finished: true 11:05:49.0999 0x12b4 ================ Scan system memory ======================== 11:05:49.0999 0x12b4 System memory - ok 11:05:49.0999 0x12b4 ================ Scan services ============================= 11:05:50.0030 0x12b4 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 11:05:50.0046 0x12b4 1394ohci - ok 11:05:50.0046 0x12b4 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys 11:05:50.0046 0x12b4 3ware - ok 11:05:50.0061 0x12b4 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys 11:05:50.0061 0x12b4 ACPI - ok 11:05:50.0077 0x12b4 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys 11:05:50.0077 0x12b4 acpiex - ok 11:05:50.0077 0x12b4 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 11:05:50.0077 0x12b4 acpipagr - ok 11:05:50.0077 0x12b4 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 11:05:50.0077 0x12b4 AcpiPmi - ok 11:05:50.0077 0x12b4 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys 11:05:50.0077 0x12b4 acpitime - ok 11:05:50.0093 0x12b4 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS 11:05:50.0108 0x12b4 ADP80XX - ok 11:05:50.0108 0x12b4 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 11:05:50.0108 0x12b4 AeLookupSvc - ok 11:05:50.0124 0x12b4 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys 11:05:50.0124 0x12b4 AFD - ok 11:05:50.0140 0x12b4 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys 11:05:50.0140 0x12b4 agp440 - ok 11:05:50.0140 0x12b4 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys 11:05:50.0140 0x12b4 ahcache - ok 11:05:50.0140 0x12b4 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe 11:05:50.0140 0x12b4 ALG - ok 11:05:50.0155 0x12b4 [ D018A3F6010E644595BE139FBB827D5E, D224D9B289C4E7BE733B86E6D7E2D1605207B14AC2DB1AE9394EF835C0D5B101 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 11:05:50.0155 0x12b4 AMD External Events Utility - ok 11:05:50.0155 0x12b4 [ 31424EA67E83EAAF76ED3473F2F8F758, CBB8B604A6A18239F079BC6AABC97ED0DC851B08C0659D24BA576F084770E7C4 ] amdacpksd C:\Windows\system32\drivers\amdacpksd.sys 11:05:50.0155 0x12b4 amdacpksd - ok 11:05:50.0171 0x12b4 [ E696F48E288CC3FFDB9AEBF6AFDB791C, 78532672634EA9AE1E6C823528136DF74407CCF5518B4919CC074498B1D321B6 ] amdacpusrsvc C:\AMD\amdacpusrsvc.exe 11:05:50.0171 0x12b4 amdacpusrsvc - ok 11:05:50.0171 0x12b4 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 11:05:50.0171 0x12b4 AmdK8 - ok 11:05:50.0171 0x12b4 [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\Windows\system32\drivers\amdkmafd.sys 11:05:50.0171 0x12b4 amdkmafd - ok 11:05:50.0358 0x12b4 [ 64F79795D91CCA5FFC2694975AAED35F, 5B6A0004EA051FB3195BE060697300540D03EF18041D369E78814E6E12BBF700 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 11:05:50.0499 0x12b4 amdkmdag - ok 11:05:50.0530 0x12b4 [ DDB6A787E34A158B684CE2389894EB96, 1610A9BB301889AA4DD7CE256EF710CDEB03F01B4DF23D01495515740CE44BC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 11:05:50.0530 0x12b4 amdkmdap - ok 11:05:50.0530 0x12b4 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 11:05:50.0530 0x12b4 AmdPPM - ok 11:05:50.0546 0x12b4 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys 11:05:50.0546 0x12b4 amdsata - ok 11:05:50.0546 0x12b4 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 11:05:50.0546 0x12b4 amdsbs - ok 11:05:50.0546 0x12b4 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys 11:05:50.0546 0x12b4 amdxata - ok 11:05:50.0561 0x12b4 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 11:05:50.0577 0x12b4 AntiVirSchedulerService - ok 11:05:50.0577 0x12b4 [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 11:05:50.0593 0x12b4 AntiVirService - ok 11:05:50.0593 0x12b4 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys 11:05:50.0593 0x12b4 AppID - ok 11:05:50.0593 0x12b4 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll 11:05:50.0593 0x12b4 AppIDSvc - ok 11:05:50.0593 0x12b4 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\Windows\System32\appinfo.dll 11:05:50.0593 0x12b4 Appinfo - ok 11:05:50.0608 0x12b4 [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\Windows\System32\appmgmts.dll 11:05:50.0608 0x12b4 AppMgmt - ok 11:05:50.0624 0x12b4 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll 11:05:50.0624 0x12b4 AppReadiness - ok 11:05:50.0640 0x12b4 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll 11:05:50.0655 0x12b4 AppXSvc - ok 11:05:50.0671 0x12b4 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys 11:05:50.0671 0x12b4 arcsas - ok 11:05:50.0671 0x12b4 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 11:05:50.0671 0x12b4 AsyncMac - ok 11:05:50.0671 0x12b4 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys 11:05:50.0671 0x12b4 atapi - ok 11:05:50.0687 0x12b4 [ 517334A411CD079EE9AEF4C2167875A5, 7C6A450BADCA211D553102ABDC06E1F367FBFC359711AF1DC88027B34502B484 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys 11:05:50.0687 0x12b4 AtiHDAudioService - ok 11:05:50.0687 0x12b4 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 11:05:50.0687 0x12b4 AudioEndpointBuilder - ok 11:05:50.0702 0x12b4 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\Windows\System32\Audiosrv.dll 11:05:50.0718 0x12b4 Audiosrv - ok 11:05:50.0718 0x12b4 [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe 11:05:50.0718 0x12b4 Autodesk Content Service - ok 11:05:50.0733 0x12b4 [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 11:05:50.0733 0x12b4 avgntflt - ok 11:05:50.0733 0x12b4 [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 11:05:50.0733 0x12b4 avipbb - ok 11:05:50.0733 0x12b4 [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 11:05:50.0749 0x12b4 Avira.OE.ServiceHost - ok 11:05:50.0749 0x12b4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 11:05:50.0749 0x12b4 avkmgr - ok 11:05:50.0749 0x12b4 [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura C:\Windows\System32\drivers\avmaura.sys 11:05:50.0749 0x12b4 avmaura - ok 11:05:50.0749 0x12b4 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll 11:05:50.0765 0x12b4 AxInstSV - ok 11:05:50.0765 0x12b4 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 11:05:50.0780 0x12b4 b06bdrv - ok 11:05:50.0780 0x12b4 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys 11:05:50.0780 0x12b4 BasicDisplay - ok 11:05:50.0780 0x12b4 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys 11:05:50.0780 0x12b4 BasicRender - ok 11:05:50.0780 0x12b4 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys 11:05:50.0780 0x12b4 bcmfn2 - ok 11:05:50.0796 0x12b4 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\Windows\System32\bdesvc.dll 11:05:50.0796 0x12b4 BDESVC - ok 11:05:50.0796 0x12b4 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys 11:05:50.0796 0x12b4 Beep - ok 11:05:50.0812 0x12b4 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\Windows\System32\bfe.dll 11:05:50.0827 0x12b4 BFE - ok 11:05:50.0843 0x12b4 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll 11:05:50.0858 0x12b4 BITS - ok 11:05:50.0858 0x12b4 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys 11:05:50.0858 0x12b4 bowser - ok 11:05:50.0874 0x12b4 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll 11:05:50.0874 0x12b4 BrokerInfrastructure - ok 11:05:50.0874 0x12b4 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\Windows\System32\browser.dll 11:05:50.0874 0x12b4 Browser - ok 11:05:50.0874 0x12b4 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys 11:05:50.0874 0x12b4 BthAvrcpTg - ok 11:05:50.0890 0x12b4 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 11:05:50.0890 0x12b4 BthHFEnum - ok 11:05:50.0890 0x12b4 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys 11:05:50.0890 0x12b4 bthhfhid - ok 11:05:50.0890 0x12b4 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 11:05:50.0890 0x12b4 BTHMODEM - ok 11:05:50.0905 0x12b4 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll 11:05:50.0905 0x12b4 bthserv - ok 11:05:50.0905 0x12b4 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 11:05:50.0905 0x12b4 cdfs - ok 11:05:50.0905 0x12b4 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys 11:05:50.0905 0x12b4 cdrom - ok 11:05:50.0921 0x12b4 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll 11:05:50.0921 0x12b4 CertPropSvc - ok 11:05:50.0921 0x12b4 [ 855EBDDCFC5DE12F730C6C1DC994410B, 5F6E1BF571146802075C2C790D65979157F83CF4F7FA5B30D4811E9BDE4134BD ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe 11:05:50.0921 0x12b4 CGVPNCliService - ok 11:05:50.0921 0x12b4 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys 11:05:50.0921 0x12b4 circlass - ok 11:05:50.0937 0x12b4 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys 11:05:50.0937 0x12b4 CLFS - ok 11:05:50.0983 0x12b4 [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 11:05:51.0015 0x12b4 ClickToRunSvc - ok 11:05:51.0030 0x12b4 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 11:05:51.0030 0x12b4 CmBatt - ok 11:05:51.0030 0x12b4 [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\Windows\system32\Drivers\cng.sys 11:05:51.0046 0x12b4 CNG - ok 11:05:51.0046 0x12b4 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys 11:05:51.0046 0x12b4 CompositeBus - ok 11:05:51.0046 0x12b4 COMSysApp - ok 11:05:51.0046 0x12b4 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys 11:05:51.0062 0x12b4 condrv - ok 11:05:51.0062 0x12b4 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll 11:05:51.0062 0x12b4 CryptSvc - ok 11:05:51.0077 0x12b4 [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\Windows\system32\drivers\csc.sys 11:05:51.0077 0x12b4 CSC - ok 11:05:51.0093 0x12b4 [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\Windows\System32\cscsvc.dll 11:05:51.0108 0x12b4 CscService - ok 11:05:51.0108 0x12b4 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys 11:05:51.0108 0x12b4 dam - ok 11:05:51.0124 0x12b4 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll 11:05:51.0124 0x12b4 DcomLaunch - ok 11:05:51.0140 0x12b4 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\Windows\System32\defragsvc.dll 11:05:51.0140 0x12b4 defragsvc - ok 11:05:51.0155 0x12b4 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll 11:05:51.0155 0x12b4 DeviceAssociationService - ok 11:05:51.0171 0x12b4 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll 11:05:51.0171 0x12b4 DeviceInstall - ok 11:05:51.0171 0x12b4 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys 11:05:51.0171 0x12b4 Dfsc - ok 11:05:51.0171 0x12b4 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 11:05:51.0171 0x12b4 dg_ssudbus - ok 11:05:51.0187 0x12b4 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\Windows\system32\dhcpcore.dll 11:05:51.0187 0x12b4 Dhcp - ok 11:05:51.0202 0x12b4 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys 11:05:51.0202 0x12b4 disk - ok 11:05:51.0202 0x12b4 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys 11:05:51.0202 0x12b4 dmvsc - ok 11:05:51.0202 0x12b4 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll 11:05:51.0202 0x12b4 Dnscache - ok 11:05:51.0218 0x12b4 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll 11:05:51.0218 0x12b4 dot3svc - ok 11:05:51.0218 0x12b4 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll 11:05:51.0218 0x12b4 DPS - ok 11:05:51.0233 0x12b4 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 11:05:51.0233 0x12b4 drmkaud - ok 11:05:51.0233 0x12b4 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll 11:05:51.0233 0x12b4 DsmSvc - ok 11:05:51.0265 0x12b4 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 11:05:51.0280 0x12b4 DXGKrnl - ok 11:05:51.0280 0x12b4 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll 11:05:51.0280 0x12b4 Eaphost - ok 11:05:51.0343 0x12b4 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys 11:05:51.0374 0x12b4 ebdrv - ok 11:05:51.0374 0x12b4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe 11:05:51.0374 0x12b4 EFS - ok 11:05:51.0390 0x12b4 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys 11:05:51.0390 0x12b4 EhStorClass - ok 11:05:51.0390 0x12b4 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys 11:05:51.0390 0x12b4 EhStorTcgDrv - ok 11:05:51.0390 0x12b4 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 11:05:51.0390 0x12b4 ElbyCDIO - ok 11:05:51.0390 0x12b4 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys 11:05:51.0390 0x12b4 ErrDev - ok 11:05:51.0405 0x12b4 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll 11:05:51.0405 0x12b4 EventSystem - ok 11:05:51.0421 0x12b4 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys 11:05:51.0421 0x12b4 exfat - ok 11:05:51.0421 0x12b4 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys 11:05:51.0421 0x12b4 fastfat - ok 11:05:51.0437 0x12b4 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe 11:05:51.0452 0x12b4 Fax - ok 11:05:51.0452 0x12b4 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys 11:05:51.0452 0x12b4 fdc - ok 11:05:51.0452 0x12b4 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll 11:05:51.0452 0x12b4 fdPHost - ok 11:05:51.0452 0x12b4 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll 11:05:51.0452 0x12b4 FDResPub - ok 11:05:51.0468 0x12b4 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll 11:05:51.0468 0x12b4 fhsvc - ok 11:05:51.0468 0x12b4 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 11:05:51.0468 0x12b4 FileInfo - ok 11:05:51.0468 0x12b4 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys 11:05:51.0468 0x12b4 Filetrace - ok 11:05:51.0499 0x12b4 [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe 11:05:51.0515 0x12b4 FlexNet Licensing Service 64 - ok 11:05:51.0515 0x12b4 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 11:05:51.0515 0x12b4 flpydisk - ok 11:05:51.0515 0x12b4 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 11:05:51.0530 0x12b4 FltMgr - ok 11:05:51.0562 0x12b4 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll 11:05:51.0577 0x12b4 FontCache - ok 11:05:51.0593 0x12b4 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:05:51.0593 0x12b4 FontCache3.0.0.0 - ok 11:05:51.0593 0x12b4 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 11:05:51.0593 0x12b4 FsDepends - ok 11:05:51.0593 0x12b4 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 11:05:51.0593 0x12b4 Fs_Rec - ok 11:05:51.0608 0x12b4 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 11:05:51.0608 0x12b4 fvevol - ok 11:05:51.0608 0x12b4 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys 11:05:51.0608 0x12b4 FxPPM - ok 11:05:51.0624 0x12b4 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 11:05:51.0624 0x12b4 gagp30kx - ok 11:05:51.0624 0x12b4 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 11:05:51.0624 0x12b4 gencounter - ok 11:05:51.0624 0x12b4 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 11:05:51.0624 0x12b4 GPIOClx0101 - ok 11:05:51.0655 0x12b4 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\Windows\System32\gpsvc.dll 11:05:51.0671 0x12b4 gpsvc - ok 11:05:51.0671 0x12b4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:05:51.0671 0x12b4 gupdate - ok 11:05:51.0671 0x12b4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:05:51.0671 0x12b4 gupdatem - ok 11:05:51.0687 0x12b4 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 11:05:51.0702 0x12b4 HdAudAddService - ok 11:05:51.0702 0x12b4 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 11:05:51.0718 0x12b4 HDAudBus - ok 11:05:51.0718 0x12b4 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 11:05:51.0718 0x12b4 HidBatt - ok 11:05:51.0718 0x12b4 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys 11:05:51.0718 0x12b4 HidBth - ok 11:05:51.0718 0x12b4 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 11:05:51.0718 0x12b4 hidi2c - ok 11:05:51.0733 0x12b4 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys 11:05:51.0733 0x12b4 HidIr - ok 11:05:51.0733 0x12b4 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll 11:05:51.0733 0x12b4 hidserv - ok 11:05:51.0733 0x12b4 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys 11:05:51.0733 0x12b4 HidUsb - ok 11:05:51.0733 0x12b4 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll 11:05:51.0733 0x12b4 hkmsvc - ok 11:05:51.0749 0x12b4 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 11:05:51.0749 0x12b4 HomeGroupListener - ok 11:05:51.0765 0x12b4 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 11:05:51.0765 0x12b4 HomeGroupProvider - ok 11:05:51.0780 0x12b4 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 11:05:51.0780 0x12b4 HpSAMD - ok 11:05:51.0874 0x12b4 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys 11:05:51.0874 0x12b4 HTTP - ok 11:05:51.0890 0x12b4 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 11:05:51.0890 0x12b4 hwpolicy - ok 11:05:51.0905 0x12b4 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 11:05:51.0905 0x12b4 hyperkbd - ok 11:05:51.0905 0x12b4 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys 11:05:51.0905 0x12b4 HyperVideo - ok 11:05:51.0905 0x12b4 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 11:05:51.0905 0x12b4 i8042prt - ok 11:05:51.0921 0x12b4 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 11:05:51.0921 0x12b4 iaLPSSi_GPIO - ok 11:05:51.0921 0x12b4 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys 11:05:51.0921 0x12b4 iaLPSSi_I2C - ok 11:05:51.0983 0x12b4 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys 11:05:51.0999 0x12b4 iaStorAV - ok 11:05:52.0030 0x12b4 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 11:05:52.0030 0x12b4 iaStorV - ok 11:05:52.0030 0x12b4 IEEtwCollectorService - ok 11:05:52.0108 0x12b4 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\Windows\System32\ikeext.dll 11:05:52.0140 0x12b4 IKEEXT - ok 11:05:52.0140 0x12b4 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys 11:05:52.0140 0x12b4 intelide - ok 11:05:52.0155 0x12b4 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys 11:05:52.0155 0x12b4 intelpep - ok 11:05:52.0171 0x12b4 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys 11:05:52.0171 0x12b4 intelppm - ok 11:05:52.0187 0x12b4 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:05:52.0187 0x12b4 IpFilterDriver - ok 11:05:52.0280 0x12b4 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 11:05:52.0296 0x12b4 iphlpsvc - ok 11:05:52.0296 0x12b4 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 11:05:52.0296 0x12b4 IPMIDRV - ok 11:05:52.0296 0x12b4 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 11:05:52.0296 0x12b4 IPNAT - ok 11:05:52.0312 0x12b4 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys 11:05:52.0312 0x12b4 IRENUM - ok 11:05:52.0312 0x12b4 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys 11:05:52.0312 0x12b4 isapnp - ok 11:05:52.0312 0x12b4 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 11:05:52.0327 0x12b4 iScsiPrt - ok 11:05:52.0327 0x12b4 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 11:05:52.0327 0x12b4 kbdclass - ok 11:05:52.0327 0x12b4 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 11:05:52.0327 0x12b4 kbdhid - ok 11:05:52.0327 0x12b4 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys 11:05:52.0327 0x12b4 kbldfltr - ok 11:05:52.0327 0x12b4 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys 11:05:52.0327 0x12b4 kdnic - ok 11:05:52.0343 0x12b4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe 11:05:52.0343 0x12b4 KeyIso - ok 11:05:52.0343 0x12b4 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 11:05:52.0343 0x12b4 KSecDD - ok 11:05:52.0343 0x12b4 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 11:05:52.0343 0x12b4 KSecPkg - ok 11:05:52.0358 0x12b4 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 11:05:52.0358 0x12b4 ksthunk - ok 11:05:52.0358 0x12b4 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll 11:05:52.0358 0x12b4 KtmRm - ok 11:05:52.0374 0x12b4 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\Windows\system32\srvsvc.dll 11:05:52.0374 0x12b4 LanmanServer - ok 11:05:52.0390 0x12b4 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 11:05:52.0390 0x12b4 LanmanWorkstation - ok 11:05:52.0405 0x12b4 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll 11:05:52.0405 0x12b4 lfsvc - ok 11:05:52.0405 0x12b4 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 11:05:52.0405 0x12b4 lltdio - ok 11:05:52.0421 0x12b4 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll 11:05:52.0421 0x12b4 lltdsvc - ok 11:05:52.0421 0x12b4 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll 11:05:52.0421 0x12b4 lmhosts - ok 11:05:52.0421 0x12b4 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 11:05:52.0437 0x12b4 LSI_SAS - ok 11:05:52.0437 0x12b4 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 11:05:52.0437 0x12b4 LSI_SAS2 - ok 11:05:52.0437 0x12b4 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys 11:05:52.0437 0x12b4 LSI_SAS3 - ok 11:05:52.0437 0x12b4 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 11:05:52.0437 0x12b4 LSI_SSS - ok 11:05:52.0452 0x12b4 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll 11:05:52.0468 0x12b4 LSM - ok 11:05:52.0468 0x12b4 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys 11:05:52.0468 0x12b4 luafv - ok 11:05:52.0468 0x12b4 [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys 11:05:52.0483 0x12b4 mbamchameleon - ok 11:05:52.0483 0x12b4 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys 11:05:52.0483 0x12b4 megasas - ok 11:05:52.0483 0x12b4 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys 11:05:52.0499 0x12b4 megasr - ok 11:05:52.0499 0x12b4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys 11:05:52.0499 0x12b4 MEIx64 - ok 11:05:52.0499 0x12b4 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll 11:05:52.0515 0x12b4 MMCSS - ok 11:05:52.0515 0x12b4 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys 11:05:52.0515 0x12b4 Modem - ok 11:05:52.0515 0x12b4 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys 11:05:52.0515 0x12b4 monitor - ok 11:05:52.0515 0x12b4 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys 11:05:52.0515 0x12b4 mouclass - ok 11:05:52.0515 0x12b4 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys 11:05:52.0515 0x12b4 mouhid - ok 11:05:52.0530 0x12b4 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 11:05:52.0530 0x12b4 mountmgr - ok 11:05:52.0530 0x12b4 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:05:52.0530 0x12b4 MozillaMaintenance - ok 11:05:52.0530 0x12b4 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 11:05:52.0530 0x12b4 mpsdrv - ok 11:05:52.0546 0x12b4 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll 11:05:52.0562 0x12b4 MpsSvc - ok 11:05:52.0562 0x12b4 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 11:05:52.0577 0x12b4 MRxDAV - ok 11:05:52.0577 0x12b4 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 11:05:52.0577 0x12b4 mrxsmb - ok 11:05:52.0593 0x12b4 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:05:52.0593 0x12b4 mrxsmb10 - ok 11:05:52.0593 0x12b4 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:05:52.0608 0x12b4 mrxsmb20 - ok 11:05:52.0608 0x12b4 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys 11:05:52.0608 0x12b4 MsBridge - ok 11:05:52.0608 0x12b4 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe 11:05:52.0608 0x12b4 MSDTC - ok 11:05:52.0624 0x12b4 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys 11:05:52.0624 0x12b4 Msfs - ok 11:05:52.0624 0x12b4 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 11:05:52.0624 0x12b4 msgpiowin32 - ok 11:05:52.0624 0x12b4 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 11:05:52.0624 0x12b4 mshidkmdf - ok 11:05:52.0624 0x12b4 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 11:05:52.0624 0x12b4 mshidumdf - ok 11:05:52.0640 0x12b4 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 11:05:52.0640 0x12b4 msisadrv - ok 11:05:52.0640 0x12b4 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 11:05:52.0640 0x12b4 MSiSCSI - ok 11:05:52.0640 0x12b4 msiserver - ok 11:05:52.0640 0x12b4 [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll 11:05:52.0640 0x12b4 MsKeyboardFilter - ok 11:05:52.0655 0x12b4 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 11:05:52.0655 0x12b4 MSKSSRV - ok 11:05:52.0655 0x12b4 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys 11:05:52.0655 0x12b4 MsLldp - ok 11:05:52.0655 0x12b4 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 11:05:52.0655 0x12b4 MSPCLOCK - ok 11:05:52.0655 0x12b4 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 11:05:52.0655 0x12b4 MSPQM - ok 11:05:52.0671 0x12b4 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 11:05:52.0671 0x12b4 MsRPC - ok 11:05:52.0671 0x12b4 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 11:05:52.0671 0x12b4 mssmbios - ok 11:05:52.0671 0x12b4 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 11:05:52.0671 0x12b4 MSTEE - ok 11:05:52.0687 0x12b4 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 11:05:52.0687 0x12b4 MTConfig - ok 11:05:52.0687 0x12b4 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys 11:05:52.0687 0x12b4 Mup - ok 11:05:52.0687 0x12b4 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys 11:05:52.0687 0x12b4 mvumis - ok 11:05:52.0702 0x12b4 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll 11:05:52.0702 0x12b4 napagent - ok 11:05:52.0718 0x12b4 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 11:05:52.0718 0x12b4 NativeWifiP - ok 11:05:52.0733 0x12b4 [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 11:05:52.0749 0x12b4 NAUpdate - ok 11:05:52.0749 0x12b4 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll 11:05:52.0749 0x12b4 NcaSvc - ok 11:05:52.0749 0x12b4 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll 11:05:52.0749 0x12b4 NcbService - ok 11:05:52.0765 0x12b4 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 11:05:52.0765 0x12b4 NcdAutoSetup - ok 11:05:52.0780 0x12b4 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\Windows\system32\drivers\ndis.sys 11:05:52.0796 0x12b4 NDIS - ok 11:05:52.0796 0x12b4 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 11:05:52.0796 0x12b4 NdisCap - ok 11:05:52.0796 0x12b4 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys 11:05:52.0796 0x12b4 NdisImPlatform - ok 11:05:52.0812 0x12b4 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 11:05:52.0812 0x12b4 NdisTapi - ok 11:05:52.0812 0x12b4 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 11:05:52.0812 0x12b4 Ndisuio - ok 11:05:52.0812 0x12b4 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys 11:05:52.0812 0x12b4 NdisVirtualBus - ok 11:05:52.0812 0x12b4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 11:05:52.0827 0x12b4 NdisWan - ok 11:05:52.0827 0x12b4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys 11:05:52.0827 0x12b4 NdisWanLegacy - ok 11:05:52.0827 0x12b4 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 11:05:52.0827 0x12b4 NDProxy - ok 11:05:52.0843 0x12b4 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys 11:05:52.0843 0x12b4 Ndu - ok 11:05:52.0843 0x12b4 [ AFBF859B49F12B67630829DE7433D75F, 7680D2D5BA5519529F4C212F6B9498EA62874FB651811A3B8853691CDB0C42D4 ] Neo_VPN C:\Windows\system32\DRIVERS\Neo_VPN.sys 11:05:52.0843 0x12b4 Neo_VPN - ok 11:05:52.0843 0x12b4 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 11:05:52.0843 0x12b4 NetBIOS - ok 11:05:52.0858 0x12b4 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 11:05:52.0858 0x12b4 NetBT - ok 11:05:52.0858 0x12b4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe 11:05:52.0858 0x12b4 Netlogon - ok 11:05:52.0858 0x12b4 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll 11:05:52.0874 0x12b4 Netman - ok 11:05:52.0874 0x12b4 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll 11:05:52.0890 0x12b4 netprofm - ok 11:05:52.0890 0x12b4 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:05:52.0890 0x12b4 NetTcpPortSharing - ok 11:05:52.0905 0x12b4 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys 11:05:52.0905 0x12b4 netvsc - ok 11:05:52.0905 0x12b4 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll 11:05:52.0921 0x12b4 NlaSvc - ok 11:05:52.0921 0x12b4 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys 11:05:52.0921 0x12b4 Npfs - ok 11:05:52.0921 0x12b4 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 11:05:52.0921 0x12b4 npsvctrig - ok 11:05:52.0921 0x12b4 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll 11:05:52.0921 0x12b4 nsi - ok 11:05:52.0921 0x12b4 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 11:05:52.0937 0x12b4 nsiproxy - ok 11:05:52.0968 0x12b4 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 11:05:52.0983 0x12b4 Ntfs - ok 11:05:52.0983 0x12b4 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys 11:05:52.0983 0x12b4 Null - ok 11:05:52.0983 0x12b4 NVHDA - ok 11:05:52.0983 0x12b4 nvlddmkm - ok 11:05:52.0999 0x12b4 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys 11:05:52.0999 0x12b4 nvraid - ok 11:05:52.0999 0x12b4 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 11:05:52.0999 0x12b4 nvstor - ok 11:05:53.0015 0x12b4 nvvad_WaveExtensible - ok 11:05:53.0015 0x12b4 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 11:05:53.0015 0x12b4 nv_agp - ok 11:05:53.0046 0x12b4 [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 11:05:53.0077 0x12b4 Origin Client Service - ok 11:05:53.0109 0x12b4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:05:53.0109 0x12b4 ose - ok 11:05:53.0109 0x12b4 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 11:05:53.0124 0x12b4 p2pimsvc - ok 11:05:53.0124 0x12b4 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll 11:05:53.0140 0x12b4 p2psvc - ok 11:05:53.0140 0x12b4 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys 11:05:53.0140 0x12b4 Parport - ok 11:05:53.0155 0x12b4 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys 11:05:53.0155 0x12b4 partmgr - ok 11:05:53.0171 0x12b4 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll 11:05:53.0171 0x12b4 PcaSvc - ok 11:05:53.0187 0x12b4 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys 11:05:53.0187 0x12b4 pci - ok 11:05:53.0187 0x12b4 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys 11:05:53.0187 0x12b4 pciide - ok 11:05:53.0202 0x12b4 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 11:05:53.0202 0x12b4 pcmcia - ok 11:05:53.0202 0x12b4 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys 11:05:53.0202 0x12b4 pcw - ok 11:05:53.0202 0x12b4 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys 11:05:53.0202 0x12b4 pdc - ok 11:05:53.0234 0x12b4 [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe 11:05:53.0249 0x12b4 PDF Architect 2 - ok 11:05:53.0265 0x12b4 [ B2309F132A31AF03C0A249AEDE8CF289, BBAE32AA55E495ACB9A8089C090ADD78BE1DC16233CAA61BBED1456CA718D430 ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe 11:05:53.0280 0x12b4 PDF Architect 2 Creator - ok 11:05:53.0296 0x12b4 [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe 11:05:53.0312 0x12b4 pdfforge CrashHandler - ok 11:05:53.0312 0x12b4 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 11:05:53.0327 0x12b4 PEAUTH - ok 11:05:53.0359 0x12b4 [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 11:05:53.0390 0x12b4 PeerDistSvc - ok 11:05:53.0405 0x12b4 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe 11:05:53.0405 0x12b4 PerfHost - ok 11:05:53.0452 0x12b4 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll 11:05:53.0468 0x12b4 pla - ok 11:05:53.0484 0x12b4 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 11:05:53.0484 0x12b4 PlugPlay - ok 11:05:53.0484 0x12b4 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 11:05:53.0484 0x12b4 PNRPAutoReg - ok 11:05:53.0484 0x12b4 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 11:05:53.0499 0x12b4 PNRPsvc - ok 11:05:53.0499 0x12b4 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 11:05:53.0515 0x12b4 PolicyAgent - ok 11:05:53.0515 0x12b4 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll 11:05:53.0515 0x12b4 Power - ok 11:05:53.0515 0x12b4 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 11:05:53.0515 0x12b4 PptpMiniport - ok 11:05:53.0562 0x12b4 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 11:05:53.0609 0x12b4 PrintNotify - ok 11:05:53.0609 0x12b4 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys 11:05:53.0609 0x12b4 Processor - ok 11:05:53.0609 0x12b4 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll 11:05:53.0624 0x12b4 ProfSvc - ok 11:05:53.0624 0x12b4 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys 11:05:53.0624 0x12b4 Psched - ok 11:05:53.0640 0x12b4 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll 11:05:53.0640 0x12b4 QWAVE - ok 11:05:53.0640 0x12b4 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 11:05:53.0640 0x12b4 QWAVEdrv - ok 11:05:53.0640 0x12b4 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 11:05:53.0640 0x12b4 RasAcd - ok 11:05:53.0640 0x12b4 [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 11:05:53.0655 0x12b4 RasAgileVpn - ok 11:05:53.0655 0x12b4 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll 11:05:53.0655 0x12b4 RasAuto - ok 11:05:53.0655 0x12b4 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 11:05:53.0655 0x12b4 Rasl2tp - ok 11:05:53.0671 0x12b4 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll 11:05:53.0671 0x12b4 RasMan - ok 11:05:53.0687 0x12b4 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 11:05:53.0687 0x12b4 RasPppoe - ok 11:05:53.0687 0x12b4 [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 11:05:53.0687 0x12b4 RasSstp - ok 11:05:53.0702 0x12b4 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 11:05:53.0702 0x12b4 rdbss - ok 11:05:53.0702 0x12b4 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 11:05:53.0702 0x12b4 rdpbus - ok 11:05:53.0702 0x12b4 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 11:05:53.0718 0x12b4 RDPDR - ok 11:05:53.0718 0x12b4 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 11:05:53.0718 0x12b4 RdpVideoMiniport - ok 11:05:53.0718 0x12b4 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 11:05:53.0718 0x12b4 rdyboost - ok 11:05:53.0734 0x12b4 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys 11:05:53.0749 0x12b4 ReFS - ok 11:05:53.0765 0x12b4 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll 11:05:53.0765 0x12b4 RemoteAccess - ok 11:05:53.0765 0x12b4 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll 11:05:53.0765 0x12b4 RemoteRegistry - ok 11:05:53.0780 0x12b4 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 11:05:53.0780 0x12b4 RpcEptMapper - ok 11:05:53.0780 0x12b4 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe 11:05:53.0780 0x12b4 RpcLocator - ok 11:05:53.0796 0x12b4 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll 11:05:53.0796 0x12b4 RpcSs - ok 11:05:53.0812 0x12b4 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 11:05:53.0812 0x12b4 rspndr - ok 11:05:53.0812 0x12b4 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys 11:05:53.0827 0x12b4 RTL8168 - ok 11:05:53.0859 0x12b4 [ B0A0260A3C03156937ECDB67CE5C6FE5, 88102D22976398599FA6165E9DBC1213EF2A001C99602E2195C9A7BAB0A127D7 ] RtlWlanu C:\Windows\system32\DRIVERS\rtwlanu.sys 11:05:53.0874 0x12b4 RtlWlanu - ok 11:05:53.0890 0x12b4 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys 11:05:53.0890 0x12b4 s3cap - ok 11:05:53.0890 0x12b4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe 11:05:53.0890 0x12b4 SamSs - ok 11:05:53.0890 0x12b4 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 11:05:53.0890 0x12b4 sbp2port - ok 11:05:53.0905 0x12b4 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll 11:05:53.0905 0x12b4 SCardSvr - ok 11:05:53.0905 0x12b4 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll 11:05:53.0905 0x12b4 ScDeviceEnum - ok 11:05:53.0905 0x12b4 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 11:05:53.0905 0x12b4 scfilter - ok 11:05:53.0937 0x12b4 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\Windows\system32\schedsvc.dll 11:05:53.0952 0x12b4 Schedule - ok 11:05:53.0952 0x12b4 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll 11:05:53.0952 0x12b4 SCPolicySvc - ok 11:05:53.0968 0x12b4 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys 11:05:53.0968 0x12b4 sdbus - ok 11:05:53.0999 0x12b4 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 11:05:54.0015 0x12b4 SDScannerService - ok 11:05:54.0015 0x12b4 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys 11:05:54.0015 0x12b4 sdstor - ok 11:05:54.0062 0x12b4 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 11:05:54.0077 0x12b4 SDUpdateService - ok 11:05:54.0077 0x12b4 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 11:05:54.0093 0x12b4 SDWSCService - ok 11:05:54.0093 0x12b4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 11:05:54.0093 0x12b4 secdrv - ok 11:05:54.0093 0x12b4 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll 11:05:54.0093 0x12b4 seclogon - ok 11:05:54.0093 0x12b4 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll 11:05:54.0093 0x12b4 SENS - ok 11:05:54.0109 0x12b4 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll 11:05:54.0109 0x12b4 SensrSvc - ok 11:05:54.0109 0x12b4 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys 11:05:54.0109 0x12b4 SerCx - ok 11:05:54.0109 0x12b4 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys 11:05:54.0124 0x12b4 SerCx2 - ok 11:05:54.0124 0x12b4 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys 11:05:54.0124 0x12b4 Serenum - ok 11:05:54.0124 0x12b4 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys 11:05:54.0124 0x12b4 Serial - ok 11:05:54.0124 0x12b4 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys 11:05:54.0124 0x12b4 sermouse - ok 11:05:54.0140 0x12b4 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll 11:05:54.0140 0x12b4 SessionEnv - ok 11:05:54.0140 0x12b4 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 11:05:54.0140 0x12b4 sfloppy - ok 11:05:54.0155 0x12b4 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll 11:05:54.0155 0x12b4 SharedAccess - ok 11:05:54.0171 0x12b4 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 11:05:54.0187 0x12b4 ShellHWDetection - ok 11:05:54.0187 0x12b4 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 11:05:54.0187 0x12b4 SiSRaid2 - ok 11:05:54.0187 0x12b4 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 11:05:54.0187 0x12b4 SiSRaid4 - ok 11:05:54.0187 0x12b4 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll 11:05:54.0187 0x12b4 smphost - ok 11:05:54.0202 0x12b4 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 11:05:54.0202 0x12b4 SNMPTRAP - ok 11:05:54.0202 0x12b4 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\Windows\system32\drivers\spaceport.sys 11:05:54.0218 0x12b4 spaceport - ok 11:05:54.0218 0x12b4 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 11:05:54.0218 0x12b4 SpbCx - ok 11:05:54.0234 0x12b4 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\Windows\System32\spoolsv.exe 11:05:54.0234 0x12b4 Spooler - ok 11:05:54.0327 0x12b4 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe 11:05:54.0405 0x12b4 sppsvc - ok 11:05:54.0421 0x12b4 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys 11:05:54.0421 0x12b4 srv - ok 11:05:54.0437 0x12b4 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 11:05:54.0437 0x12b4 srv2 - ok 11:05:54.0452 0x12b4 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 11:05:54.0452 0x12b4 srvnet - ok 11:05:54.0452 0x12b4 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 11:05:54.0468 0x12b4 SSDPSRV - ok 11:05:54.0468 0x12b4 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll 11:05:54.0468 0x12b4 SstpSvc - ok 11:05:54.0468 0x12b4 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 11:05:54.0484 0x12b4 ssudmdm - ok 11:05:54.0484 0x12b4 [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 11:05:54.0499 0x12b4 Steam Client Service - ok 11:05:54.0499 0x12b4 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys 11:05:54.0499 0x12b4 stexstor - ok 11:05:54.0515 0x12b4 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll 11:05:54.0530 0x12b4 stisvc - ok 11:05:54.0530 0x12b4 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys 11:05:54.0530 0x12b4 storahci - ok 11:05:54.0530 0x12b4 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys 11:05:54.0530 0x12b4 storflt - ok 11:05:54.0530 0x12b4 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys 11:05:54.0546 0x12b4 stornvme - ok 11:05:54.0546 0x12b4 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll 11:05:54.0546 0x12b4 StorSvc - ok 11:05:54.0546 0x12b4 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys 11:05:54.0546 0x12b4 storvsc - ok 11:05:54.0546 0x12b4 [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\Windows\System32\drivers\storvsp.sys 11:05:54.0546 0x12b4 storvsp - ok 11:05:54.0546 0x12b4 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll 11:05:54.0562 0x12b4 svsvc - ok 11:05:54.0562 0x12b4 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys 11:05:54.0562 0x12b4 swenum - ok 11:05:54.0577 0x12b4 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll 11:05:54.0577 0x12b4 swprv - ok 11:05:54.0593 0x12b4 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll 11:05:54.0609 0x12b4 SysMain - ok 11:05:54.0624 0x12b4 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 11:05:54.0624 0x12b4 SystemEventsBroker - ok 11:05:54.0624 0x12b4 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll 11:05:54.0640 0x12b4 TabletInputService - ok 11:05:54.0640 0x12b4 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 11:05:54.0640 0x12b4 tap0901 - ok 11:05:54.0640 0x12b4 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll 11:05:54.0655 0x12b4 TapiSrv - ok 11:05:54.0655 0x12b4 [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD, 58F14DAA0EA21EA2F2A1D3D62C88BD8E5A0E0EF498B7B8D367BEEADE6A46843C ] tapoas C:\Windows\system32\DRIVERS\tapoas.sys 11:05:54.0655 0x12b4 tapoas - ok 11:05:54.0687 0x12b4 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 11:05:54.0718 0x12b4 Tcpip - ok 11:05:54.0765 0x12b4 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 11:05:54.0796 0x12b4 TCPIP6 - ok 11:05:54.0796 0x12b4 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 11:05:54.0796 0x12b4 tcpipreg - ok 11:05:54.0796 0x12b4 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys 11:05:54.0796 0x12b4 tdx - ok 11:05:54.0812 0x12b4 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys 11:05:54.0812 0x12b4 terminpt - ok 11:05:54.0827 0x12b4 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\Windows\System32\termsrv.dll 11:05:54.0843 0x12b4 TermService - ok 11:05:54.0843 0x12b4 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll 11:05:54.0843 0x12b4 Themes - ok 11:05:54.0843 0x12b4 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll 11:05:54.0843 0x12b4 THREADORDER - ok 11:05:54.0859 0x12b4 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 11:05:54.0859 0x12b4 TimeBroker - ok 11:05:54.0859 0x12b4 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys 11:05:54.0859 0x12b4 TPM - ok 11:05:54.0874 0x12b4 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll 11:05:54.0874 0x12b4 TrkWks - ok 11:05:54.0874 0x12b4 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 11:05:54.0874 0x12b4 TrustedInstaller - ok 11:05:54.0874 0x12b4 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 11:05:54.0874 0x12b4 TsUsbFlt - ok 11:05:54.0890 0x12b4 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 11:05:54.0890 0x12b4 TsUsbGD - ok 11:05:54.0890 0x12b4 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 11:05:54.0890 0x12b4 tunnel - ok 11:05:54.0890 0x12b4 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 11:05:54.0890 0x12b4 uagp35 - ok 11:05:54.0890 0x12b4 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 11:05:54.0905 0x12b4 UASPStor - ok 11:05:54.0905 0x12b4 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys 11:05:54.0905 0x12b4 UCX01000 - ok 11:05:54.0921 0x12b4 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys 11:05:54.0921 0x12b4 udfs - ok 11:05:54.0921 0x12b4 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys 11:05:54.0921 0x12b4 UEFI - ok 11:05:54.0921 0x12b4 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe 11:05:54.0921 0x12b4 UI0Detect - ok 11:05:54.0937 0x12b4 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 11:05:54.0937 0x12b4 uliagpkx - ok 11:05:54.0937 0x12b4 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys 11:05:54.0937 0x12b4 umbus - ok 11:05:54.0937 0x12b4 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys 11:05:54.0937 0x12b4 UmPass - ok 11:05:54.0937 0x12b4 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll 11:05:54.0952 0x12b4 UmRdpService - ok 11:05:54.0952 0x12b4 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll 11:05:54.0968 0x12b4 upnphost - ok 11:05:54.0968 0x12b4 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 11:05:54.0968 0x12b4 usbaudio - ok 11:05:54.0968 0x12b4 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 11:05:54.0984 0x12b4 usbccgp - ok 11:05:54.0984 0x12b4 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys 11:05:54.0984 0x12b4 usbcir - ok 11:05:54.0984 0x12b4 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys 11:05:54.0984 0x12b4 usbehci - ok 11:05:54.0999 0x12b4 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys 11:05:54.0999 0x12b4 usbhub - ok 11:05:55.0015 0x12b4 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 11:05:55.0015 0x12b4 USBHUB3 - ok 11:05:55.0030 0x12b4 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys 11:05:55.0030 0x12b4 usbohci - ok 11:05:55.0030 0x12b4 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys 11:05:55.0030 0x12b4 usbprint - ok 11:05:55.0030 0x12b4 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 11:05:55.0030 0x12b4 USBSTOR - ok 11:05:55.0030 0x12b4 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 11:05:55.0046 0x12b4 usbuhci - ok 11:05:55.0046 0x12b4 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 11:05:55.0046 0x12b4 USBXHCI - ok 11:05:55.0062 0x12b4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe 11:05:55.0062 0x12b4 VaultSvc - ok 11:05:55.0062 0x12b4 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\System32\drivers\VClone.sys 11:05:55.0062 0x12b4 VClone - ok 11:05:55.0062 0x12b4 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 11:05:55.0062 0x12b4 vdrvroot - ok 11:05:55.0077 0x12b4 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe 11:05:55.0093 0x12b4 vds - ok 11:05:55.0109 0x12b4 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 11:05:55.0109 0x12b4 VerifierExt - ok 11:05:55.0124 0x12b4 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 11:05:55.0124 0x12b4 vhdmp - ok 11:05:55.0124 0x12b4 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys 11:05:55.0124 0x12b4 viaide - ok 11:05:55.0140 0x12b4 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys 11:05:55.0140 0x12b4 Vid - ok 11:05:55.0140 0x12b4 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys 11:05:55.0140 0x12b4 vmbus - ok 11:05:55.0140 0x12b4 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 11:05:55.0140 0x12b4 VMBusHID - ok 11:05:55.0155 0x12b4 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys 11:05:55.0155 0x12b4 vmbusr - ok 11:05:55.0155 0x12b4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll 11:05:55.0171 0x12b4 vmicguestinterface - ok 11:05:55.0171 0x12b4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll 11:05:55.0187 0x12b4 vmicheartbeat - ok 11:05:55.0187 0x12b4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll 11:05:55.0202 0x12b4 vmickvpexchange - ok 11:05:55.0202 0x12b4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll 11:05:55.0218 0x12b4 vmicrdv - ok 11:05:55.0218 0x12b4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll 11:05:55.0234 0x12b4 vmicshutdown - ok 11:05:55.0234 0x12b4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll 11:05:55.0249 0x12b4 vmictimesync - ok 11:05:55.0249 0x12b4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll 11:05:55.0265 0x12b4 vmicvss - ok 11:05:55.0265 0x12b4 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys 11:05:55.0265 0x12b4 volmgr - ok 11:05:55.0280 0x12b4 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 11:05:55.0280 0x12b4 volmgrx - ok 11:05:55.0296 0x12b4 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys 11:05:55.0296 0x12b4 volsnap - ok 11:05:55.0296 0x12b4 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys 11:05:55.0296 0x12b4 vpci - ok 11:05:55.0296 0x12b4 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys 11:05:55.0296 0x12b4 vpcivsp - ok 11:05:55.0312 0x12b4 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 11:05:55.0312 0x12b4 vsmraid - ok 11:05:55.0327 0x12b4 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe 11:05:55.0343 0x12b4 VSS - ok 11:05:55.0359 0x12b4 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 11:05:55.0359 0x12b4 VSTXRAID - ok 11:05:55.0359 0x12b4 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 11:05:55.0359 0x12b4 vwifibus - ok 11:05:55.0359 0x12b4 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 11:05:55.0374 0x12b4 vwififlt - ok 11:05:55.0374 0x12b4 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 11:05:55.0374 0x12b4 vwifimp - ok 11:05:55.0374 0x12b4 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll 11:05:55.0390 0x12b4 W32Time - ok 11:05:55.0390 0x12b4 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys 11:05:55.0390 0x12b4 WacomPen - ok 11:05:55.0390 0x12b4 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 11:05:55.0390 0x12b4 WANARP - ok 11:05:55.0390 0x12b4 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 11:05:55.0390 0x12b4 Wanarpv6 - ok 11:05:55.0421 0x12b4 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe 11:05:55.0437 0x12b4 wbengine - ok 11:05:55.0452 0x12b4 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 11:05:55.0452 0x12b4 WbioSrvc - ok 11:05:55.0468 0x12b4 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 11:05:55.0468 0x12b4 Wcmsvc - ok 11:05:55.0484 0x12b4 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll 11:05:55.0484 0x12b4 wcncsvc - ok 11:05:55.0484 0x12b4 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 11:05:55.0484 0x12b4 WcsPlugInService - ok 11:05:55.0499 0x12b4 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 11:05:55.0499 0x12b4 WdBoot - ok 11:05:55.0515 0x12b4 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 11:05:55.0515 0x12b4 Wdf01000 - ok 11:05:55.0531 0x12b4 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 11:05:55.0531 0x12b4 WdFilter - ok 11:05:55.0531 0x12b4 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll 11:05:55.0531 0x12b4 WdiServiceHost - ok 11:05:55.0531 0x12b4 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll 11:05:55.0531 0x12b4 WdiSystemHost - ok 11:05:55.0546 0x12b4 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 11:05:55.0546 0x12b4 WdNisDrv - ok 11:05:55.0546 0x12b4 WdNisSvc - ok 11:05:55.0546 0x12b4 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\Windows\System32\webclnt.dll 11:05:55.0562 0x12b4 WebClient - ok 11:05:55.0562 0x12b4 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll 11:05:55.0562 0x12b4 Wecsvc - ok 11:05:55.0562 0x12b4 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 11:05:55.0562 0x12b4 WEPHOSTSVC - ok 11:05:55.0577 0x12b4 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll 11:05:55.0577 0x12b4 wercplsupport - ok 11:05:55.0577 0x12b4 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll 11:05:55.0577 0x12b4 WerSvc - ok 11:05:55.0593 0x12b4 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys 11:05:55.0593 0x12b4 WFPLWFS - ok 11:05:55.0593 0x12b4 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll 11:05:55.0593 0x12b4 WiaRpc - ok 11:05:55.0593 0x12b4 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 11:05:55.0593 0x12b4 WIMMount - ok 11:05:55.0593 0x12b4 WinDefend - ok 11:05:55.0609 0x12b4 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 11:05:55.0624 0x12b4 WinHttpAutoProxySvc - ok 11:05:55.0640 0x12b4 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 11:05:55.0640 0x12b4 Winmgmt - ok 11:05:55.0671 0x12b4 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll 11:05:55.0702 0x12b4 WinRM - ok 11:05:55.0718 0x12b4 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 11:05:55.0718 0x12b4 WinUsb - ok 11:05:55.0749 0x12b4 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\Windows\System32\wlansvc.dll 11:05:55.0781 0x12b4 WlanSvc - ok 11:05:55.0812 0x12b4 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll 11:05:55.0827 0x12b4 wlidsvc - ok 11:05:55.0827 0x12b4 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 11:05:55.0827 0x12b4 WmiAcpi - ok 11:05:55.0843 0x12b4 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 11:05:55.0843 0x12b4 wmiApSrv - ok 11:05:55.0843 0x12b4 WMPNetworkSvc - ok 11:05:55.0843 0x12b4 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys 11:05:55.0843 0x12b4 Wof - ok 11:05:55.0874 0x12b4 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 11:05:55.0890 0x12b4 workfolderssvc - ok |
|
19.03.2015, 12:03
| #5 |
| | Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei 11:05:55.0890 0x12b4 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 11:05:55.0906 0x12b4 wpcfltr - ok 11:05:55.0906 0x12b4 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 11:05:55.0906 0x12b4 WPCSvc - ok 11:05:55.0906 0x12b4 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 11:05:55.0906 0x12b4 WPDBusEnum - ok 11:05:55.0906 0x12b4 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 11:05:55.0906 0x12b4 WpdUpFltr - ok 11:05:55.0921 0x12b4 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 11:05:55.0921 0x12b4 ws2ifsl - ok 11:05:55.0921 0x12b4 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll 11:05:55.0921 0x12b4 wscsvc - ok 11:05:55.0921 0x12b4 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys 11:05:55.0921 0x12b4 WSDPrintDevice - ok 11:05:55.0921 0x12b4 [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\Windows\System32\drivers\WSDScan.sys 11:05:55.0921 0x12b4 WSDScan - ok 11:05:55.0937 0x12b4 WSearch - ok 11:05:55.0984 0x12b4 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll 11:05:56.0015 0x12b4 WSService - ok 11:05:56.0077 0x12b4 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\Windows\system32\wuaueng.dll 11:05:56.0124 0x12b4 wuauserv - ok 11:05:56.0124 0x12b4 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 11:05:56.0124 0x12b4 WudfPf - ok 11:05:56.0124 0x12b4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 11:05:56.0140 0x12b4 WUDFRd - ok 11:05:56.0140 0x12b4 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 11:05:56.0140 0x12b4 wudfsvc - ok 11:05:56.0140 0x12b4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys 11:05:56.0156 0x12b4 WUDFWpdFs - ok 11:05:56.0156 0x12b4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys 11:05:56.0156 0x12b4 WUDFWpdMtp - ok 11:05:56.0171 0x12b4 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll 11:05:56.0171 0x12b4 WwanSvc - ok 11:05:56.0171 0x12b4 [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\Windows\System32\drivers\xusb22.sys 11:05:56.0171 0x12b4 xusb22 - ok 11:05:56.0187 0x12b4 [ 7BB341F8B7CABBB37638E6D351B489C4, 567924DA9EDB271808556262DD885DA5156B4DA18ACDE6E08FB2C890588063F2 ] ZCinema_TSHD_x64 C:\Windows\system32\drivers\ZCinema_SRS_amd64.sys 11:05:56.0187 0x12b4 ZCinema_TSHD_x64 - ok 11:05:56.0187 0x12b4 ================ Scan global =============================== 11:05:56.0187 0x12b4 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll 11:05:56.0202 0x12b4 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll 11:05:56.0202 0x12b4 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll 11:05:56.0218 0x12b4 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe 11:05:56.0218 0x12b4 [ Global ] - ok 11:05:56.0218 0x12b4 ================ Scan MBR ================================== 11:05:56.0218 0x12b4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 11:05:56.0218 0x12b4 \Device\Harddisk0\DR0 - ok 11:05:56.0218 0x12b4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 11:05:56.0281 0x12b4 \Device\Harddisk1\DR1 - ok 11:05:56.0281 0x12b4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 11:05:56.0281 0x12b4 \Device\Harddisk2\DR2 - ok 11:05:56.0281 0x12b4 ================ Scan VBR ================================== 11:05:56.0281 0x12b4 [ 75FAAA260A3B2933F4C1A1F64371C7D7 ] \Device\Harddisk0\DR0\Partition1 11:05:56.0281 0x12b4 \Device\Harddisk0\DR0\Partition1 - ok 11:05:56.0281 0x12b4 [ 513F844304C45C5F1104C3237ED2B5FD ] \Device\Harddisk1\DR1\Partition1 11:05:56.0281 0x12b4 \Device\Harddisk1\DR1\Partition1 - ok 11:05:56.0296 0x12b4 [ 3C73158410A6A851DBAAA48C821A6A35 ] \Device\Harddisk1\DR1\Partition2 11:05:56.0296 0x12b4 \Device\Harddisk1\DR1\Partition2 - ok 11:05:56.0296 0x12b4 [ 30D2405E1B4E8439EA1BD0D3D1FB90CD ] \Device\Harddisk2\DR2\Partition1 11:05:56.0296 0x12b4 \Device\Harddisk2\DR2\Partition1 - ok 11:05:56.0296 0x12b4 ================ Scan generic autorun ====================== 11:05:56.0296 0x12b4 [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 11:05:56.0296 0x12b4 VirtualCloneDrive - ok 11:05:56.0312 0x12b4 [ 07A3A88C8E8FD71EAA2B7F39134788DA, 0AAB731BF14B8A96FF6DB84CDD2579C1DFE5E56838EF3D92B03AE738E89A92D1 ] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe 11:05:56.0327 0x12b4 ROCCAT Savu Gaming Mouse - ok 11:05:56.0390 0x12b4 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 11:05:56.0421 0x12b4 SDTray - ok 11:05:56.0452 0x12b4 [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 11:05:56.0452 0x12b4 avgnt - ok 11:05:56.0452 0x12b4 [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 11:05:56.0468 0x12b4 Avira Systray - ok 11:05:56.0468 0x12b4 [ 40F7401928355A1515199676A5D00CDC, 4F16DE77F0BD7D1F9F61AE5712B3FD7BD53D19DCCEF88925E10180EF040A8E0B ] C:\Users\Daniel\AppData\Local\Apps\2.0\V4KPBQ96.3TK\M82CHZ5J.PAL\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe 11:05:56.0468 0x12b4 AVMUSBFernanschluss - ok 11:05:56.0468 0x12b4 [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe 11:05:56.0468 0x12b4 Google Update - ok 11:05:56.0546 0x12b4 [ CEF02D23595E5196E7CFE29E794CB814, D217EB20C280D3B4565471AD56DB33CE2FB25959DA26E6BF505352F2F1E60C58 ] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe 11:05:56.0609 0x12b4 Plex Media Server - ok 11:05:56.0609 0x12b4 Waiting for KSN requests completion. In queue: 255 11:05:57.0624 0x12b4 Waiting for KSN requests completion. In queue: 255 11:05:58.0640 0x12b4 Waiting for KSN requests completion. In queue: 255 11:05:59.0656 0x12b4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x40000 ( disabled : updated ) 11:05:59.0671 0x12b4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated ) 11:05:59.0671 0x12b4 Win FW state via NFP2: enabled 11:06:02.0046 0x12b4 ============================================================ 11:06:02.0046 0x12b4 Scan finished 11:06:02.0046 0x12b4 ============================================================ 11:06:02.0046 0x175c Detected object count: 0 11:06:02.0046 0x175c Actual detected object count: 0 11:06:27.0204 0x00cc ============================================================ 11:06:27.0204 0x00cc Scan started 11:06:27.0204 0x00cc Mode: Manual; SigCheck; TDLFS; 11:06:27.0204 0x00cc ============================================================ 11:06:27.0204 0x00cc KSN ping started 11:06:29.0517 0x00cc KSN ping finished: true 11:06:29.0845 0x00cc ================ Scan system memory ======================== 11:06:29.0845 0x00cc System memory - ok 11:06:29.0845 0x00cc ================ Scan services ============================= 11:06:29.0876 0x00cc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 11:06:29.0907 0x00cc 1394ohci - ok 11:06:29.0907 0x00cc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys 11:06:29.0923 0x00cc 3ware - ok 11:06:29.0939 0x00cc [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys 11:06:29.0939 0x00cc ACPI - ok 11:06:29.0954 0x00cc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys 11:06:29.0954 0x00cc acpiex - ok 11:06:29.0954 0x00cc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 11:06:29.0970 0x00cc acpipagr - ok 11:06:29.0970 0x00cc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 11:06:29.0985 0x00cc AcpiPmi - ok 11:06:29.0985 0x00cc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys 11:06:29.0985 0x00cc acpitime - ok 11:06:30.0001 0x00cc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS 11:06:30.0017 0x00cc ADP80XX - ok 11:06:30.0032 0x00cc [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 11:06:30.0048 0x00cc AeLookupSvc - ok 11:06:30.0048 0x00cc [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys 11:06:30.0079 0x00cc AFD - ok 11:06:30.0079 0x00cc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys 11:06:30.0079 0x00cc agp440 - ok 11:06:30.0095 0x00cc [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys 11:06:30.0095 0x00cc ahcache - ok 11:06:30.0095 0x00cc [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe 11:06:30.0110 0x00cc ALG - ok 11:06:30.0126 0x00cc [ D018A3F6010E644595BE139FBB827D5E, D224D9B289C4E7BE733B86E6D7E2D1605207B14AC2DB1AE9394EF835C0D5B101 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 11:06:30.0142 0x00cc AMD External Events Utility - ok 11:06:30.0142 0x00cc [ 31424EA67E83EAAF76ED3473F2F8F758, CBB8B604A6A18239F079BC6AABC97ED0DC851B08C0659D24BA576F084770E7C4 ] amdacpksd C:\Windows\system32\drivers\amdacpksd.sys 11:06:30.0157 0x00cc amdacpksd - ok 11:06:30.0157 0x00cc [ E696F48E288CC3FFDB9AEBF6AFDB791C, 78532672634EA9AE1E6C823528136DF74407CCF5518B4919CC074498B1D321B6 ] amdacpusrsvc C:\AMD\amdacpusrsvc.exe 11:06:30.0173 0x00cc amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 ) 11:06:30.0173 0x00cc Detect skipped due to KSN trusted 11:06:30.0173 0x00cc amdacpusrsvc - ok 11:06:30.0173 0x00cc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 11:06:30.0189 0x00cc AmdK8 - ok 11:06:30.0189 0x00cc [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\Windows\system32\drivers\amdkmafd.sys 11:06:30.0189 0x00cc amdkmafd - ok 11:06:30.0376 0x00cc [ 64F79795D91CCA5FFC2694975AAED35F, 5B6A0004EA051FB3195BE060697300540D03EF18041D369E78814E6E12BBF700 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 11:06:30.0595 0x00cc amdkmdag - ok 11:06:30.0610 0x00cc [ DDB6A787E34A158B684CE2389894EB96, 1610A9BB301889AA4DD7CE256EF710CDEB03F01B4DF23D01495515740CE44BC6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 11:06:30.0626 0x00cc amdkmdap - ok 11:06:30.0642 0x00cc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 11:06:30.0642 0x00cc AmdPPM - ok 11:06:30.0642 0x00cc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys 11:06:30.0657 0x00cc amdsata - ok 11:06:30.0673 0x00cc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 11:06:30.0689 0x00cc amdsbs - ok 11:06:30.0689 0x00cc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys 11:06:30.0689 0x00cc amdxata - ok 11:06:30.0704 0x00cc [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 11:06:30.0720 0x00cc AntiVirSchedulerService - ok 11:06:30.0735 0x00cc [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 11:06:30.0735 0x00cc AntiVirService - ok 11:06:30.0751 0x00cc [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys 11:06:30.0751 0x00cc AppID - ok 11:06:30.0751 0x00cc [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll 11:06:30.0767 0x00cc AppIDSvc - ok 11:06:30.0767 0x00cc [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\Windows\System32\appinfo.dll 11:06:30.0782 0x00cc Appinfo - ok 11:06:30.0782 0x00cc [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\Windows\System32\appmgmts.dll 11:06:30.0798 0x00cc AppMgmt - ok 11:06:30.0814 0x00cc [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll 11:06:30.0829 0x00cc AppReadiness - ok 11:06:30.0845 0x00cc [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll 11:06:30.0876 0x00cc AppXSvc - ok 11:06:30.0876 0x00cc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys 11:06:30.0892 0x00cc arcsas - ok 11:06:30.0892 0x00cc [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 11:06:30.0907 0x00cc AsyncMac - ok 11:06:30.0907 0x00cc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys 11:06:30.0907 0x00cc atapi - ok 11:06:30.0923 0x00cc [ 517334A411CD079EE9AEF4C2167875A5, 7C6A450BADCA211D553102ABDC06E1F367FBFC359711AF1DC88027B34502B484 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys 11:06:30.0923 0x00cc AtiHDAudioService - ok 11:06:30.0939 0x00cc [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 11:06:30.0939 0x00cc AudioEndpointBuilder - ok 11:06:30.0970 0x00cc [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\Windows\System32\Audiosrv.dll 11:06:30.0985 0x00cc Audiosrv - ok 11:06:30.0985 0x00cc [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe 11:06:31.0001 0x00cc Autodesk Content Service - ok 11:06:31.0001 0x00cc [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 11:06:31.0001 0x00cc avgntflt - ok 11:06:31.0017 0x00cc [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 11:06:31.0017 0x00cc avipbb - ok 11:06:31.0017 0x00cc [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 11:06:31.0032 0x00cc Avira.OE.ServiceHost - ok 11:06:31.0032 0x00cc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 11:06:31.0032 0x00cc avkmgr - ok 11:06:31.0048 0x00cc [ 6A300AD0E23A155B2C3A7FAB0D4AABD1, AD283CC530482C0C155727C3234BFA4773C8C80B4C9912448196F83407C3CFD4 ] avmaura C:\Windows\System32\drivers\avmaura.sys 11:06:31.0048 0x00cc avmaura - ok 11:06:31.0048 0x00cc [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll 11:06:31.0064 0x00cc AxInstSV - ok 11:06:31.0079 0x00cc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 11:06:31.0095 0x00cc b06bdrv - ok 11:06:31.0095 0x00cc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys 11:06:31.0111 0x00cc BasicDisplay - ok 11:06:31.0111 0x00cc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys 11:06:31.0111 0x00cc BasicRender - ok 11:06:31.0126 0x00cc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys 11:06:31.0126 0x00cc bcmfn2 - ok 11:06:31.0126 0x00cc [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\Windows\System32\bdesvc.dll 11:06:31.0142 0x00cc BDESVC - ok 11:06:31.0142 0x00cc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys 11:06:31.0157 0x00cc Beep - ok 11:06:31.0173 0x00cc [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\Windows\System32\bfe.dll 11:06:31.0189 0x00cc BFE - ok 11:06:31.0204 0x00cc [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll 11:06:31.0236 0x00cc BITS - ok 11:06:31.0236 0x00cc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys 11:06:31.0251 0x00cc bowser - ok 11:06:31.0251 0x00cc [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll 11:06:31.0267 0x00cc BrokerInfrastructure - ok 11:06:31.0267 0x00cc [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\Windows\System32\browser.dll 11:06:31.0282 0x00cc Browser - ok 11:06:31.0282 0x00cc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys 11:06:31.0298 0x00cc BthAvrcpTg - ok 11:06:31.0298 0x00cc [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 11:06:31.0314 0x00cc BthHFEnum - ok 11:06:31.0314 0x00cc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys 11:06:31.0314 0x00cc bthhfhid - ok 11:06:31.0314 0x00cc [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 11:06:31.0329 0x00cc BTHMODEM - ok 11:06:31.0329 0x00cc [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll 11:06:31.0345 0x00cc bthserv - ok 11:06:31.0345 0x00cc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 11:06:31.0361 0x00cc cdfs - ok 11:06:31.0361 0x00cc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys 11:06:31.0376 0x00cc cdrom - ok 11:06:31.0376 0x00cc [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll 11:06:31.0392 0x00cc CertPropSvc - ok 11:06:31.0392 0x00cc [ 855EBDDCFC5DE12F730C6C1DC994410B, 5F6E1BF571146802075C2C790D65979157F83CF4F7FA5B30D4811E9BDE4134BD ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe 11:06:31.0407 0x00cc CGVPNCliService - ok 11:06:31.0407 0x00cc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys 11:06:31.0407 0x00cc circlass - ok 11:06:31.0423 0x00cc [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys 11:06:31.0439 0x00cc CLFS - ok 11:06:31.0486 0x00cc [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 11:06:31.0517 0x00cc ClickToRunSvc - ok 11:06:31.0532 0x00cc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 11:06:31.0532 0x00cc CmBatt - ok 11:06:31.0548 0x00cc [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\Windows\system32\Drivers\cng.sys 11:06:31.0564 0x00cc CNG - ok 11:06:31.0564 0x00cc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys 11:06:31.0579 0x00cc CompositeBus - ok 11:06:31.0579 0x00cc COMSysApp - ok 11:06:31.0579 0x00cc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys 11:06:31.0595 0x00cc condrv - ok 11:06:31.0611 0x00cc [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll 11:06:31.0626 0x00cc CryptSvc - ok 11:06:31.0642 0x00cc [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\Windows\system32\drivers\csc.sys 11:06:31.0657 0x00cc CSC - ok 11:06:31.0673 0x00cc [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\Windows\System32\cscsvc.dll 11:06:31.0689 0x00cc CscService - ok 11:06:31.0689 0x00cc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys 11:06:31.0689 0x00cc dam - ok 11:06:31.0704 0x00cc [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll 11:06:31.0736 0x00cc DcomLaunch - ok 11:06:31.0736 0x00cc [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\Windows\System32\defragsvc.dll 11:06:31.0751 0x00cc defragsvc - ok 11:06:31.0767 0x00cc [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll 11:06:31.0782 0x00cc DeviceAssociationService - ok 11:06:31.0782 0x00cc [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll 11:06:31.0798 0x00cc DeviceInstall - ok 11:06:31.0798 0x00cc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys 11:06:31.0814 0x00cc Dfsc - ok 11:06:31.0814 0x00cc [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 11:06:31.0829 0x00cc dg_ssudbus - ok 11:06:31.0829 0x00cc [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\Windows\system32\dhcpcore.dll 11:06:31.0845 0x00cc Dhcp - ok 11:06:31.0845 0x00cc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys 11:06:31.0861 0x00cc disk - ok 11:06:31.0861 0x00cc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys 11:06:31.0861 0x00cc dmvsc - ok 11:06:31.0876 0x00cc [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll 11:06:31.0892 0x00cc Dnscache - ok 11:06:31.0892 0x00cc [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll 11:06:31.0907 0x00cc dot3svc - ok 11:06:31.0907 0x00cc [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll 11:06:31.0923 0x00cc DPS - ok 11:06:31.0939 0x00cc [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 11:06:31.0939 0x00cc drmkaud - ok 11:06:31.0939 0x00cc [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll 11:06:31.0954 0x00cc DsmSvc - ok 11:06:31.0986 0x00cc [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 11:06:32.0017 0x00cc DXGKrnl - ok 11:06:32.0017 0x00cc [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll 11:06:32.0032 0x00cc Eaphost - ok 11:06:32.0079 0x00cc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys 11:06:32.0142 0x00cc ebdrv - ok 11:06:32.0142 0x00cc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe 11:06:32.0157 0x00cc EFS - ok 11:06:32.0157 0x00cc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys 11:06:32.0173 0x00cc EhStorClass - ok 11:06:32.0173 0x00cc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys 11:06:32.0173 0x00cc EhStorTcgDrv - ok 11:06:32.0189 0x00cc [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys 11:06:32.0189 0x00cc ElbyCDIO - ok 11:06:32.0189 0x00cc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys 11:06:32.0204 0x00cc ErrDev - ok 11:06:32.0204 0x00cc [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll 11:06:32.0220 0x00cc EventSystem - ok 11:06:32.0236 0x00cc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys 11:06:32.0236 0x00cc exfat - ok 11:06:32.0251 0x00cc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys 11:06:32.0251 0x00cc fastfat - ok 11:06:32.0267 0x00cc [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe 11:06:32.0282 0x00cc Fax - ok 11:06:32.0298 0x00cc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys 11:06:32.0298 0x00cc fdc - ok 11:06:32.0298 0x00cc [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll 11:06:32.0314 0x00cc fdPHost - ok 11:06:32.0314 0x00cc [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll 11:06:32.0329 0x00cc FDResPub - ok 11:06:32.0329 0x00cc [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll 11:06:32.0345 0x00cc fhsvc - ok 11:06:32.0345 0x00cc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 11:06:32.0361 0x00cc FileInfo - ok 11:06:32.0361 0x00cc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys 11:06:32.0376 0x00cc Filetrace - ok 11:06:32.0392 0x00cc [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe 11:06:32.0407 0x00cc FlexNet Licensing Service 64 - ok 11:06:32.0423 0x00cc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 11:06:32.0423 0x00cc flpydisk - ok 11:06:32.0439 0x00cc [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 11:06:32.0439 0x00cc FltMgr - ok 11:06:32.0470 0x00cc [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll 11:06:32.0501 0x00cc FontCache - ok 11:06:32.0501 0x00cc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:06:32.0501 0x00cc FontCache3.0.0.0 - ok 11:06:32.0517 0x00cc [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 11:06:32.0532 0x00cc FsDepends - ok 11:06:32.0532 0x00cc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 11:06:32.0548 0x00cc Fs_Rec - ok 11:06:32.0548 0x00cc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 11:06:32.0564 0x00cc fvevol - ok 11:06:32.0579 0x00cc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys 11:06:32.0579 0x00cc FxPPM - ok 11:06:32.0579 0x00cc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 11:06:32.0595 0x00cc gagp30kx - ok 11:06:32.0595 0x00cc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 11:06:32.0595 0x00cc gencounter - ok 11:06:32.0611 0x00cc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 11:06:32.0611 0x00cc GPIOClx0101 - ok 11:06:32.0626 0x00cc [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\Windows\System32\gpsvc.dll 11:06:32.0657 0x00cc gpsvc - ok 11:06:32.0657 0x00cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:06:32.0673 0x00cc gupdate - ok 11:06:32.0673 0x00cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:06:32.0673 0x00cc gupdatem - ok 11:06:32.0689 0x00cc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 11:06:32.0704 0x00cc HdAudAddService - ok 11:06:32.0704 0x00cc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 11:06:32.0720 0x00cc HDAudBus - ok 11:06:32.0720 0x00cc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 11:06:32.0720 0x00cc HidBatt - ok 11:06:32.0736 0x00cc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys 11:06:32.0736 0x00cc HidBth - ok 11:06:32.0736 0x00cc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 11:06:32.0751 0x00cc hidi2c - ok 11:06:32.0751 0x00cc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys 11:06:32.0767 0x00cc HidIr - ok 11:06:32.0767 0x00cc [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll 11:06:32.0767 0x00cc hidserv - ok 11:06:32.0767 0x00cc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys 11:06:32.0782 0x00cc HidUsb - ok 11:06:32.0782 0x00cc [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll 11:06:32.0798 0x00cc hkmsvc - ok 11:06:32.0798 0x00cc [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 11:06:32.0814 0x00cc HomeGroupListener - ok 11:06:32.0829 0x00cc [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 11:06:32.0845 0x00cc HomeGroupProvider - ok 11:06:32.0845 0x00cc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 11:06:32.0845 0x00cc HpSAMD - ok 11:06:32.0861 0x00cc [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys 11:06:32.0892 0x00cc HTTP - ok 11:06:32.0892 0x00cc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 11:06:32.0892 0x00cc hwpolicy - ok 11:06:32.0892 0x00cc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 11:06:32.0907 0x00cc hyperkbd - ok 11:06:32.0907 0x00cc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys 11:06:32.0923 0x00cc HyperVideo - ok 11:06:32.0923 0x00cc [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 11:06:32.0923 0x00cc i8042prt - ok 11:06:32.0939 0x00cc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 11:06:32.0939 0x00cc iaLPSSi_GPIO - ok 11:06:32.0939 0x00cc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys 11:06:32.0954 0x00cc iaLPSSi_I2C - ok 11:06:32.0954 0x00cc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys 11:06:32.0970 0x00cc iaStorAV - ok 11:06:32.0986 0x00cc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 11:06:33.0001 0x00cc iaStorV - ok 11:06:33.0001 0x00cc IEEtwCollectorService - ok 11:06:33.0017 0x00cc [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\Windows\System32\ikeext.dll 11:06:33.0032 0x00cc IKEEXT - ok 11:06:33.0048 0x00cc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys 11:06:33.0048 0x00cc intelide - ok 11:06:33.0048 0x00cc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys 11:06:33.0064 0x00cc intelpep - ok 11:06:33.0064 0x00cc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys 11:06:33.0064 0x00cc intelppm - ok 11:06:33.0079 0x00cc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:06:33.0079 0x00cc IpFilterDriver - ok 11:06:33.0095 0x00cc [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 11:06:33.0126 0x00cc iphlpsvc - ok 11:06:33.0126 0x00cc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 11:06:33.0142 0x00cc IPMIDRV - ok 11:06:33.0142 0x00cc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 11:06:33.0157 0x00cc IPNAT - ok 11:06:33.0157 0x00cc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys 11:06:33.0157 0x00cc IRENUM - ok 11:06:33.0157 0x00cc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys 11:06:33.0173 0x00cc isapnp - ok 11:06:33.0173 0x00cc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 11:06:33.0189 0x00cc iScsiPrt - ok 11:06:33.0189 0x00cc [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 11:06:33.0204 0x00cc kbdclass - ok 11:06:33.0204 0x00cc [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 11:06:33.0204 0x00cc kbdhid - ok 11:06:33.0204 0x00cc [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys 11:06:33.0220 0x00cc kbldfltr - ok 11:06:33.0220 0x00cc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys 11:06:33.0236 0x00cc kdnic - ok 11:06:33.0236 0x00cc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe 11:06:33.0236 0x00cc KeyIso - ok 11:06:33.0236 0x00cc [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 11:06:33.0251 0x00cc KSecDD - ok 11:06:33.0251 0x00cc [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 11:06:33.0267 0x00cc KSecPkg - ok 11:06:33.0267 0x00cc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 11:06:33.0267 0x00cc ksthunk - ok 11:06:33.0282 0x00cc [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll 11:06:33.0298 0x00cc KtmRm - ok 11:06:33.0298 0x00cc [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\Windows\system32\srvsvc.dll 11:06:33.0314 0x00cc LanmanServer - ok 11:06:33.0329 0x00cc [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 11:06:33.0329 0x00cc LanmanWorkstation - ok 11:06:33.0345 0x00cc [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll 11:06:33.0361 0x00cc lfsvc - ok 11:06:33.0361 0x00cc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 11:06:33.0376 0x00cc lltdio - ok 11:06:33.0376 0x00cc [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll 11:06:33.0392 0x00cc lltdsvc - ok 11:06:33.0392 0x00cc [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll 11:06:33.0408 0x00cc lmhosts - ok 11:06:33.0408 0x00cc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 11:06:33.0423 0x00cc LSI_SAS - ok 11:06:33.0423 0x00cc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 11:06:33.0423 0x00cc LSI_SAS2 - ok 11:06:33.0423 0x00cc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys 11:06:33.0439 0x00cc LSI_SAS3 - ok 11:06:33.0439 0x00cc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 11:06:33.0439 0x00cc LSI_SSS - ok 11:06:33.0454 0x00cc [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll 11:06:33.0486 0x00cc LSM - ok 11:06:33.0486 0x00cc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys 11:06:33.0486 0x00cc luafv - ok 11:06:33.0501 0x00cc [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys 11:06:33.0501 0x00cc mbamchameleon - ok 11:06:33.0501 0x00cc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys 11:06:33.0517 0x00cc megasas - ok 11:06:33.0517 0x00cc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys 11:06:33.0533 0x00cc megasr - ok 11:06:33.0548 0x00cc [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys 11:06:33.0548 0x00cc MEIx64 - ok 11:06:33.0548 0x00cc [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll 11:06:33.0564 0x00cc MMCSS - ok 11:06:33.0564 0x00cc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys 11:06:33.0564 0x00cc Modem - ok 11:06:33.0579 0x00cc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys 11:06:33.0579 0x00cc monitor - ok 11:06:33.0579 0x00cc [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys 11:06:33.0595 0x00cc mouclass - ok 11:06:33.0595 0x00cc [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys 11:06:33.0595 0x00cc mouhid - ok 11:06:33.0611 0x00cc [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 11:06:33.0611 0x00cc mountmgr - ok 11:06:33.0611 0x00cc [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:06:33.0626 0x00cc MozillaMaintenance - ok 11:06:33.0626 0x00cc [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 11:06:33.0642 0x00cc mpsdrv - ok 11:06:33.0658 0x00cc [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll 11:06:33.0673 0x00cc MpsSvc - ok 11:06:33.0673 0x00cc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 11:06:33.0689 0x00cc MRxDAV - ok 11:06:33.0704 0x00cc [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 11:06:33.0704 0x00cc mrxsmb - ok 11:06:33.0720 0x00cc [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:06:33.0736 0x00cc mrxsmb10 - ok 11:06:33.0736 0x00cc [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:06:33.0751 0x00cc mrxsmb20 - ok 11:06:33.0751 0x00cc [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys 11:06:33.0767 0x00cc MsBridge - ok 11:06:33.0767 0x00cc [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe 11:06:33.0783 0x00cc MSDTC - ok 11:06:33.0783 0x00cc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys 11:06:33.0783 0x00cc Msfs - ok 11:06:33.0798 0x00cc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 11:06:33.0798 0x00cc msgpiowin32 - ok 11:06:33.0798 0x00cc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 11:06:33.0814 0x00cc mshidkmdf - ok 11:06:33.0814 0x00cc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 11:06:33.0814 0x00cc mshidumdf - ok 11:06:33.0829 0x00cc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 11:06:33.0829 0x00cc msisadrv - ok 11:06:33.0829 0x00cc [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 11:06:33.0845 0x00cc MSiSCSI - ok 11:06:33.0845 0x00cc msiserver - ok 11:06:33.0845 0x00cc [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll 11:06:33.0861 0x00cc MsKeyboardFilter - ok 11:06:33.0861 0x00cc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 11:06:33.0861 0x00cc MSKSSRV - ok 11:06:33.0861 0x00cc [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys 11:06:33.0876 0x00cc MsLldp - ok 11:06:33.0876 0x00cc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 11:06:33.0892 0x00cc MSPCLOCK - ok 11:06:33.0892 0x00cc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 11:06:33.0892 0x00cc MSPQM - ok 11:06:33.0908 0x00cc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 11:06:33.0923 0x00cc MsRPC - ok 11:06:33.0923 0x00cc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 11:06:33.0923 0x00cc mssmbios - ok 11:06:33.0923 0x00cc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 11:06:33.0939 0x00cc MSTEE - ok 11:06:33.0939 0x00cc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 11:06:33.0954 0x00cc MTConfig - ok 11:06:33.0954 0x00cc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys 11:06:33.0954 0x00cc Mup - ok 11:06:33.0954 0x00cc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys 11:06:33.0970 0x00cc mvumis - ok 11:06:33.0970 0x00cc [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll 11:06:34.0001 0x00cc napagent - ok 11:06:34.0001 0x00cc [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 11:06:34.0017 0x00cc NativeWifiP - ok 11:06:34.0033 0x00cc [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe 11:06:34.0048 0x00cc NAUpdate - ok 11:06:34.0048 0x00cc [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll 11:06:34.0064 0x00cc NcaSvc - ok 11:06:34.0064 0x00cc [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll 11:06:34.0079 0x00cc NcbService - ok 11:06:34.0079 0x00cc [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 11:06:34.0111 0x00cc NcdAutoSetup - ok 11:06:34.0126 0x00cc [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\Windows\system32\drivers\ndis.sys 11:06:34.0142 0x00cc NDIS - ok 11:06:34.0158 0x00cc [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 11:06:34.0158 0x00cc NdisCap - ok 11:06:34.0173 0x00cc [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys 11:06:34.0173 0x00cc NdisImPlatform - ok 11:06:34.0173 0x00cc [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 11:06:34.0189 0x00cc NdisTapi - ok 11:06:34.0189 0x00cc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 11:06:34.0204 0x00cc Ndisuio - ok 11:06:34.0204 0x00cc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys 11:06:34.0204 0x00cc NdisVirtualBus - ok 11:06:34.0220 0x00cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 11:06:34.0220 0x00cc NdisWan - ok 11:06:34.0236 0x00cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys 11:06:34.0251 0x00cc NdisWanLegacy - ok 11:06:34.0251 0x00cc [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 11:06:34.0251 0x00cc NDProxy - ok 11:06:34.0267 0x00cc [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys 11:06:34.0267 0x00cc Ndu - ok 11:06:34.0267 0x00cc [ AFBF859B49F12B67630829DE7433D75F, 7680D2D5BA5519529F4C212F6B9498EA62874FB651811A3B8853691CDB0C42D4 ] Neo_VPN C:\Windows\system32\DRIVERS\Neo_VPN.sys 11:06:34.0283 0x00cc Neo_VPN - ok 11:06:34.0283 0x00cc [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 11:06:34.0298 0x00cc NetBIOS - ok 11:06:34.0298 0x00cc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 11:06:34.0314 0x00cc NetBT - ok 11:06:34.0314 0x00cc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe 11:06:34.0314 0x00cc Netlogon - ok 11:06:34.0329 0x00cc [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll 11:06:34.0345 0x00cc Netman - ok 11:06:34.0345 0x00cc [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll 11:06:34.0361 0x00cc netprofm - ok 11:06:34.0376 0x00cc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 11:06:34.0376 0x00cc NetTcpPortSharing - ok 11:06:34.0392 0x00cc [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys 11:06:34.0392 0x00cc netvsc - ok 11:06:34.0408 0x00cc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll 11:06:34.0423 0x00cc NlaSvc - ok 11:06:34.0423 0x00cc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys 11:06:34.0423 0x00cc Npfs - ok 11:06:34.0439 0x00cc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 11:06:34.0439 0x00cc npsvctrig - ok 11:06:34.0439 0x00cc [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll 11:06:34.0454 0x00cc nsi - ok 11:06:34.0470 0x00cc [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 11:06:34.0486 0x00cc nsiproxy - ok 11:06:34.0517 0x00cc [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 11:06:34.0564 0x00cc Ntfs - ok 11:06:34.0564 0x00cc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys 11:06:34.0564 0x00cc Null - ok 11:06:34.0564 0x00cc NVHDA - ok 11:06:34.0579 0x00cc nvlddmkm - ok 11:06:34.0579 0x00cc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys 11:06:34.0579 0x00cc nvraid - ok 11:06:34.0595 0x00cc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 11:06:34.0595 0x00cc nvstor - ok 11:06:34.0595 0x00cc nvvad_WaveExtensible - ok 11:06:34.0611 0x00cc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 11:06:34.0611 0x00cc nv_agp - ok 11:06:34.0642 0x00cc [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 11:06:34.0673 0x00cc Origin Client Service - ok 11:06:34.0689 0x00cc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:06:34.0689 0x00cc ose - ok 11:06:34.0704 0x00cc [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 11:06:34.0720 0x00cc p2pimsvc - ok 11:06:34.0720 0x00cc [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll 11:06:34.0736 0x00cc p2psvc - ok 11:06:34.0751 0x00cc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys 11:06:34.0751 0x00cc Parport - ok 11:06:34.0751 0x00cc [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys 11:06:34.0767 0x00cc partmgr - ok 11:06:34.0783 0x00cc [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll 11:06:34.0783 0x00cc PcaSvc - ok 11:06:34.0798 0x00cc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys 11:06:34.0814 0x00cc pci - ok 11:06:34.0814 0x00cc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys 11:06:34.0814 0x00cc pciide - ok 11:06:34.0829 0x00cc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 11:06:34.0829 0x00cc pcmcia - ok 11:06:34.0829 0x00cc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys 11:06:34.0845 0x00cc pcw - ok 11:06:34.0845 0x00cc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys 11:06:34.0845 0x00cc pdc - ok 11:06:34.0876 0x00cc [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe 11:06:34.0908 0x00cc PDF Architect 2 - ok 11:06:34.0923 0x00cc [ B2309F132A31AF03C0A249AEDE8CF289, BBAE32AA55E495ACB9A8089C090ADD78BE1DC16233CAA61BBED1456CA718D430 ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe 11:06:34.0939 0x00cc PDF Architect 2 Creator - ok 11:06:34.0954 0x00cc [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe 11:06:34.0970 0x00cc pdfforge CrashHandler - ok 11:06:34.0986 0x00cc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 11:06:35.0001 0x00cc PEAUTH - ok 11:06:35.0033 0x00cc [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll 11:06:35.0079 0x00cc PeerDistSvc - ok 11:06:35.0095 0x00cc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe 11:06:35.0111 0x00cc PerfHost - ok 11:06:35.0158 0x00cc [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll 11:06:35.0189 0x00cc pla - ok 11:06:35.0189 0x00cc [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 11:06:35.0204 0x00cc PlugPlay - ok 11:06:35.0204 0x00cc [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 11:06:35.0220 0x00cc PNRPAutoReg - ok 11:06:35.0220 0x00cc [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 11:06:35.0236 0x00cc PNRPsvc - ok 11:06:35.0251 0x00cc [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 11:06:35.0267 0x00cc PolicyAgent - ok 11:06:35.0267 0x00cc [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll 11:06:35.0283 0x00cc Power - ok 11:06:35.0283 0x00cc [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 11:06:35.0298 0x00cc PptpMiniport - ok 11:06:35.0329 0x00cc [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 11:06:35.0392 0x00cc PrintNotify - ok 11:06:35.0392 0x00cc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys 11:06:35.0408 0x00cc Processor - ok 11:06:35.0408 0x00cc [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll 11:06:35.0423 0x00cc ProfSvc - ok 11:06:35.0423 0x00cc [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys 11:06:35.0439 0x00cc Psched - ok 11:06:35.0439 0x00cc [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll 11:06:35.0454 0x00cc QWAVE - ok 11:06:35.0454 0x00cc [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 11:06:35.0470 0x00cc QWAVEdrv - ok 11:06:35.0470 0x00cc [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 11:06:35.0486 0x00cc RasAcd - ok 11:06:35.0486 0x00cc [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 11:06:35.0486 0x00cc RasAgileVpn - ok 11:06:35.0501 0x00cc [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll 11:06:35.0501 0x00cc RasAuto - ok 11:06:35.0517 0x00cc [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 11:06:35.0517 0x00cc Rasl2tp - ok 11:06:35.0533 0x00cc [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll 11:06:35.0548 0x00cc RasMan - ok 11:06:35.0548 0x00cc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 11:06:35.0564 0x00cc RasPppoe - ok 11:06:35.0564 0x00cc [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 11:06:35.0579 0x00cc RasSstp - ok 11:06:35.0579 0x00cc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 11:06:35.0595 0x00cc rdbss - ok 11:06:35.0611 0x00cc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 11:06:35.0611 0x00cc rdpbus - ok 11:06:35.0611 0x00cc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 11:06:35.0626 0x00cc RDPDR - ok 11:06:35.0626 0x00cc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 11:06:35.0642 0x00cc RdpVideoMiniport - ok 11:06:35.0642 0x00cc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 11:06:35.0658 0x00cc rdyboost - ok 11:06:35.0673 0x00cc [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys 11:06:35.0689 0x00cc ReFS - ok 11:06:35.0704 0x00cc [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll 11:06:35.0704 0x00cc RemoteAccess - ok 11:06:35.0720 0x00cc [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll 11:06:35.0736 0x00cc RemoteRegistry - ok 11:06:35.0736 0x00cc [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 11:06:35.0736 0x00cc RpcEptMapper - ok 11:06:35.0751 0x00cc [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe 11:06:35.0751 0x00cc RpcLocator - ok 11:06:35.0767 0x00cc [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll 11:06:35.0783 0x00cc RpcSs - ok 11:06:35.0783 0x00cc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 11:06:35.0798 0x00cc rspndr - ok 11:06:35.0814 0x00cc [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys 11:06:35.0829 0x00cc RTL8168 - ok 11:06:35.0861 0x00cc [ B0A0260A3C03156937ECDB67CE5C6FE5, 88102D22976398599FA6165E9DBC1213EF2A001C99602E2195C9A7BAB0A127D7 ] RtlWlanu C:\Windows\system32\DRIVERS\rtwlanu.sys 11:06:35.0892 0x00cc RtlWlanu - ok 11:06:35.0892 0x00cc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys 11:06:35.0892 0x00cc s3cap - ok 11:06:35.0908 0x00cc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe 11:06:35.0908 0x00cc SamSs - ok 11:06:35.0908 0x00cc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 11:06:35.0923 0x00cc sbp2port - ok 11:06:35.0923 0x00cc [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll 11:06:35.0939 0x00cc SCardSvr - ok 11:06:35.0939 0x00cc [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll 11:06:35.0955 0x00cc ScDeviceEnum - ok 11:06:35.0955 0x00cc [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 11:06:35.0970 0x00cc scfilter - ok 11:06:35.0986 0x00cc [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\Windows\system32\schedsvc.dll 11:06:36.0017 0x00cc Schedule - ok 11:06:36.0017 0x00cc [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll 11:06:36.0033 0x00cc SCPolicySvc - ok 11:06:36.0033 0x00cc [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys 11:06:36.0048 0x00cc sdbus - ok 11:06:36.0080 0x00cc [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 11:06:36.0111 0x00cc SDScannerService - ok 11:06:36.0111 0x00cc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys 11:06:36.0111 0x00cc sdstor - ok 11:06:36.0158 0x00cc [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 11:06:36.0189 0x00cc SDUpdateService - ok 11:06:36.0189 0x00cc [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 11:06:36.0205 0x00cc SDWSCService - ok 11:06:36.0205 0x00cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 11:06:36.0205 0x00cc secdrv - ok 11:06:36.0205 0x00cc [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll 11:06:36.0220 0x00cc seclogon - ok 11:06:36.0220 0x00cc [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll 11:06:36.0236 0x00cc SENS - ok 11:06:36.0236 0x00cc [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll 11:06:36.0251 0x00cc SensrSvc - ok 11:06:36.0251 0x00cc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys 11:06:36.0267 0x00cc SerCx - ok 11:06:36.0267 0x00cc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys 11:06:36.0283 0x00cc SerCx2 - ok 11:06:36.0283 0x00cc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys 11:06:36.0283 0x00cc Serenum - ok 11:06:36.0298 0x00cc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys 11:06:36.0298 0x00cc Serial - ok 11:06:36.0298 0x00cc [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys 11:06:36.0314 0x00cc sermouse - ok 11:06:36.0330 0x00cc [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll 11:06:36.0330 0x00cc SessionEnv - ok 11:06:36.0345 0x00cc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 11:06:36.0345 0x00cc sfloppy - ok 11:06:36.0361 0x00cc [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll 11:06:36.0376 0x00cc SharedAccess - ok 11:06:36.0376 0x00cc [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 11:06:36.0408 0x00cc ShellHWDetection - ok 11:06:36.0408 0x00cc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 11:06:36.0408 0x00cc SiSRaid2 - ok 11:06:36.0423 0x00cc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 11:06:36.0423 0x00cc SiSRaid4 - ok 11:06:36.0423 0x00cc [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll 11:06:36.0439 0x00cc smphost - ok 11:06:36.0439 0x00cc [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 11:06:36.0455 0x00cc SNMPTRAP - ok 11:06:36.0455 0x00cc [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\Windows\system32\drivers\spaceport.sys 11:06:36.0470 0x00cc spaceport - ok 11:06:36.0470 0x00cc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 11:06:36.0486 0x00cc SpbCx - ok 11:06:36.0501 0x00cc [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\Windows\System32\spoolsv.exe 11:06:36.0517 0x00cc Spooler - ok 11:06:36.0611 0x00cc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe 11:06:36.0720 0x00cc sppsvc - ok 11:06:36.0736 0x00cc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys 11:06:36.0751 0x00cc srv - ok 11:06:36.0783 0x00cc [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 11:06:36.0814 0x00cc srv2 - ok 11:06:36.0814 0x00cc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 11:06:36.0830 0x00cc srvnet - ok 11:06:36.0830 0x00cc [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 11:06:36.0845 0x00cc SSDPSRV - ok 11:06:36.0845 0x00cc [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll 11:06:36.0861 0x00cc SstpSvc - ok 11:06:36.0876 0x00cc [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 11:06:36.0876 0x00cc ssudmdm - ok 11:06:36.0892 0x00cc [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 11:06:37.0158 0x00cc Steam Client Service - ok 11:06:37.0173 0x00cc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys 11:06:37.0189 0x00cc stexstor - ok 11:06:37.0205 0x00cc [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll 11:06:37.0220 0x00cc stisvc - ok 11:06:37.0236 0x00cc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys 11:06:37.0236 0x00cc storahci - ok 11:06:37.0236 0x00cc [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys 11:06:37.0251 0x00cc storflt - ok 11:06:37.0251 0x00cc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys 11:06:37.0251 0x00cc stornvme - ok 11:06:37.0251 0x00cc [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll 11:06:37.0267 0x00cc StorSvc - ok 11:06:37.0267 0x00cc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys 11:06:37.0283 0x00cc storvsc - ok 11:06:37.0283 0x00cc [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\Windows\System32\drivers\storvsp.sys 11:06:37.0283 0x00cc storvsp - ok 11:06:37.0298 0x00cc [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll 11:06:37.0298 0x00cc svsvc - ok 11:06:37.0314 0x00cc [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys 11:06:37.0314 0x00cc swenum - ok 11:06:37.0330 0x00cc [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll 11:06:37.0345 0x00cc swprv - ok 11:06:37.0361 0x00cc [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll 11:06:37.0392 0x00cc SysMain - ok 11:06:37.0392 0x00cc [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 11:06:37.0423 0x00cc SystemEventsBroker - ok 11:06:37.0423 0x00cc [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll 11:06:37.0439 0x00cc TabletInputService - ok 11:06:37.0439 0x00cc [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys 11:06:37.0455 0x00cc tap0901 - ok 11:06:37.0455 0x00cc [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll 11:06:37.0470 0x00cc TapiSrv - ok 11:06:37.0470 0x00cc [ 927D0CDB3F96EFC1E98FB1A2C9FB67AD, 58F14DAA0EA21EA2F2A1D3D62C88BD8E5A0E0EF498B7B8D367BEEADE6A46843C ] tapoas C:\Windows\system32\DRIVERS\tapoas.sys 11:06:37.0486 0x00cc tapoas - ok 11:06:37.0517 0x00cc [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 11:06:37.0564 0x00cc Tcpip - ok 11:06:37.0626 0x00cc [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 11:06:37.0673 0x00cc TCPIP6 - ok 11:06:37.0673 0x00cc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 11:06:37.0689 0x00cc tcpipreg - ok 11:06:37.0689 0x00cc [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys 11:06:37.0689 0x00cc tdx - ok 11:06:37.0705 0x00cc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys 11:06:37.0705 0x00cc terminpt - ok 11:06:37.0720 0x00cc [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\Windows\System32\termsrv.dll 11:06:37.0751 0x00cc TermService - ok 11:06:37.0751 0x00cc [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll 11:06:37.0767 0x00cc Themes - ok 11:06:37.0767 0x00cc [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll 11:06:37.0767 0x00cc THREADORDER - ok 11:06:37.0783 0x00cc [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 11:06:37.0798 0x00cc TimeBroker - ok 11:06:37.0798 0x00cc [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys 11:06:37.0814 0x00cc TPM - ok 11:06:37.0814 0x00cc [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll 11:06:37.0830 0x00cc TrkWks - ok 11:06:37.0830 0x00cc [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 11:06:37.0845 0x00cc TrustedInstaller - ok 11:06:37.0845 0x00cc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 11:06:37.0845 0x00cc TsUsbFlt - ok 11:06:37.0861 0x00cc [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 11:06:37.0861 0x00cc TsUsbGD - ok 11:06:37.0861 0x00cc [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 11:06:37.0876 0x00cc tunnel - ok 11:06:37.0876 0x00cc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 11:06:37.0892 0x00cc uagp35 - ok 11:06:37.0892 0x00cc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 11:06:37.0892 0x00cc UASPStor - ok 11:06:37.0908 0x00cc [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys 11:06:37.0908 0x00cc UCX01000 - ok 11:06:37.0923 0x00cc [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys 11:06:37.0939 0x00cc udfs - ok 11:06:37.0939 0x00cc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys 11:06:37.0939 0x00cc UEFI - ok 11:06:37.0955 0x00cc [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe 11:06:37.0955 0x00cc UI0Detect - ok 11:06:37.0955 0x00cc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 11:06:37.0970 0x00cc uliagpkx - ok 11:06:37.0970 0x00cc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys 11:06:37.0986 0x00cc umbus - ok 11:06:37.0986 0x00cc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys 11:06:37.0986 0x00cc UmPass - ok 11:06:38.0001 0x00cc [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll 11:06:38.0001 0x00cc UmRdpService - ok 11:06:38.0017 0x00cc [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll 11:06:38.0033 0x00cc upnphost - ok 11:06:38.0033 0x00cc [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 11:06:38.0048 0x00cc usbaudio - ok 11:06:38.0048 0x00cc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 11:06:38.0064 0x00cc usbccgp - ok 11:06:38.0064 0x00cc [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys 11:06:38.0080 0x00cc usbcir - ok 11:06:38.0080 0x00cc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys 11:06:38.0080 0x00cc usbehci - ok 11:06:38.0095 0x00cc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys 11:06:38.0111 0x00cc usbhub - ok 11:06:38.0126 0x00cc [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 11:06:38.0142 0x00cc USBHUB3 - ok 11:06:38.0142 0x00cc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys 11:06:38.0158 0x00cc usbohci - ok 11:06:38.0158 0x00cc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys 11:06:38.0158 0x00cc usbprint - ok 11:06:38.0173 0x00cc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 11:06:38.0173 0x00cc USBSTOR - ok 11:06:38.0173 0x00cc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 11:06:38.0189 0x00cc usbuhci - ok 11:06:38.0189 0x00cc [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 11:06:38.0205 0x00cc USBXHCI - ok 11:06:38.0205 0x00cc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe 11:06:38.0220 0x00cc VaultSvc - ok 11:06:38.0220 0x00cc [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\System32\drivers\VClone.sys 11:06:38.0220 0x00cc VClone - ok 11:06:38.0236 0x00cc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 11:06:38.0236 0x00cc vdrvroot - ok 11:06:38.0252 0x00cc [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe 11:06:38.0283 0x00cc vds - ok 11:06:38.0283 0x00cc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 11:06:38.0298 0x00cc VerifierExt - ok 11:06:38.0314 0x00cc [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 11:06:38.0330 0x00cc vhdmp - ok 11:06:38.0330 0x00cc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys 11:06:38.0330 0x00cc viaide - ok 11:06:38.0345 0x00cc [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys 11:06:38.0345 0x00cc Vid - ok 11:06:38.0361 0x00cc [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys 11:06:38.0361 0x00cc vmbus - ok 11:06:38.0361 0x00cc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 11:06:38.0377 0x00cc VMBusHID - ok 11:06:38.0377 0x00cc [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys 11:06:38.0377 0x00cc vmbusr - ok 11:06:38.0392 0x00cc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll 11:06:38.0408 0x00cc vmicguestinterface - ok 11:06:38.0423 0x00cc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll 11:06:38.0439 0x00cc vmicheartbeat - ok 11:06:38.0439 0x00cc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll 11:06:38.0455 0x00cc vmickvpexchange - ok 11:06:38.0470 0x00cc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll 11:06:38.0486 0x00cc vmicrdv - ok 11:06:38.0486 0x00cc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll 11:06:38.0502 0x00cc vmicshutdown - ok 11:06:38.0517 0x00cc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll 11:06:38.0533 0x00cc vmictimesync - ok 11:06:38.0548 0x00cc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll 11:06:38.0548 0x00cc vmicvss - ok 11:06:38.0564 0x00cc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys 11:06:38.0564 0x00cc volmgr - ok 11:06:38.0580 0x00cc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 11:06:38.0595 0x00cc volmgrx - ok 11:06:38.0595 0x00cc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys 11:06:38.0611 0x00cc volsnap - ok 11:06:38.0611 0x00cc [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys 11:06:38.0627 0x00cc vpci - ok 11:06:38.0627 0x00cc [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys 11:06:38.0627 0x00cc vpcivsp - ok 11:06:38.0642 0x00cc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 11:06:38.0642 0x00cc vsmraid - ok 11:06:38.0673 0x00cc [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe 11:06:38.0705 0x00cc VSS - ok 11:06:38.0705 0x00cc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 11:06:38.0720 0x00cc VSTXRAID - ok 11:06:38.0720 0x00cc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 11:06:38.0736 0x00cc vwifibus - ok 11:06:38.0736 0x00cc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 11:06:38.0736 0x00cc vwififlt - ok 11:06:38.0752 0x00cc [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 11:06:38.0752 0x00cc vwifimp - ok 11:06:38.0767 0x00cc [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll 11:06:38.0783 0x00cc W32Time - ok 11:06:38.0783 0x00cc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys 11:06:38.0798 0x00cc WacomPen - ok 11:06:38.0798 0x00cc [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 11:06:38.0798 0x00cc WANARP - ok 11:06:38.0814 0x00cc [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 11:06:38.0814 0x00cc Wanarpv6 - ok 11:06:38.0845 0x00cc [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe 11:06:38.0877 0x00cc wbengine - ok 11:06:38.0877 0x00cc [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 11:06:38.0892 0x00cc WbioSrvc - ok 11:06:38.0908 0x00cc [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 11:06:38.0923 0x00cc Wcmsvc - ok 11:06:38.0923 0x00cc [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll 11:06:38.0955 0x00cc wcncsvc - ok 11:06:38.0955 0x00cc [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 11:06:38.0955 0x00cc WcsPlugInService - ok 11:06:38.0970 0x00cc [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 11:06:38.0970 0x00cc WdBoot - ok 11:06:38.0986 0x00cc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 11:06:39.0002 0x00cc Wdf01000 - ok 11:06:39.0017 0x00cc [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 11:06:39.0017 0x00cc WdFilter - ok 11:06:39.0017 0x00cc [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll 11:06:39.0033 0x00cc WdiServiceHost - ok 11:06:39.0033 0x00cc [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll 11:06:39.0048 0x00cc WdiSystemHost - ok 11:06:39.0064 0x00cc [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 11:06:39.0064 0x00cc WdNisDrv - ok 11:06:39.0064 0x00cc WdNisSvc - ok 11:06:39.0064 0x00cc [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\Windows\System32\webclnt.dll 11:06:39.0080 0x00cc WebClient - ok 11:06:39.0095 0x00cc [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll 11:06:39.0095 0x00cc Wecsvc - ok 11:06:39.0111 0x00cc [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 11:06:39.0111 0x00cc WEPHOSTSVC - ok 11:06:39.0111 0x00cc [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll 11:06:39.0127 0x00cc wercplsupport - ok 11:06:39.0127 0x00cc [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll 11:06:39.0142 0x00cc WerSvc - ok 11:06:39.0142 0x00cc [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys 11:06:39.0158 0x00cc WFPLWFS - ok 11:06:39.0158 0x00cc [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll 11:06:39.0173 0x00cc WiaRpc - ok 11:06:39.0173 0x00cc [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 11:06:39.0173 0x00cc WIMMount - ok 11:06:39.0173 0x00cc WinDefend - ok 11:06:39.0189 0x00cc [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 11:06:39.0220 0x00cc WinHttpAutoProxySvc - ok 11:06:39.0220 0x00cc [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 11:06:39.0236 0x00cc Winmgmt - ok 11:06:39.0267 0x00cc [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll 11:06:39.0314 0x00cc WinRM - ok 11:06:39.0330 0x00cc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 11:06:39.0330 0x00cc WinUsb - ok 11:06:39.0361 0x00cc [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\Windows\System32\wlansvc.dll 11:06:39.0392 0x00cc WlanSvc - ok 11:06:39.0423 0x00cc [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll 11:06:39.0470 0x00cc wlidsvc - ok 11:06:39.0470 0x00cc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 11:06:39.0486 0x00cc WmiAcpi - ok 11:06:39.0486 0x00cc [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 11:06:39.0502 0x00cc wmiApSrv - ok 11:06:39.0502 0x00cc WMPNetworkSvc - ok 11:06:39.0502 0x00cc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys 11:06:39.0517 0x00cc Wof - ok 11:06:39.0533 0x00cc [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 11:06:39.0564 0x00cc workfolderssvc - ok 11:06:39.0580 0x00cc [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 11:06:39.0580 0x00cc wpcfltr - ok 11:06:39.0580 0x00cc [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 11:06:39.0595 0x00cc WPCSvc - ok 11:06:39.0595 0x00cc [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 11:06:39.0611 0x00cc WPDBusEnum - ok 11:06:39.0611 0x00cc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 11:06:39.0611 0x00cc WpdUpFltr - ok 11:06:39.0611 0x00cc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 11:06:39.0627 0x00cc ws2ifsl - ok 11:06:39.0627 0x00cc [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll 11:06:39.0642 0x00cc wscsvc - ok 11:06:39.0642 0x00cc [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys 11:06:39.0658 0x00cc WSDPrintDevice - ok 11:06:39.0658 0x00cc [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\Windows\System32\drivers\WSDScan.sys 11:06:39.0673 0x00cc WSDScan - ok 11:06:39.0673 0x00cc WSearch - ok 11:06:39.0720 0x00cc [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll 11:06:39.0783 0x00cc WSService - ok 11:06:39.0861 0x00cc [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\Windows\system32\wuaueng.dll 11:06:39.0923 0x00cc wuauserv - ok 11:06:39.0923 0x00cc [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 11:06:39.0939 0x00cc WudfPf - ok 11:06:39.0939 0x00cc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 11:06:39.0955 0x00cc WUDFRd - ok 11:06:39.0955 0x00cc [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 11:06:39.0970 0x00cc wudfsvc - ok 11:06:39.0970 0x00cc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys 11:06:39.0986 0x00cc WUDFWpdFs - ok 11:06:39.0986 0x00cc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys 11:06:40.0002 0x00cc WUDFWpdMtp - ok 11:06:40.0002 0x00cc [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll 11:06:40.0017 0x00cc WwanSvc - ok 11:06:40.0033 0x00cc [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\Windows\System32\drivers\xusb22.sys 11:06:40.0033 0x00cc xusb22 - ok 11:06:40.0048 0x00cc [ 7BB341F8B7CABBB37638E6D351B489C4, 567924DA9EDB271808556262DD885DA5156B4DA18ACDE6E08FB2C890588063F2 ] ZCinema_TSHD_x64 C:\Windows\system32\drivers\ZCinema_SRS_amd64.sys 11:06:40.0048 0x00cc ZCinema_TSHD_x64 - ok 11:06:40.0064 0x00cc ================ Scan global =============================== 11:06:40.0095 0x00cc [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll 11:06:40.0158 0x00cc [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll 11:06:40.0158 0x00cc [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll 11:06:40.0173 0x00cc [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe 11:06:40.0189 0x00cc [ Global ] - ok 11:06:40.0189 0x00cc ================ Scan MBR ================================== 11:06:40.0189 0x00cc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 11:06:40.0252 0x00cc \Device\Harddisk0\DR0 - ok 11:06:40.0252 0x00cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 11:06:40.0314 0x00cc \Device\Harddisk1\DR1 - ok 11:06:40.0314 0x00cc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 11:06:40.0392 0x00cc \Device\Harddisk2\DR2 - ok 11:06:40.0392 0x00cc ================ Scan VBR ================================== 11:06:40.0392 0x00cc [ 75FAAA260A3B2933F4C1A1F64371C7D7 ] \Device\Harddisk0\DR0\Partition1 11:06:40.0392 0x00cc \Device\Harddisk0\DR0\Partition1 - ok 11:06:40.0408 0x00cc [ 513F844304C45C5F1104C3237ED2B5FD ] \Device\Harddisk1\DR1\Partition1 11:06:40.0408 0x00cc \Device\Harddisk1\DR1\Partition1 - ok 11:06:40.0408 0x00cc [ 3C73158410A6A851DBAAA48C821A6A35 ] \Device\Harddisk1\DR1\Partition2 11:06:40.0408 0x00cc \Device\Harddisk1\DR1\Partition2 - ok 11:06:40.0408 0x00cc [ 30D2405E1B4E8439EA1BD0D3D1FB90CD ] \Device\Harddisk2\DR2\Partition1 11:06:40.0408 0x00cc \Device\Harddisk2\DR2\Partition1 - ok 11:06:40.0408 0x00cc ================ Scan generic autorun ====================== 11:06:40.0423 0x00cc [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe 11:06:40.0423 0x00cc VirtualCloneDrive - ok 11:06:40.0455 0x00cc [ 07A3A88C8E8FD71EAA2B7F39134788DA, 0AAB731BF14B8A96FF6DB84CDD2579C1DFE5E56838EF3D92B03AE738E89A92D1 ] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe 11:06:40.0470 0x00cc ROCCAT Savu Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 ) 11:06:40.0470 0x00cc Detect skipped due to KSN trusted 11:06:40.0470 0x00cc ROCCAT Savu Gaming Mouse - ok 11:06:40.0533 0x00cc [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe 11:06:40.0595 0x00cc SDTray - ok 11:06:40.0611 0x00cc [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 11:06:40.0627 0x00cc avgnt - ok 11:06:40.0627 0x00cc [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 11:06:40.0627 0x00cc Avira Systray - ok 11:06:40.0642 0x00cc [ 40F7401928355A1515199676A5D00CDC, 4F16DE77F0BD7D1F9F61AE5712B3FD7BD53D19DCCEF88925E10180EF040A8E0B ] C:\Users\Daniel\AppData\Local\Apps\2.0\V4KPBQ96.3TK\M82CHZ5J.PAL\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe 11:06:40.0642 0x00cc AVMUSBFernanschluss - detected UnsignedFile.Multi.Generic ( 1 ) 11:06:40.0689 0x00cc AVMUSBFernanschluss ( UnsignedFile.Multi.Generic ) - warning 11:06:43.0049 0x00cc [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe 11:06:43.0064 0x00cc Google Update - ok 11:06:43.0158 0x00cc [ CEF02D23595E5196E7CFE29E794CB814, D217EB20C280D3B4565471AD56DB33CE2FB25959DA26E6BF505352F2F1E60C58 ] C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe 11:06:43.0221 0x00cc Plex Media Server - ok 11:06:43.0236 0x00cc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x40000 ( disabled : updated ) 11:06:43.0236 0x00cc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated ) 11:06:43.0236 0x00cc Win FW state via NFP2: enabled 11:06:45.0596 0x00cc ============================================================ 11:06:45.0596 0x00cc Scan finished 11:06:45.0596 0x00cc ============================================================ 11:06:45.0596 0x16d4 Detected object count: 1 11:06:45.0596 0x16d4 Actual detected object count: 1 11:24:57.0020 0x16d4 AVMUSBFernanschluss ( UnsignedFile.Multi.Generic ) - skipped by user 11:24:57.0020 0x16d4 AVMUSBFernanschluss ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
19.03.2015, 21:11
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8.1 Pro N - DHL Spamm-Mail - ZIP DateiSo funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei |
|
20.03.2015, 12:36
| #7 |
| | FRST Logfile FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Daniel (administrator) on LOGICY on 20-03-2015 12:31:31
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel & (Available profiles: Daniel)
Platform: Windows 8.1 Pro N (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\AMD\amdacpusrsvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVM Berlin) C:\Users\Daniel\AppData\Local\Apps\2.0\V4KPBQ96.3TK\M82CHZ5J.PAL\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Logitech(c)) C:\Program Files\Logitech\Z Cinema\Z Cinema.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\ws.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Daniel\AppData\Local\Apps\2.0\V4KPBQ96.3TK\M82CHZ5J.PAL\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-06-22] (AVM Berlin)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\Run: [Google Update] => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-07] (Google Inc.)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\MountPoints2: {4a964a30-8dda-11e3-9bf7-bc5ff47bc837} - "G:\start.exe"
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\MountPoints2: {54d2564b-9a00-11e3-9c0c-bc5ff47bc837} - "I:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\MountPoints2: {84846703-03bb-11e4-9c21-bc5ff47bc837} - "I:\AutoRun.exe"
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\MountPoints2: {fe510e42-f79a-11e3-9c1d-bc5ff47bc837} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVMUSBFernanschluss] => C:\Users\Daniel\AppData\Local\Apps\2.0\V4KPBQ96.3TK\M82CHZ5J.PAL\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-06-22] (AVM Berlin)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-07] (Google Inc.)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: []
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4a964a30-8dda-11e3-9bf7-bc5ff47bc837} - "G:\start.exe"
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {54d2564b-9a00-11e3-9c0c-bc5ff47bc837} - "I:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {84846703-03bb-11e4-9c21-bc5ff47bc837} - "I:\AutoRun.exe"
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {fe510e42-f79a-11e3-9c1d-bc5ff47bc837} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [AVMUSBFernanschluss] => C:\Users\Daniel\AppData\Local\Apps\2.0\V4KPBQ96.3TK\M82CHZ5J.PAL\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-06-22] (AVM Berlin)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Google Update] => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-07] (Google Inc.)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Policies\Explorer: []
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {4a964a30-8dda-11e3-9bf7-bc5ff47bc837} - "G:\start.exe"
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {54d2564b-9a00-11e3-9c0c-bc5ff47bc837} - "I:\MotorolaDeviceManagerSetup.exe" -a
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {84846703-03bb-11e4-9c21-bc5ff47bc837} - "I:\AutoRun.exe"
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {fe510e42-f79a-11e3-9c1d-bc5ff47bc837} - "E:\LaunchU3.exe" -a
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Z Cinema.lnk
ShortcutTarget: Z Cinema.lnk -> C:\Users\Daniel\AppData\Roaming\Microsoft\Installer\{6E166235-49F3-4DFA-A102-1E86675ABD11}\StartupShortcut_6E16623549F34DFAA1021E86675ABD11.exe (Macrovision Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default
FF Homepage: google.de
FF NetworkProxy: "backup.ftp", "177.103.176.53"
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.socks", "177.103.176.53"
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "177.103.176.53"
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "187.61.252.57"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "176.61.136.2"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "187.61.252.57"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "187.61.252.57"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll [2014-02-05] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll [2014-02-05] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2014-07-28] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-02-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3647393688-4095208527-2053384529-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3647393688-4095208527-2053384529-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @tools.google.com/Google Update;version=3 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @tools.google.com/Google Update;version=9 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\searchplugins\11-suche.xml [2014-06-06]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\searchplugins\englische-ergebnisse.xml [2014-06-06]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\searchplugins\gmx-suche.xml [2014-06-06]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\searchplugins\webde-suche.xml [2014-06-06]
FF Extension: Hola Better Internet - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2014-11-02]
FF Extension: LastPass - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\Extensions\support@lastpass.com [2014-03-22]
FF Extension: WEB.DE MailCheck - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\Extensions\toolbar@web.de [2015-02-28]
FF Extension: PAYBACK Internet Assistent fuer Firefox - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\Extensions\toolbar-ff@payback.de.xpi [2014-12-03]
FF Extension: {b6644a6d-0101-4af2-bb69-84e61f12a9ab} - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\Extensions\{b6644a6d-0101-4af2-bb69-84e61f12a9ab}.xpi [2015-01-31]
FF Extension: Adblock Plus - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-04]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-30]
Chrome:
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Translate) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-11-26]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-19]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-19]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-19]
CHR Extension: (Google Cast) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-12-07]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-19]
CHR Extension: (Plex) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-02-12]
CHR Extension: (Hola Better Internet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-07-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-19]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [82432 2014-04-17] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-19] (Electronic Arts)
R3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [274656 2014-04-18] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2014-06-22] (AVM Berlin)
R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [107736 2015-03-19] (Malwarebytes Corporation)
R3 Neo_VPN; C:\Windows\system32\DRIVERS\Neo_VPN.sys [28768 2014-03-20] (SoftEther VPN Project at University of Tsukuba, Japan.)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
R3 ZCinema_TSHD_x64; C:\Windows\system32\drivers\ZCinema_SRS_amd64.sys [21648 2007-08-22] (SRS Labs, Inc.)
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-20 12:31 - 2015-03-20 12:31 - 00029245 _____ () C:\Users\Daniel\Desktop\FRST.txt
2015-03-20 12:31 - 2015-03-20 12:31 - 00000000 ____D () C:\FRST
2015-03-20 12:12 - 2015-03-20 12:12 - 02095616 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-03-20 12:07 - 2015-03-20 12:11 - 00000000 ____D () C:\Users\Daniel\Downloads\Online-Speicher
2015-03-20 12:07 - 2015-03-20 12:07 - 02991723 _____ () C:\Users\Daniel\Downloads\Online-Speicher.zip
2015-03-19 13:23 - 2015-03-19 13:23 - 00013096 _____ () C:\Users\Daniel\Desktop\Spybot Scan 12.03.2015.txt
2015-03-19 11:03 - 2015-03-19 11:03 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Daniel\Desktop\tdsskiller.exe
2015-03-19 10:41 - 2015-03-19 11:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-19 10:41 - 2015-03-19 10:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-19 10:41 - 2015-03-19 10:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-19 10:40 - 2015-03-19 11:02 - 00000000 ____D () C:\Users\Daniel\Desktop\mbar
2015-03-19 10:40 - 2015-03-19 10:49 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-19 10:40 - 2015-03-19 10:40 - 00000074 _____ () C:\Users\Daniel\Desktop\DHL Phishing.txt
2015-03-19 10:39 - 2015-03-19 10:40 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.09.1.1004.exe
2015-03-18 14:21 - 2015-03-18 14:21 - 00000979 _____ () C:\Users\Daniel\Desktop\TechPowerUp GPU-Z.lnk
2015-03-18 14:21 - 2015-03-18 14:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-03-18 14:21 - 2015-03-18 14:21 - 00000000 ____D () C:\Program Files (x86)\GPU-Z
2015-03-18 14:19 - 2015-03-18 14:19 - 01203488 _____ () C:\Users\Daniel\Downloads\GPU Z - CHIP-Installer.exe
2015-03-18 00:11 - 2015-03-18 00:11 - 00000457 _____ () C:\Users\Daniel\Downloads\Amelia.txt
2015-03-16 16:46 - 2015-03-16 16:47 - 621283029 _____ () C:\Users\Daniel\Desktop\KIA20.74.rar
2015-03-12 17:03 - 2015-03-12 17:04 - 00000000 ____D () C:\Users\Daniel\Desktop\Stick 12.03.15
2015-03-12 12:19 - 2015-03-12 12:19 - 00000000 ____D () C:\682577884c5d7d14aa
2015-03-12 11:58 - 2015-03-12 11:58 - 01203488 _____ () C:\Users\Daniel\Downloads\USBDeview 64 Bit - CHIP-Installer.exe
2015-03-11 17:27 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 17:27 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 17:27 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 17:27 - 2015-02-07 00:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 17:27 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 17:27 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 17:27 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 17:27 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 17:27 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 17:27 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 17:27 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 17:27 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 17:27 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 17:27 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 17:27 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 17:27 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 17:27 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 17:26 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 17:26 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 17:26 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 17:26 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 17:26 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 17:26 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 17:26 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 17:26 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 17:26 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 17:26 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 17:26 - 2015-01-30 04:01 - 00097792 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 17:26 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 17:26 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 17:26 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 17:26 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 17:26 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 17:26 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 17:26 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 17:26 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 17:26 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 17:26 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 17:26 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 17:26 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 17:26 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 17:26 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 17:26 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 17:26 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 17:26 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 17:26 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 17:26 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 17:26 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 17:26 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 17:26 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 17:26 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 17:26 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 17:26 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 17:26 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 17:26 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 17:26 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 17:26 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 17:26 - 2014-10-29 03:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 17:26 - 2014-10-29 03:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 17:26 - 2014-10-29 03:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 17:26 - 2014-10-29 03:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 17:26 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 17:26 - 2014-10-29 03:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 17:26 - 2014-10-29 03:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 17:26 - 2014-10-29 03:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 17:26 - 2014-10-29 03:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 17:26 - 2014-10-29 03:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 17:26 - 2014-10-29 03:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 17:26 - 2014-10-29 03:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 17:26 - 2014-10-29 02:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 17:26 - 2014-10-29 02:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 17:26 - 2014-10-29 02:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 17:26 - 2014-10-29 02:48 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-03-11 17:26 - 2014-10-29 02:45 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-03-11 17:26 - 2014-10-29 02:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 17:26 - 2014-10-29 02:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 17:26 - 2014-10-29 02:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 17:26 - 2014-10-29 02:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 17:26 - 2014-10-29 02:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 17:26 - 2014-10-29 02:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 17:26 - 2014-10-29 02:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 17:26 - 2014-10-29 01:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 17:26 - 2014-10-29 01:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 17:26 - 2014-10-29 01:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 17:26 - 2014-10-29 01:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 17:26 - 2014-10-29 01:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 17:26 - 2014-10-29 01:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 17:25 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 17:25 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 17:25 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 17:25 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 17:25 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 17:25 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 17:25 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 17:25 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 17:25 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 17:25 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 17:25 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 17:25 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 17:25 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 17:25 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 17:25 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 17:25 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 17:25 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 17:25 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 17:25 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 17:25 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 17:25 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 17:25 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 17:25 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 17:25 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 17:25 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 17:25 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 17:25 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 17:25 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 17:25 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 17:25 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 17:25 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 17:25 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 17:25 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 17:25 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 17:25 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 17:25 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 17:25 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 17:25 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 17:25 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 17:25 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 17:25 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 17:25 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 17:24 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 17:24 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 17:24 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 17:24 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 17:24 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 17:24 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 17:24 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 17:24 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-10 21:34 - 2015-03-10 21:32 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-10 21:32 - 2015-03-10 21:32 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-03-10 21:32 - 2015-03-10 21:32 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Avira
2015-03-10 21:27 - 2015-03-10 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-10 21:27 - 2015-03-10 21:32 - 00000000 ____D () C:\ProgramData\Avira
2015-03-10 21:27 - 2015-03-10 21:32 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-10 21:27 - 2015-03-10 21:27 - 00002086 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-03-10 21:27 - 2015-02-25 17:53 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-10 21:27 - 2015-02-25 17:53 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-10 21:27 - 2015-02-25 17:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-03-10 21:17 - 2015-03-10 21:17 - 00010404 _____ () C:\Users\Daniel\Downloads\hijackthis.log
2015-03-10 20:38 - 2015-03-10 21:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-10 20:38 - 2015-03-10 20:45 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-10 20:38 - 2015-03-10 20:38 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-10 20:38 - 2015-03-10 20:38 - 00001395 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-10 20:38 - 2015-03-10 20:38 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-10 20:38 - 2015-03-10 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-10 20:38 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-03-10 20:35 - 2015-03-10 20:36 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.exe
2015-03-10 20:34 - 2015-03-10 20:34 - 00388608 _____ (Trend Micro Inc.) C:\Users\Daniel\Downloads\HiJackThis204.exe
2015-03-10 20:33 - 2015-03-10 21:24 - 163016912 _____ () C:\Users\Daniel\Downloads\avira_free650_antivirus_de.exe
2015-03-05 19:38 - 2015-03-05 19:39 - 03674511 _____ () C:\Users\Daniel\Downloads\com.ov3rk1ll.kinocast_v1.3.2.apk
2015-03-05 15:42 - 2015-03-05 15:44 - 00002138 _____ () C:\Users\Daniel\Desktop\AutoCAD 2015 - Deutsch weiß.lnk
2015-03-05 15:09 - 2015-03-05 15:09 - 00083147 _____ () C:\Users\Daniel\Desktop\Daniel 2D.cuix
2015-03-05 15:02 - 2015-03-05 15:02 - 00000000 ____D () C:\Users\Daniel\Documents\AutoCAD Sheet Sets
2015-03-05 14:37 - 2015-03-05 14:38 - 36202939 _____ () C:\Users\Daniel\Downloads\popcorntime(1).apk
2015-03-05 14:35 - 2015-03-05 14:36 - 36202939 _____ () C:\Users\Daniel\Downloads\popcorntime.apk
2015-03-05 14:32 - 2015-03-05 14:33 - 03204939 _____ () C:\Users\Daniel\Downloads\com.ov3rk1ll.kinocast.apk
2015-03-05 10:58 - 2015-03-05 10:58 - 00279584 _____ () C:\Windows\Minidump\030515-15843-01.dmp
2015-03-04 23:01 - 2015-03-04 23:11 - 00000000 ____D () C:\Users\Daniel\Desktop\Auto Disney
2015-03-04 06:43 - 2015-03-04 23:01 - 00000000 ____D () C:\Users\Daniel\Desktop\Best of Disney 3er Box
2015-03-03 16:11 - 2015-03-03 16:11 - 00000000 ____D () C:\Users\Daniel\Desktop\Rollerversicherung 2015-2016 WGV
2015-03-02 08:41 - 2015-03-02 08:41 - 01203488 _____ () C:\Users\Daniel\Downloads\IrfanView Portable - CHIP-Installer(1).exe
2015-03-02 08:33 - 2015-03-02 09:02 - 00000000 ____D () C:\Users\Daniel\Desktop\Praktikantenvertrag
2015-02-28 14:11 - 2015-02-28 14:11 - 00000000 ____D () C:\Users\Daniel\Documents\Nero
2015-02-28 14:10 - 2015-02-28 14:10 - 00000000 ____D () C:\Windows\System32\Tasks\Nero
2015-02-28 14:09 - 2015-02-28 14:10 - 00000000 ____D () C:\ProgramData\Nero
2015-02-28 14:09 - 2015-02-28 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-02-28 14:09 - 2015-02-28 14:10 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-02-28 14:06 - 2015-02-28 14:07 - 53012056 _____ (Nero AG) C:\Users\Daniel\Downloads\Nero_CoverDesigner3p.exe
2015-02-28 13:50 - 2015-02-28 13:51 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Canon Easy-PhotoPrint EX
2015-02-28 13:50 - 2015-02-28 13:50 - 00001902 _____ () C:\Users\Public\Desktop\Canon Easy-PhotoPrint EX.lnk
2015-02-28 13:50 - 2015-02-28 13:50 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX2
2015-02-28 13:50 - 2015-02-28 13:50 - 00000000 ___HD () C:\ProgramData\CanonEPP
2015-02-28 13:49 - 2015-02-28 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-02-28 13:49 - 2015-02-28 13:49 - 00000000 ____D () C:\Program Files\Canon
2015-02-28 13:49 - 2015-02-28 13:49 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-02-28 13:45 - 2015-02-28 13:46 - 60366424 _____ () C:\Users\Daniel\Downloads\eppx-win-4_5_0-de.exe
2015-02-26 15:36 - 2015-02-26 15:36 - 01203488 _____ () C:\Users\Daniel\Downloads\IrfanView Portable - CHIP-Installer.exe
2015-02-24 19:04 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-24 19:04 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-24 19:04 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-24 19:04 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-24 19:04 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-24 19:04 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-21 07:40 - 2015-03-03 10:24 - 00000000 ____D () C:\Users\Daniel\Desktop\Formatierennexus
2015-02-19 19:31 - 2015-02-19 19:31 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Steam
2015-02-18 17:03 - 2015-02-18 17:06 - 00000000 ____D () C:\totalcmd
2015-02-18 17:03 - 2015-02-18 17:03 - 00000654 _____ () C:\Users\Daniel\Desktop\Total Commander 64 bit.lnk
2015-02-18 17:03 - 2015-02-18 17:03 - 00000640 _____ () C:\Users\Daniel\Desktop\Total Commander.lnk
2015-02-18 17:03 - 2015-02-18 17:03 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-02-18 17:03 - 2015-02-18 17:03 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\GHISLER
2015-02-18 17:02 - 2015-02-18 17:02 - 01203488 _____ () C:\Users\Daniel\Downloads\Total Commander - CHIP-Installer.exe
2015-02-18 16:33 - 2015-02-18 16:35 - 03147169 _____ () C:\Users\Daniel\Downloads\xposed-arm-20150213b.zip
2015-02-18 14:04 - 2015-03-02 08:35 - 00000000 ____D () C:\Users\Daniel\Desktop\Nexus 7 v2 (2013)
2015-02-18 13:26 - 2015-02-18 13:26 - 00000000 ____D () C:\Users\Daniel\.android
2015-02-18 13:07 - 2015-02-18 13:07 - 00001123 _____ () C:\Users\Public\Desktop\Minimal ADB and Fastboot.lnk
2015-02-18 12:51 - 2015-02-18 12:51 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-02-18 12:50 - 2015-02-18 12:50 - 00000000 ____D () C:\ProgramData\Samsung
2015-02-18 12:49 - 2015-02-18 12:50 - 14759040 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\Daniel\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
2015-02-18 12:03 - 2015-02-18 12:03 - 00571238 _____ () C:\Users\Daniel\Downloads\ADB+Fastboot.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-20 12:24 - 2014-02-04 19:53 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-20 12:24 - 2013-08-23 00:26 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2015-03-20 12:24 - 2013-08-23 00:26 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2015-03-20 12:21 - 2014-02-04 19:52 - 01559970 _____ () C:\Windows\WindowsUpdate.log
2015-03-20 12:11 - 2014-02-04 22:01 - 00000000 ____D () C:\ProgramData\Origin
2015-03-20 12:08 - 2014-02-15 16:43 - 04238336 ___SH () C:\Users\Daniel\Downloads\Thumbs.db
2015-03-20 12:02 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-19 17:35 - 2014-12-07 20:23 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3647393688-4095208527-2053384529-1001UA.job
2015-03-19 16:45 - 2014-02-11 07:57 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-19 16:44 - 2014-08-22 11:03 - 00000000 ____D () C:\Users\Daniel\Desktop\Ebay
2015-03-19 16:39 - 2014-08-17 21:07 - 00000000 ___RD () C:\Users\Daniel\Dropbox
2015-03-19 16:39 - 2014-08-17 21:04 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox
2015-03-19 16:38 - 2014-02-11 07:57 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-19 11:47 - 2014-02-04 20:10 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3647393688-4095208527-2053384529-1001
2015-03-19 11:43 - 2014-02-04 22:11 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-19 11:13 - 2014-02-04 22:01 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-03-18 00:22 - 2014-02-04 20:04 - 00000000 ____D () C:\Users\Daniel
2015-03-17 22:43 - 2013-08-22 15:45 - 00055361 _____ () C:\Windows\setupact.log
2015-03-17 22:43 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-17 21:34 - 2014-02-04 19:47 - 01188778 _____ () C:\Windows\PFRO.log
2015-03-17 18:51 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-17 09:30 - 2014-02-05 17:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-03-16 14:59 - 2014-02-04 20:04 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Packages
2015-03-13 11:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-03-12 23:00 - 2014-09-13 09:13 - 00000000 ____D () C:\Users\Daniel\Desktop\Amazon
2015-03-12 22:46 - 2014-10-01 11:47 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-12 22:35 - 2014-12-07 20:23 - 00001086 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3647393688-4095208527-2053384529-1001Core.job
2015-03-12 21:50 - 2013-08-22 15:44 - 00559464 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-12 17:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-12 17:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 17:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-12 17:07 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-12 17:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-12 17:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-12 17:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-12 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-12 12:52 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-12 12:19 - 2014-02-06 22:37 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-12 12:19 - 2014-02-06 22:37 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 12:31 - 2015-01-14 15:42 - 00000000 ____D () C:\Users\Daniel\Desktop\Verkehr 1
2015-03-11 12:31 - 2014-08-17 21:07 - 00001068 _____ () C:\Users\Daniel\Desktop\Dropbox.lnk
2015-03-11 12:31 - 2014-08-17 21:05 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-10 22:50 - 2014-02-05 16:00 - 07692800 ___SH () C:\Users\Daniel\Desktop\Thumbs.db
2015-03-10 22:47 - 2014-02-04 20:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DigitalSites
2015-03-10 21:32 - 2014-06-27 11:55 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-10 21:17 - 2014-02-04 20:04 - 00000000 ____D () C:\Users\Daniel\AppData\Local\VirtualStore
2015-03-10 17:16 - 2014-02-15 16:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-09 12:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-09 10:59 - 2014-02-04 21:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 15:40 - 2015-01-20 10:35 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Autodesk
2015-03-05 10:58 - 2014-08-13 09:28 - 635868004 _____ () C:\Windows\MEMORY.DMP
2015-03-05 10:58 - 2014-08-13 09:28 - 00000000 ____D () C:\Windows\Minidump
2015-03-05 10:06 - 2014-06-22 20:38 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Deployment
2015-03-04 22:24 - 2013-08-22 16:38 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 22:24 - 2013-08-22 16:38 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-03 14:17 - 2014-02-06 15:54 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-03 10:39 - 2015-01-15 21:57 - 00000000 ____D () C:\Users\Daniel\Desktop\Elektrokram
2015-03-02 13:49 - 2014-03-29 00:42 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2015-02-28 14:03 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2014-02-04 20:21 - 2014-02-04 20:21 - 0000044 _____ () C:\Users\Daniel\AppData\Roaming\WB.CFG
2015-01-20 10:35 - 2015-01-20 10:35 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some content of TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\avgnt.exe
C:\Users\Daniel\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Daniel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr4g5sf.dll
C:\Users\Daniel\AppData\Local\Temp\ResetDevice.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-11 11:23
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Daniel at 2015-03-20 12:31:53
Running from C:\Users\Daniel\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Amnesia: A Machine for Pigs (HKLM-x32\...\Steam App 239200) (Version: - The Chinese Room)
AutoCAD 2015 - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk AutoCAD 2015 - Deutsch (German) (HKLM\...\AutoCAD 2015 - Deutsch (German)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version: - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
ChromecastApp (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
ChromecastApp (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daikatana (HKLM-x32\...\Steam App 242980) (Version: - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dropbox (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\2db37667170956ee) (Version: 2.3.2.0 - AVM Berlin)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
MakeMKV v1.9.1 (HKLM-x32\...\MakeMKV) (Version: v1.9.1 - GuinpinSoft inc)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
Mortal Kombat Komplete Edition (HKLM-x32\...\Steam App 237110) (Version: - NetherRealm Studios)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.2 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.2 - MPC-HC Team)
Nero CoverDesigner (HKLM-x32\...\{79BB6415-00A7-413A-B278-A7EAE69F1753}) (Version: 12.0.02700 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
Pid (HKLM-x32\...\Steam App 218740) (Version: - Might and Delight)
Plex Media Server (HKLM-x32\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.1107 - Plex, Inc.) Hidden
Prerequisite installer (x32 Version: 12.0.0005 - Nero AG) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Serious Sam: The Random Encounter (HKLM-x32\...\Steam App 201480) (Version: - Vlambeer)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\Steam App 45760) (Version: - Capcom)
Switch Off (HKLM-x32\...\SwitchOff) (Version: 2.3 - YaSoft)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Z Cinema (HKLM\...\{6E166235-49F3-4DFA-A102-1E86675ABD11}) (Version: 1.0.0 - Logitech)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\de-DE\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3647393688-4095208527-2053384529-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
12-03-2015 12:06:24 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {24994288-6C5B-4B8D-A978-83A09C79F736} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {43A739B8-D3A5-4BC8-9042-23E0EDD6782C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-12] (Microsoft Corporation)
Task: {4D4D1481-7F5C-41C7-9469-6E4EB20DAA44} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647393688-4095208527-2053384529-1001Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {522D92EB-D25E-4CE5-A0BE-1AD2AA2B4303} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {5788AFF0-51D4-453E-8838-D3E6F0476241} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {5A54DD21-B68D-43F9-806F-3B0D8A60D960} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6D273ECA-AFD7-49B7-AF3A-6592C578E457} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {819EFC66-7320-48F2-8265-147CEDFE831D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3647393688-4095208527-2053384529-1001UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-07] (Google Inc.)
Task: {BB153273-6E30-4824-8CAC-ADC8EC7D064F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {D1C36EAA-F27B-479C-9CC7-1A1EDAC2FC2F} - System32\Tasks\Digital Sites => C:\Users\Daniel\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D2916270-4150-4A56-9039-B3223E794D13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {D7EF3C04-14FE-435E-A918-728CA2068021} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {DE53DF9E-D535-487C-BA5B-EE495095FA7E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {E033B043-4AA4-4042-AB32-6CB914C55AC9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3647393688-4095208527-2053384529-1001Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3647393688-4095208527-2053384529-1001UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-04-17 20:55 - 2014-04-17 20:55 - 00082432 _____ () C:\AMD\amdacpusrsvc.exe
2014-03-19 10:14 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-10 20:38 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-10 20:38 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-10 20:38 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-10 20:38 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-10 20:38 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00838792 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00049800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00086664 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 02092680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 01883272 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00502920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00072840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00196232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00027784 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00018568 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00034952 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00836232 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll
2014-12-21 22:31 - 2014-12-21 22:31 - 00192136 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00054920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00017032 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00043656 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00081544 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00111240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-12-21 22:31 - 2014-12-21 22:31 - 00689800 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd
2015-03-04 23:08 - 2015-03-04 23:08 - 00750080 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-19 16:38 - 2015-03-19 16:38 - 00043008 _____ () c:\users\daniel\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr4g5sf.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00047616 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00865280 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:07 - 2015-03-04 23:07 - 00200704 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-03-22 16:36 - 2014-03-22 16:36 - 01020928 _____ () C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\Control Panel\Desktop\\Wallpaper -> D:\Video\Wallpapers\cityscape_flash-2560x1600.jpg
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> D:\Video\Wallpapers\cityscape_flash-2560x1600.jpg
HKU\S-1-5-21-3647393688-4095208527-2053384529-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> D:\Video\Wallpapers\cityscape_flash-2560x1600.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3647393688-4095208527-2053384529-500 - Administrator - Disabled)
Daniel (S-1-5-21-3647393688-4095208527-2053384529-1001 - Administrator - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-3647393688-4095208527-2053384529-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3647393688-4095208527-2053384529-1003 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/20/2015 11:56:08 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
Error: (03/20/2015 11:56:08 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
Error: (03/19/2015 05:41:05 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: IOCTL_USR_SVC_TO_ACPKSD_POWER_STATE_NOTIFICATION: FAILED
Error: (03/19/2015 04:38:27 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
Error: (03/19/2015 04:38:27 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
Error: (03/19/2015 04:37:37 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: IOCTL_USR_SVC_TO_ACPKSD_POWER_STATE_NOTIFICATION: FAILED
Error: (03/19/2015 11:48:03 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Native.CsLib,processorArchitecture="x86",type="win32",version="4.5.4.5143"1". Fehler in Manifest- oder Richtliniendatei "Native.CsLib,processorArchitecture="x86",type="win32",version="4.5.4.5143"2" in Zeile Native.CsLib,processorArchitecture="x86",type="win32",version="4.5.4.5143"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Native.CsLib,processorArchitecture="x86",type="win32",version="4.5.4.5143".
Definition: Native.CsLib,processorArchitecture="x86",type="win32",version="4.5.4.5306".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/19/2015 11:47:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/19/2015 10:53:07 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
Error: (03/19/2015 10:53:07 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
System errors:
=============
Error: (03/19/2015 11:48:53 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/19/2015 11:48:23 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/19/2015 10:50:30 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (03/18/2015 10:12:40 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/18/2015 10:12:10 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/17/2015 10:43:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 17.03.2015 um 21:34:38 unerwartet heruntergefahren.
Error: (03/17/2015 09:34:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 17.03.2015 um 20:04:20 unerwartet heruntergefahren.
Error: (03/17/2015 09:38:45 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (03/17/2015 09:38:15 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (03/16/2015 09:25:12 AM) (Source: DCOM) (EventID: 10010) (User: Logicy)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office Sessions:
=========================
Error: (03/20/2015 11:56:08 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
Error: (03/20/2015 11:56:08 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
Error: (03/19/2015 05:41:05 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: IOCTL_USR_SVC_TO_ACPKSD_POWER_STATE_NOTIFICATION: FAILED
Error: (03/19/2015 04:38:27 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
Error: (03/19/2015 04:38:27 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
Error: (03/19/2015 04:37:37 PM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: IOCTL_USR_SVC_TO_ACPKSD_POWER_STATE_NOTIFICATION: FAILED
Error: (03/19/2015 11:48:03 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Native.CsLib,processorArchitecture="x86",type="win32",version="4.5.4.5143"Native.CsLib,processorArchitecture="x86",type="win32",version="4.5.4.5306"C:\Program Files (x86)\CDBurnerXP\cdbxpcmd.exe.ManifestC:\Program Files (x86)\CDBurnerXP\Native.CsLib.MANIFEST3
Error: (03/19/2015 11:47:56 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (03/19/2015 10:53:07 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvc[EVENT]: SERVICE_CONTROL_POWEREVENT: RESUME: FAILED.
Error: (03/19/2015 10:53:07 AM) (Source: amdacpusrsvc) (EventID: 0) (User: )
Description: amdacpusrsvcacpusrsvc: GraphicsMemory API Wrapper: Dummy Packet Submission FAILED
CodeIntegrity Errors:
===================================
Date: 2015-03-09 09:18:12.661
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-09 09:18:12.536
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-09 09:18:12.301
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-09 09:18:12.192
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-09 09:18:09.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-09 09:18:09.614
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-09 09:18:09.489
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-09 09:18:09.364
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-05 13:01:32.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-05 13:01:31.984
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1230 V2 @ 3.30GHz
Percentage of memory in use: 22%
Total physical RAM: 8131.91 MB
Available physical RAM: 6272.54 MB
Total Pagefile: 16323.91 MB
Available Pagefile: 13827.83 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:3.03 GB) NTFS
Drive d: (Media) (Fixed) (Total:1863.01 GB) (Free:20.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B32DEE41)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: C4B24272)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
21.03.2015, 09:58
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei Passiert is nix, aber wir entfernen dann gerade mal noch die ADware  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.03.2015, 13:17
| #9 |
| | mbam.txtCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 23.03.2015 Suchlauf-Zeit: 12:29:34 Logdatei: mbam.txt Administrator: Ja Version: 0.00.0.0000 Malware Datenbank: v2015.03.23.03 Rootkit Datenbank: v2015.02.25.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Aktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Daniel Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 364396 Verstrichene Zeit: 8 Min, 17 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 5 PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, Keine Aktion durch Benutzer, [24ca65e305850135b5391ec0f310c33d], PUP.Optional.DigitalSites.A, HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\SOFTWARE\DSiteProducts, Keine Aktion durch Benutzer, [509efd4b7119f54122b09aa73dc846ba], PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\SOFTWARE\INSTALLCORE\1I1T1Q1S, Keine Aktion durch Benutzer, [15d93414b8d20b2bf0a96d960bf9b14f], PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\SOFTWARE\INSTALLCORE, Keine Aktion durch Benutzer, [46a8e5631e6c39fdd49ea47550b537c9], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\SOFTWARE\SYSTWEAK\ssd, Keine Aktion durch Benutzer, [c22cdd6b95f5a0966f7e15c924df5ba5], Registrierungswerte: 1 PUP.Optional.InstallCore.A, HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\SOFTWARE\INSTALLCORE|tb, 0N2X1N, Keine Aktion durch Benutzer, [46a8e5631e6c39fdd49ea47550b537c9] Registrierungsdaten: 13 PUP.Optional.SweetPage.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550),Keine Aktion durch Benutzer,[a44ad870404aaa8cef5bf5fee81dcd33] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}),Keine Aktion durch Benutzer,[f3fb02467911ca6c92baef04fc09c33d] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550),Keine Aktion durch Benutzer,[19d556f29ceec96da2a96a897590b947] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550),Keine Aktion durch Benutzer,[bf2f4ff94f3b231363ea7380ca3b53ad] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}),Keine Aktion durch Benutzer,[2bc3e1671d6d082e4a15806843c2f50b] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Keine Aktion durch Benutzer,[905e59ef8307ff375e89876b897c8a76] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550),Keine Aktion durch Benutzer,[985649ff573350e69ab037bcde27c43c] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}),Keine Aktion durch Benutzer,[33bb23256f1b42f473d9e013cd3806fa] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550),Keine Aktion durch Benutzer,[48a6ec5cbecc72c462e951a2fc09e11f] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550),Keine Aktion durch Benutzer,[46a86eda8a00e650d479688b966f07f9] PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550&q={searchTerms}),Keine Aktion durch Benutzer,[0fdf192f2e5cb77f055a34b4e81db64a] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Keine Aktion durch Benutzer,[6f7f093fa6e4b383eff8678bd0353bc5] PUP.Optional.SweetPage.A, HKU\S-1-5-21-3647393688-4095208527-2053384529-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1391541677&from=cor&uid=SAMSUNGXHD204UI_S2H7JD5ZC00550),Keine Aktion durch Benutzer,[03eb44044c3e3bfb7dcacb289e67946c] Ordner: 1 PUP.Optional.SystemSpeedup, C:\Users\Daniel\AppData\Roaming\systweak\ssd, Keine Aktion durch Benutzer, [02ec18300b7f42f43c8d9af15aa9748c], Dateien: 4 PUP.Optional.Giga, C:\Users\Daniel\Downloads\PDFCreator-lnstall.exe, Keine Aktion durch Benutzer, [5d9152f6f1997bbb69271db89471718f], PUP.Optional.Giga, C:\Users\Daniel\Downloads\Plex-Media-Server-lnstall.exe, Keine Aktion durch Benutzer, [4ca2ba8e503a51e599f7ab2a53b22bd5], PUP.Optional.DigitalSites.A, C:\Windows\System32\Tasks\Digital Sites, Keine Aktion durch Benutzer, [0fdf1d2b5a30b482d9fb7fc247be25db], PUP.Optional.SystemSpeedup, C:\Users\Daniel\AppData\Roaming\systweak\ssd\SSDPTstub.exe, Keine Aktion durch Benutzer, [02ec18300b7f42f43c8d9af15aa9748c], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.113 - Bericht erstellt 23/03/2015 um 12:45:31
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-03-23.1 [Server]
# Betriebssystem : Windows 8.1 Pro N (x64)
# Benutzername : Daniel - LOGICY
# Gestarted von : C:\Users\Daniel\Desktop\AdwCleaner_4.113.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Daniel\AppData\Local\pdfforge
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Daniel\AppData\Roaming\Systweak
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\9cbnjg3v.default\searchplugins\11-suche.xml
***** [ Geplante Tasks ] *****
Task Gelöscht : Digital Sites
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Daniel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\portaldosites.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\qipu.de
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweet-page.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.portaldosites.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.sweet-page.com
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v36.0.3 (x86 de)
-\\ Google Chrome v41.0.2272.101
*************************
AdwCleaner[R0].txt - [4569 Bytes] - [23/03/2015 12:43:17]
AdwCleaner[S0].txt - [3526 Bytes] - [23/03/2015 12:45:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3585 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Windows 8.1 Pro N x64
Ran by Daniel on 23.03.2015 at 13:13:36,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\flexnet"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\9cbnjg3v.default\extensions\toolbar@web.de
Emptied folder: C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\9cbnjg3v.default\minidumps [17 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.03.2015 at 13:15:54,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
24.03.2015, 09:24
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8.1 Pro N - DHL Spamm-Mail - ZIP DateiESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1 Pro N - DHL Spamm-Mail - ZIP Datei |
| fehlercode 28, fehlercode windows, logfiles, malwarebytes, pup.optional.digitalsites.a, pup.optional.giga, pup.optional.installcore.a, pup.optional.qone8, pup.optional.sweetpage.a, pup.optional.systemspeedup, runterladen, schließe, spammail, sweet-page, sweet-page entfernen, sweetpage, sweetpage entfernen, zufällig |
Linear-Darstellung
