|
Log-Analyse und Auswertung: Phishing mail Link geklicktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
19.03.2015, 15:29 | #1 |
| Phishing mail Link geklickt Hallo zusammen Nun hats auch mich erwischt! Ich habe eine Mail von meinem Zahnarzt bekommen mit der Aufforderung auf den Link zu klicken! gesagt getan, um 2 Stunden später noch ne zweite mail von meinem Zahnarzt zu erhalten, dass ich den Link ja nicht öffen sollte, da es sich um eine phishing Mail handelt! (explorationformum.com / view.com; Dies war der Link) Mein Avira hat zwar einen Virus gefunden, aber ich bin mir dennoch nicht sicher, ob der Angriff erfolgreich war! Kann mir jemand helfen? Ich wäre sehr sehr dankbar, da ich meinen PC zum arbeiten brauche und deshalb auch sensible Daten auf meinem PC gespeichert habe. dank und gruss dv |
19.03.2015, 15:38 | #2 |
/// the machine /// TB-Ausbilder | Phishing mail Link geklickt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
19.03.2015, 16:03 | #3 |
| Phishing mail Link geklickt FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by sandro (administrator) on YUTTAPOOM on 19-03-2015 21:48:51 Running from C:\Users\sandro\Downloads Loaded Profiles: sandro (Available profiles: sandro) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe () C:\Program Files (x86)\Zoiper\Zoiper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-16] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-16] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-19] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-43689307-4263972533-1171794318-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.) HKU\S-1-5-21-43689307-4263972533-1171794318-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-03] (Adobe Systems Incorporated) HKU\S-1-5-21-43689307-4263972533-1171794318-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.) HKU\S-1-5-21-43689307-4263972533-1171794318-1001\...\Run: [Zoiper] => C:\Program Files (x86)\Zoiper\Zoiper.exe [15730176 2014-07-02] () ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-43689307-4263972533-1171794318-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-43689307-4263972533-1171794318-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-07-02] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-07-02] (Microsoft Corporation) BHO-x32: Zoiper Click2Dial plugin -> {0F25B21A-947C-418E-833E-406B8C9FA9A2} -> C:\Program Files (x86)\Zoiper\ClickToDial\Click2Dial32.dll [2013-12-10] () BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-07] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-07] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-07-02] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\sandro\AppData\Roaming\Mozilla\Firefox\Profiles\6jdsrhos.default FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-07] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-07] (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-07-02] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-13] () FF Extension: Avira Browser Safety - C:\Users\sandro\AppData\Roaming\Mozilla\Firefox\Profiles\6jdsrhos.default\Extensions\abs@avira.com [2015-03-19] FF HKLM-x32\...\Firefox\Extensions: [{f176abfa-5be8-4b97-b851-d694e62fde1f}] - C:\Program Files (x86)\Zoiper\ClickToDial\FireFox FF Extension: Zoiper Click2Dial - C:\Program Files (x86)\Zoiper\ClickToDial\FireFox [2015-03-10] Chrome: ======= CHR StartupUrls: Default -> "https://www.google.ch/" CHR Profile: C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-01] CHR Extension: (Google Drive) - C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01] CHR Extension: (MozBar) - C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2015-01-12] CHR Extension: (Avira Browser Safety) - C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-01] CHR Extension: (Dream Afar New Tab) - C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\henmfoppjjkcencpbjaigfahdjlgpegn [2015-02-21] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Google Wallet) - C:\Users\sandro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [mnddnfkjommiaaaajaajddhmklfanopp] - C:\Program Files (x86)\Zoiper\ClickToDial\Chrome\Click2Dial.crx [2015-03-10] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-19] (Avira Operations GmbH & Co. KG) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed] R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-21] (Microsoft Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-06-28] (ASUS Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-11] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-11] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-06-25] (Avira Operations GmbH & Co. KG) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-19 21:48 - 2015-03-19 21:49 - 00000000 ____D () C:\FRST 2015-03-19 21:48 - 2015-03-19 21:48 - 00018457 _____ () C:\Users\sandro\Downloads\FRST.txt 2015-03-19 21:46 - 2015-03-19 21:47 - 02095616 _____ (Farbar) C:\Users\sandro\Downloads\FRST64.exe 2015-03-17 09:06 - 2015-03-17 09:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-16 20:06 - 2015-03-16 20:06 - 00033591 _____ () C:\Users\sandro\Downloads\Download 2015-03-16 19:40 - 2015-03-16 19:40 - 00000000 _____ () C:\Users\sandro\Downloads\Download.htm 2015-03-11 10:52 - 2015-03-05 04:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-03-11 10:52 - 2015-03-05 04:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-11 09:28 - 2015-02-07 06:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2015-03-11 09:28 - 2015-02-04 06:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2015-03-11 09:28 - 2015-02-04 06:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2015-03-11 09:28 - 2015-02-04 06:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2015-03-11 09:28 - 2015-02-03 06:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll 2015-03-11 09:28 - 2015-02-03 06:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll 2015-03-11 09:28 - 2015-01-27 10:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-03-11 09:28 - 2015-01-24 08:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-03-11 09:27 - 2015-03-06 09:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-03-11 09:27 - 2015-03-06 09:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-03-11 09:27 - 2015-02-26 06:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-03-11 09:27 - 2015-02-21 08:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-03-11 09:27 - 2015-02-21 07:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-03-11 09:27 - 2015-02-21 07:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-03-11 09:27 - 2015-02-20 10:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-03-11 09:27 - 2015-02-20 09:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-03-11 09:27 - 2015-02-20 09:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-03-11 09:27 - 2015-02-20 09:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-03-11 09:27 - 2015-02-20 09:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-03-11 09:27 - 2015-02-20 09:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-03-11 09:27 - 2015-02-20 08:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-03-11 09:27 - 2015-02-20 08:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-03-11 09:27 - 2015-02-20 08:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-03-11 09:27 - 2015-02-20 07:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-03-11 09:27 - 2015-02-06 08:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-03-11 09:27 - 2015-02-06 08:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-03-11 09:27 - 2015-02-06 03:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-03-11 09:27 - 2015-02-03 07:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2015-03-11 09:27 - 2015-02-03 07:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2015-03-11 09:27 - 2015-01-31 06:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-03-11 09:27 - 2015-01-31 06:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-03-11 09:27 - 2015-01-30 10:01 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys 2015-03-11 09:27 - 2015-01-30 09:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll 2015-03-11 09:27 - 2015-01-30 09:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll 2015-03-11 09:27 - 2015-01-30 08:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll 2015-03-11 09:27 - 2015-01-30 08:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll 2015-03-11 09:27 - 2015-01-30 08:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll 2015-03-11 09:27 - 2015-01-29 08:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll 2015-03-11 09:27 - 2015-01-29 08:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll 2015-03-11 09:27 - 2015-01-29 08:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-11 09:27 - 2015-01-29 08:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-03-11 09:27 - 2015-01-29 08:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2015-03-11 09:27 - 2015-01-29 08:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-03-11 09:27 - 2015-01-29 07:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-03-11 09:27 - 2015-01-29 07:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-03-11 09:27 - 2015-01-29 07:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-03-11 09:27 - 2015-01-29 07:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-03-11 09:27 - 2015-01-28 09:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll 2015-03-11 09:27 - 2015-01-28 08:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2015-03-11 09:27 - 2015-01-23 14:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2015-03-11 09:27 - 2015-01-23 12:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2015-03-11 09:27 - 2014-10-29 09:49 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2015-03-11 09:27 - 2014-10-29 09:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2015-03-11 09:27 - 2014-10-29 09:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2015-03-11 09:27 - 2014-10-29 09:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe 2015-03-11 09:27 - 2014-10-29 09:34 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2015-03-11 09:27 - 2014-10-29 09:34 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe 2015-03-11 09:27 - 2014-10-29 09:34 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2015-03-11 09:27 - 2014-10-29 09:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll 2015-03-11 09:27 - 2014-10-29 09:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2015-03-11 09:27 - 2014-10-29 09:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2015-03-11 09:27 - 2014-10-29 09:00 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2015-03-11 09:27 - 2014-10-29 08:58 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe 2015-03-11 09:27 - 2014-10-29 08:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll 2015-03-11 09:27 - 2014-10-29 08:51 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-03-11 09:27 - 2014-10-29 08:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll 2015-03-11 09:27 - 2014-10-29 08:28 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll 2015-03-11 09:27 - 2014-10-29 08:28 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll 2015-03-11 09:27 - 2014-10-29 08:20 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-03-11 09:27 - 2014-10-29 08:15 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll 2015-03-11 09:27 - 2014-10-29 08:13 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-03-11 09:27 - 2014-10-29 07:55 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-03-11 09:27 - 2014-10-29 07:55 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2015-03-11 09:27 - 2014-10-29 07:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2015-03-11 09:27 - 2014-10-29 07:41 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2015-03-11 09:27 - 2014-10-29 07:35 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2015-03-11 09:26 - 2015-02-21 07:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-03-11 09:26 - 2015-02-21 07:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-03-11 09:26 - 2015-02-21 06:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-03-11 09:26 - 2015-02-21 06:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-03-11 09:26 - 2015-02-20 09:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-03-11 09:26 - 2015-02-20 09:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-03-11 09:26 - 2015-02-20 09:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-03-11 09:26 - 2015-02-20 09:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2015-03-11 09:26 - 2015-02-20 09:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-03-11 09:26 - 2015-02-20 09:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-03-11 09:26 - 2015-02-20 09:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-03-11 09:26 - 2015-02-20 09:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-03-11 09:26 - 2015-02-20 09:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-03-11 09:26 - 2015-02-20 08:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-03-11 09:26 - 2015-02-20 08:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-03-11 09:26 - 2015-02-20 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-03-11 09:26 - 2015-02-20 08:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-03-11 09:26 - 2015-02-20 08:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2015-03-11 09:26 - 2015-02-20 08:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-03-11 09:26 - 2015-02-20 08:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-03-11 09:26 - 2015-02-20 08:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-03-11 09:26 - 2015-02-20 08:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-03-11 09:26 - 2015-02-20 08:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-03-11 09:26 - 2015-02-20 08:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-03-11 09:26 - 2015-02-20 08:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-03-11 09:26 - 2015-02-20 08:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-03-11 09:26 - 2015-02-20 08:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-03-11 09:26 - 2015-02-20 07:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-03-11 09:26 - 2015-02-13 00:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-03-11 09:26 - 2015-02-13 00:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-03-11 09:26 - 2015-02-08 06:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-03-11 09:26 - 2015-02-08 06:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-03-11 09:26 - 2015-01-31 06:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2015-03-11 09:26 - 2015-01-30 09:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll 2015-03-11 09:26 - 2015-01-30 08:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll 2015-03-11 09:26 - 2015-01-30 08:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll 2015-03-11 09:26 - 2015-01-30 08:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll 2015-03-11 09:26 - 2015-01-30 08:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll 2015-03-11 09:26 - 2015-01-30 08:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll 2015-03-11 09:26 - 2015-01-30 08:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll 2015-03-11 09:26 - 2015-01-30 08:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll 2015-03-11 09:26 - 2015-01-30 01:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2015-03-11 09:26 - 2015-01-30 01:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-03-11 09:26 - 2015-01-28 22:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-03-11 09:26 - 2015-01-28 22:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-03-11 09:26 - 2015-01-28 22:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-03-11 09:26 - 2015-01-28 08:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll 2015-03-11 09:26 - 2015-01-28 08:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll 2015-03-11 09:26 - 2015-01-28 06:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-03-11 09:26 - 2015-01-28 06:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-03-11 09:26 - 2015-01-27 11:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2015-03-11 09:26 - 2015-01-27 09:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2015-03-11 09:26 - 2015-01-21 12:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2015-03-11 09:26 - 2015-01-21 12:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2015-03-11 09:26 - 2014-12-11 12:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe 2015-03-11 09:26 - 2014-10-29 10:56 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2015-03-11 09:26 - 2014-10-29 09:37 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2015-03-11 09:26 - 2014-10-29 08:19 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll 2015-03-11 09:26 - 2014-10-29 07:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll 2015-03-10 09:39 - 2015-03-18 09:27 - 00000000 ____D () C:\Users\sandro\AppData\Roaming\Zoiper 2015-03-10 09:39 - 2015-03-18 09:16 - 00000000 ____D () C:\ProgramData\Zoiper 2015-03-10 09:38 - 2015-03-10 09:39 - 00000000 ____D () C:\Program Files (x86)\Zoiper 2015-03-10 09:38 - 2015-03-10 09:38 - 00001017 _____ () C:\Users\Public\Desktop\Zoiper.lnk 2015-03-10 09:38 - 2015-03-10 09:38 - 00000000 ____D () C:\Users\sandro\AppData\Local\Opera 2015-03-10 09:38 - 2015-03-10 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoiper 2015-03-10 09:31 - 2015-03-10 09:33 - 24443288 _____ (Securax LTD) C:\Users\sandro\Downloads\Zoiper_Biz_3.6_Setup.exe 2015-03-09 09:42 - 2015-03-09 09:42 - 00040142 _____ () C:\Users\sandro\Downloads\users (1).csv 2015-02-27 14:08 - 2015-02-27 14:08 - 00115777 _____ () C:\Users\sandro\Downloads\Backlinks Tutti.xlsx 2015-02-27 14:08 - 2015-02-27 14:08 - 00115777 _____ () C:\Users\sandro\Downloads\Backlinks Tutti (1).xlsx 2015-02-26 18:19 - 2015-02-26 18:22 - 00000000 ____D () C:\Users\sandro\Desktop\Wordpress tutorials 2015-02-25 17:35 - 2015-02-25 17:35 - 00055052 _____ () C:\Users\sandro\Downloads\users.csv 2015-02-25 14:07 - 2015-02-23 14:30 - 00000000 ____D () C:\Users\sandro\Downloads\wordpress-seo 2015-02-25 14:06 - 2015-02-25 14:06 - 01619298 _____ () C:\Users\sandro\Downloads\wordpress-seo.1.7.3.3 (1).zip 2015-02-25 11:00 - 2014-12-14 04:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls 2015-02-25 11:00 - 2014-12-14 04:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls 2015-02-25 11:00 - 2014-10-29 08:27 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2015-02-25 11:00 - 2014-10-29 08:27 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2015-02-25 11:00 - 2014-10-29 08:04 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-02-25 11:00 - 2014-10-29 08:04 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2015-02-25 10:23 - 2015-02-26 09:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-02-24 19:13 - 2015-02-24 19:13 - 00002201 _____ () C:\Users\sandro\Downloads\auto-google-2015-02-03.csv 2015-02-24 18:02 - 2015-02-24 18:02 - 01619298 _____ () C:\Users\sandro\Downloads\wordpress-seo.1.7.3.3.zip 2015-02-24 17:16 - 2015-02-24 17:16 - 00015321 _____ () C:\Users\sandro\Downloads\Shops list and details.xlsx 2015-02-21 10:39 - 2015-02-21 10:39 - 00000000 ____D () C:\Users\sandro\AppData\Local\Intel_Corporation 2015-02-20 15:32 - 2015-02-20 16:32 - 00000000 ____D () C:\Program Files (x86)\Gyazo 2015-02-20 15:32 - 2015-02-20 15:32 - 00003752 _____ () C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine 2015-02-20 15:32 - 2015-02-20 15:32 - 00000996 _____ () C:\Users\Public\Desktop\Gyazo.lnk 2015-02-20 15:32 - 2015-02-20 15:32 - 00000996 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk 2015-02-20 15:32 - 2015-02-20 15:32 - 00000000 ____D () C:\Users\sandro\AppData\Roaming\Gyazo 2015-02-20 15:32 - 2015-02-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo 2015-02-20 15:31 - 2015-02-20 15:31 - 09698760 _____ (Nota Inc. ) C:\Users\sandro\Downloads\Gyazo-2.3.0.exe 2015-02-20 08:52 - 2015-02-20 08:52 - 00013651 _____ () C:\Users\sandro\Downloads\Babacos Passwords.xlsx (2).xlsx 2015-02-20 08:50 - 2015-02-20 08:50 - 00013702 _____ () C:\Users\sandro\Downloads\Babacos Passwords.xlsx (1).xlsx 2015-02-20 08:47 - 2015-02-20 08:47 - 00013615 _____ () C:\Users\sandro\Downloads\Babacos Passwords.xlsx.xlsx 2015-02-19 12:17 - 2015-02-19 12:17 - 01000446 _____ () C:\Users\sandro\Downloads\Unitag_QRCode_1424323048981.zip 2015-02-18 11:19 - 2015-02-18 11:19 - 00009540 _____ () C:\Users\sandro\Downloads\bezahlwerbung babacos.xlsx 2015-02-18 08:34 - 2015-02-18 08:34 - 00000050 _____ () C:\Users\sandro\Desktop\Frame Box - Lightweight online tool for creating mockups.url ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-19 21:49 - 2014-07-20 20:16 - 01739088 _____ () C:\WINDOWS\WindowsUpdate.log 2015-03-19 21:30 - 2014-07-01 22:10 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-19 21:24 - 2014-07-01 22:13 - 00000000 ____D () C:\Users\sandro\AppData\Roaming\Skype 2015-03-19 21:00 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-03-19 20:51 - 2014-07-01 22:57 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-43689307-4263972533-1171794318-1001 2015-03-19 20:46 - 2014-07-01 22:10 - 00000000 ____D () C:\Program Files (x86)\Google 2015-03-19 20:37 - 2015-01-05 15:50 - 00000000 ____D () C:\Users\sandro\Desktop\Hhomepage 2015-03-19 15:55 - 2014-10-21 19:03 - 03418112 ___SH () C:\Users\sandro\Downloads\Thumbs.db 2015-03-19 15:44 - 2014-08-20 11:02 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C2877515-4C20-40D9-9A5D-3BC3D035B6BF} 2015-03-19 09:37 - 2014-07-04 00:21 - 00000000 ____D () C:\Users\sandro\AppData\Local\Adobe 2015-03-18 16:36 - 2014-07-01 22:01 - 00000000 ____D () C:\Users\sandro\AppData\Local\Packages 2015-03-17 16:24 - 2014-07-01 22:03 - 00000074 _____ () C:\Users\sandro\AppData\Roaming\sp_data.sys 2015-03-17 16:23 - 2014-07-21 01:51 - 00000000 __RDO () C:\Users\sandro\OneDrive 2015-03-17 16:23 - 2014-07-01 22:10 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-17 12:15 - 2014-12-06 23:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-16 20:28 - 2015-02-03 17:27 - 00000132 _____ () C:\Users\sandro\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format 2015-03-14 16:20 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-03-13 11:19 - 2014-03-18 17:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-03-13 11:19 - 2014-03-18 16:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat 2015-03-13 11:19 - 2014-03-18 16:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat 2015-03-13 11:04 - 2013-08-22 21:46 - 00294911 _____ () C:\WINDOWS\setupact.log 2015-03-12 10:20 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\rescache 2015-03-11 10:50 - 2013-08-22 21:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-03-11 10:50 - 2013-08-22 21:44 - 00418248 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-03-11 10:48 - 2013-08-22 20:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-03-11 10:43 - 2013-08-22 22:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2015-03-11 10:43 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-11 10:43 - 2013-08-22 22:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-03-11 10:43 - 2013-08-22 22:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-11 10:43 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\WinStore 2015-03-11 10:43 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-11 10:43 - 2013-08-22 22:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-03-11 10:32 - 2014-07-03 22:03 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-03-11 10:32 - 2014-07-01 22:34 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-03-11 10:32 - 2014-07-01 22:34 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-03-11 10:23 - 2012-07-26 14:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-03-11 10:12 - 2014-07-02 00:02 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-03-11 10:06 - 2014-07-02 00:02 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-03-09 16:34 - 2014-03-18 08:50 - 00029952 _____ () C:\WINDOWS\PFRO.log 2015-02-25 09:04 - 2014-07-01 22:13 - 00000000 ____D () C:\ProgramData\Skype 2015-02-25 09:03 - 2014-09-17 13:01 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-02-24 19:22 - 2015-01-07 09:14 - 00000000 ____D () C:\Users\sandro\AppData\Roaming\Kopsik 2015-02-24 19:16 - 2014-07-20 19:58 - 00000000 ____D () C:\Users\sandro 2015-02-24 18:49 - 2013-08-22 22:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2015-02-21 20:33 - 2013-04-26 06:18 - 00000000 ____D () C:\ProgramData\McAfee 2015-02-21 10:43 - 2012-07-26 15:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2015-02-21 10:42 - 2012-07-26 12:37 - 00000000 ____D () C:\Users\Default.migrated 2015-02-21 10:40 - 2014-11-03 19:50 - 00000000 ____D () C:\Users\sandro\AppData\Roaming\uTorrent ==================== Files in the root of some directories ======= 2015-02-03 17:27 - 2015-03-16 20:28 - 0000132 _____ () C:\Users\sandro\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format 2014-07-01 22:03 - 2015-03-17 16:24 - 0000074 _____ () C:\Users\sandro\AppData\Roaming\sp_data.sys 2014-11-24 13:16 - 2015-02-03 17:28 - 0001456 _____ () C:\Users\sandro\AppData\Local\Adobe Für Web speichern 12.0 Prefs 2013-04-26 06:15 - 2012-09-07 18:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2013-04-26 06:15 - 2009-07-22 17:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2013-04-26 06:15 - 2012-09-07 18:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS Files to move or delete: ==================== C:\ProgramData\SetStretch.exe C:\ProgramData\SetStretch.VBS Some content of TEMP: ==================== C:\Users\sandro\AppData\Local\Temp\avgnt.exe C:\Users\sandro\AppData\Local\Temp\COMAP.EXE C:\Users\sandro\AppData\Local\Temp\readSTILog.dll C:\Users\sandro\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-11 11:01 ==================== End Of Log ============================ --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015 Ran by sandro at 2015-03-19 21:58:44 Running from C:\Users\sandro\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated) Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.0 - Adobe Systems Incorporated) Adobe Premiere Elements 12 (Version: 12.0 - Adobe Systems Incorporated) Hidden Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS) ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.0 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS) Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG) Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira) Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) LINE (HKLM-x32\...\LINE) (Version: 3.9.0.172 - LINE Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4623.1003 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-43689307-4263972533-1171794318-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla) Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla) MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden PRE12 STI 64Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden TogglDesktop (HKLM-x32\...\{994291FA-F8F2-4C87-A40B-F9CFB9E8587E}) (Version: 7.1.171 - Toggl) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden Windows Driver Package - ASUS (ATP) Mouse (05/09/2013 1.0.0.173) (HKLM\...\1016059FBF327ED9E3BAE758BD08CF10D3C6252D) (Version: 05/09/2013 1.0.0.173 - ASUS) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS) WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Zoiper (HKLM-x32\...\Zoiper) (Version: 3.6 - Securax LTD) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-43689307-4263972533-1171794318-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\sandro\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-43689307-4263972533-1171794318-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\sandro\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-43689307-4263972533-1171794318-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\sandro\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-43689307-4263972533-1171794318-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\sandro\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 25-02-2015 11:34:02 Windows Update 09-03-2015 09:10:48 Geplanter Prüfpunkt 19-03-2015 10:04:13 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 20:25 - 2013-08-22 20:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {2222990E-99CA-47BB-8F77-735FD38E5172} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.) Task: {23A78E4D-1AAE-4CFB-A14E-9B131F71CA3D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-dallavalle@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated) Task: {28B80DBD-06F0-4C3C-B3FD-3381A7E8F033} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {4DAF6D52-012C-48F0-BE81-543132E5962F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {589E5C04-A3D7-4AA8-911F-D7DCCFF38AE0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-05-13] (Microsoft Corporation) Task: {5B890108-3E45-4ECA-83C1-1904392F21E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-01] (Google Inc.) Task: {9031FC9B-9583-449A-9274-D890DAB72072} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-06-28] (AsusTek) Task: {9B6A3482-DE3E-47E7-8C1F-0880002E1D20} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS) Task: {A7918030-6AF4-4767-96A9-FE1B42F2568A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {B25CC78C-A420-4C01-BCEC-669160A202A5} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] () Task: {BBF9DB11-505D-472F-9DA7-953EFB489AD4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-11] (Microsoft Corporation) Task: {C7EFED28-5963-4CF7-9C54-E212EF66FE02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-01] (Google Inc.) Task: {E95725DF-B4BD-47DE-81A4-46436CF2963C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS) Task: {ED0BD55E-0799-474C-BD1C-7F0CD3E58906} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] () Task: {F39790A5-5DE0-45BA-86CC-3E02212A0DC7} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2012-12-19 13:10 - 2012-12-19 13:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 2014-07-02 06:29 - 2013-10-31 23:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2012-08-24 23:26 - 2012-08-24 23:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2013-07-22 09:52 - 2012-12-14 05:14 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-03-10 09:38 - 2014-07-02 18:05 - 15730176 _____ () C:\Program Files (x86)\Zoiper\Zoiper.exe 2015-03-10 09:38 - 2013-10-01 15:42 - 00280064 _____ () C:\Program Files (x86)\Zoiper\Plugins\Generic.dll 2014-04-23 21:05 - 2014-04-23 21:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 21:04 - 2014-04-23 21:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-17 16:58 - 2012-06-25 16:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-02-25 10:23 - 2015-02-25 10:23 - 03348080 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2015-02-25 10:23 - 2015-02-25 10:23 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2015-02-25 10:23 - 2015-02-25 10:23 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\sandro\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-43689307-4263972533-1171794318-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sandro\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "iTunesHelper" ==================== Accounts: ============================= Administrator (S-1-5-21-43689307-4263972533-1171794318-500 - Administrator - Disabled) Gast (S-1-5-21-43689307-4263972533-1171794318-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-43689307-4263972533-1171794318-1005 - Limited - Enabled) sandro (S-1-5-21-43689307-4263972533-1171794318-1001 - Administrator - Enabled) => C:\Users\sandro ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/19/2015 07:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5241046 Error: (03/19/2015 07:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5241046 Error: (03/19/2015 07:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/19/2015 05:19:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9 Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53086d7c Ausnahmecode: 0xc0000005 Fehleroffset: 0x000499a8 ID des fehlerhaften Prozesses: 0x260c Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0 Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1 Pfad des fehlerhaften Moduls: IEXPLORE.EXE2 Berichtskennung: IEXPLORE.EXE3 Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5 Error: (03/18/2015 08:43:54 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (03/17/2015 00:24:14 PM) (Source: Avira Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message) bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey() bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start() bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView) bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid) bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid) bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason) bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription) bei S... Error: (03/15/2015 11:52:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (03/13/2015 09:49:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: TogglDesktop.exe, Version: 7.1.171.0, Zeitstempel: 0x54ad46ac Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460 Ausnahmecode: 0xe0434352 Fehleroffset: 0x00012f71 ID des fehlerhaften Prozesses: 0x1760 Startzeit der fehlerhaften Anwendung: 0xTogglDesktop.exe0 Pfad der fehlerhaften Anwendung: TogglDesktop.exe1 Pfad des fehlerhaften Moduls: TogglDesktop.exe2 Berichtskennung: TogglDesktop.exe3 Vollständiger Name des fehlerhaften Pakets: TogglDesktop.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TogglDesktop.exe5 Error: (03/13/2015 09:49:33 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: TogglDesktop.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.ArgumentNullException Stapel: bei System.Linq.Enumerable.Select[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,System.__Canon>) bei Bugsnag.Library.BugSnag.ProcessExceptions(System.Collections.Generic.List`1<System.Exception>, System.String, System.String, System.Object) bei Bugsnag.Library.BugSnag.Notify(System.Collections.Generic.List`1<System.Exception>, System.String, System.String, System.Object) bei Bugsnag.Library.BugSnag.Notify(System.Exception, System.String, System.String, System.Object) bei TogglDesktop.Program.notifyBugsnag(System.Exception) bei TogglDesktop.Program.<Main>b__2(System.String, Boolean) bei TogglDesktop.Toggl+DisplayError.Invoke(System.String, Boolean) bei TogglDesktop.Toggl.<Start>b__1(System.String, Boolean) Error: (03/13/2015 09:49:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: TogglDesktop.exe, Version: 7.1.171.0, Zeitstempel: 0x54ad46ac Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb460 Ausnahmecode: 0xe0434352 Fehleroffset: 0x00012f71 ID des fehlerhaften Prozesses: 0xd08 Startzeit der fehlerhaften Anwendung: 0xTogglDesktop.exe0 Pfad der fehlerhaften Anwendung: TogglDesktop.exe1 Pfad des fehlerhaften Moduls: TogglDesktop.exe2 Berichtskennung: TogglDesktop.exe3 Vollständiger Name des fehlerhaften Pakets: TogglDesktop.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TogglDesktop.exe5 System errors: ============= Error: (03/19/2015 08:26:50 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.1.35 mit dem Computer mit der Netzwerkhardwareadresse 90-EF-68-66-8A-FC ermittelt. Netzwerkvorgänge könnten daher auf diesem System unterbrochen werden. Error: (03/19/2015 07:58:06 PM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Error: (03/19/2015 09:34:23 AM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Error: (03/18/2015 11:22:35 PM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Error: (03/18/2015 11:13:09 PM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Error: (03/18/2015 11:18:39 AM) (Source: Ntfs) (EventID: 138) (User: ) Description: Bei "C:\" wurde vom Transaktionsressourcen-Manager ein schwerwiegender Fehler festgestellt, und er wurde heruntergefahren. Der Fehlercode ist in den Daten enthalten. Error: (03/18/2015 10:13:08 AM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Error: (03/18/2015 08:43:55 AM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Error: (03/17/2015 11:01:27 PM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Error: (03/17/2015 07:45:57 PM) (Source: iaStorA) (EventID: 4102) (User: ) Description: Error log: Smart event occured on disk :TMA51C4T0LJ74L Microsoft Office Sessions: ========================= Error: (03/19/2015 07:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5241046 Error: (03/19/2015 07:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5241046 Error: (03/19/2015 07:58:10 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/19/2015 05:19:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: IEXPLORE.EXE11.0.9600.174165452eed9combase.dll6.3.9600.1703153086d7cc0000005000499a8260c01d0622cce90b033C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\combase.dll6d57e312-ce21-11e4-bea1-d850e60a57b7 Error: (03/18/2015 08:43:54 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (03/17/2015 00:24:14 PM) (Source: Avira Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.ComponentModel.Win32Exception (0x80004005): Key (Users\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall) could not be opened Error: 87, Hive: Users, Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall bei Avira.OE.WinCore.Utility.RegistryValueWatcher.CheckResultAndThrowWin32Exception(Int32 result, String message) bei Avira.OE.WinCore.Utility.RegistryValueWatcher.OpenRegKey() bei Avira.OE.WinCore.Utility.RegistryValueWatcher.Start() bei Avira.OE.ServiceHost.AppInfoRepositoryFactory.CreateRegistryAppInfoRepository(RegistryHive registryHive, String registryPath, RegistryView registryView) bei Avira.OE.ServiceHost.DesktopApplications.UpdateUserAppInfoRepository(String userSid) bei Avira.OE.ServiceHost.DesktopApplications.UpdateOnNewUserSid(String userSid) bei Avira.OE.ServiceHost.DesktopApplications.OnSessionChange(Int32 sessionId, SessionChangeReason reason) bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription) bei S... Error: (03/15/2015 11:52:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (03/13/2015 09:49:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: TogglDesktop.exe7.1.171.054ad46acKERNELBASE.dll6.3.9600.1727853eeb460e043435200012f71176001d05d3853113eccC:\Program Files (x86)\Toggl\TogglDesktop\TogglDesktop.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll93cbdd58-c92b-11e4-bea1-d850e60a57b7 Error: (03/13/2015 09:49:33 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: TogglDesktop.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.ArgumentNullException Stapel: bei System.Linq.Enumerable.Select[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,System.__Canon>) bei Bugsnag.Library.BugSnag.ProcessExceptions(System.Collections.Generic.List`1<System.Exception>, System.String, System.String, System.Object) bei Bugsnag.Library.BugSnag.Notify(System.Collections.Generic.List`1<System.Exception>, System.String, System.String, System.Object) bei Bugsnag.Library.BugSnag.Notify(System.Exception, System.String, System.String, System.Object) bei TogglDesktop.Program.notifyBugsnag(System.Exception) bei TogglDesktop.Program.<Main>b__2(System.String, Boolean) bei TogglDesktop.Toggl+DisplayError.Invoke(System.String, Boolean) bei TogglDesktop.Toggl.<Start>b__1(System.String, Boolean) Error: (03/13/2015 09:49:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: TogglDesktop.exe7.1.171.054ad46acKERNELBASE.dll6.3.9600.1727853eeb460e043435200012f71d0801d05d3846c1d7ceC:\Program Files (x86)\Toggl\TogglDesktop\TogglDesktop.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll896c32f1-c92b-11e4-bea1-d850e60a57b7 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz Percentage of memory in use: 29% Total physical RAM: 8077.74 MB Available physical RAM: 5677.13 MB Total Pagefile: 9357.74 MB Available Pagefile: 6539.1 MB Total Virtual: 131072 MB Available Virtual: 131071.78 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:185.52 GB) (Free:133.55 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:258.34 GB) (Free:258.22 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 568814A2) Partition: GPT Partition Type. ==================== End Of Log ============================ Geändert von sdv (19.03.2015 um 16:02 Uhr) |
19.03.2015, 21:25 | #4 |
/// the machine /// TB-Ausbilder | Phishing mail Link geklickt hi, Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.03.2015, 03:56 | #5 |
| Phishing mail Link geklickt hi und vielen dank für die rasche hilfe! hat das mit dem Link klicken demfall schon gereicht um infiziert zu werden? nun sehe ich, dass die mbar beim scan immer hängenbleibt! und zwar bei der Datei C:\PROGRAMM FILES (X86)\ASUS\APRP\APRP.EXE ich kann dann nichts mehr machen und wenn ich den scan abbreche, um den scan nochmals zu starten hängt sich die mbar auf! was soll ich tun? |
20.03.2015, 06:57 | #6 |
/// the machine /// TB-Ausbilder | Phishing mail Link geklickt Lass MBAR weg und mach TDSSKiller. In der REgel reicht das Klicken nicht. Aber sicher ist sicher
__________________ --> Phishing mail Link geklickt |
20.03.2015, 08:57 | #7 |
| Phishing mail Link geklickt 14:48:45.0628 0x1584 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04 14:48:45.0628 0x1584 UEFI system 14:50:34.0354 0x1584 ============================================================ 14:50:34.0354 0x1584 Current date / time: 2015/03/20 14:50:34.0354 14:50:34.0354 0x1584 SystemInfo: 14:50:34.0354 0x1584 14:50:34.0354 0x1584 OS Version: 6.3.9600 ServicePack: 0.0 14:50:34.0354 0x1584 Product type: Workstation 14:50:34.0354 0x1584 ComputerName: YUTTAPOOM 14:50:34.0354 0x1584 UserName: sandro 14:50:34.0354 0x1584 Windows directory: C:\WINDOWS 14:50:34.0354 0x1584 System windows directory: C:\WINDOWS 14:50:34.0354 0x1584 Running under WOW64 14:50:34.0354 0x1584 Processor architecture: Intel x64 14:50:34.0354 0x1584 Number of processors: 4 14:50:34.0354 0x1584 Page size: 0x1000 14:50:34.0354 0x1584 Boot type: Normal boot 14:50:34.0354 0x1584 ============================================================ 14:50:34.0745 0x1584 KLMD registered as C:\WINDOWS\system32\drivers\50757168.sys 14:50:37.0221 0x1584 System UUID: {B3F0A032-9C84-5D5D-81AC-D314AC5EB612} 14:50:39.0959 0x1584 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:50:40.0064 0x1584 ============================================================ 14:50:40.0064 0x1584 \Device\Harddisk0\DR0: 14:50:40.0064 0x1584 GPT partitions: 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C1223879-9ED5-4DD7-98A5-3BBE87DE0300}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {58FA7EF7-1D60-4EDF-B905-AC3848736E2F}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4757782B-C8C7-42C3-B5D1-5EACDFF5A295}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {ACC52C4D-EEF3-457F-81DE-2E6899C0DB64}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x1730C000 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4F9E8724-E684-4A05-BED6-C6D1B522FF5B}, Name: , StartLBA 0x17540800, BlocksNum 0xE1000 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {61CA1E29-0292-412F-A5A0-BC2697D03884}, Name: , StartLBA 0x17621800, BlocksNum 0xAF000 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {51D8070B-C155-4AE1-82EC-E34C74E85B9D}, Name: Basic data partition, StartLBA 0x176D0800, BlocksNum 0x204B0800 14:50:40.0065 0x1584 \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {122D0591-5CAE-47D8-B5DF-94764B00401D}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000 14:50:40.0065 0x1584 MBR partitions: 14:50:40.0065 0x1584 ============================================================ 14:50:40.0147 0x1584 C: <-> \Device\Harddisk0\DR0\Partition4 14:50:40.0246 0x1584 D: <-> \Device\Harddisk0\DR0\Partition7 14:50:40.0246 0x1584 ============================================================ 14:50:40.0246 0x1584 Initialize success 14:50:40.0246 0x1584 ============================================================ 14:52:37.0364 0x0ccc ============================================================ 14:52:37.0364 0x0ccc Scan started 14:52:37.0364 0x0ccc Mode: Manual; SigCheck; TDLFS; 14:52:37.0364 0x0ccc ============================================================ 14:52:37.0364 0x0ccc KSN ping started 14:52:37.0805 0x0ccc KSN ping finished: true 14:52:42.0854 0x0ccc ================ Scan system memory ======================== 14:52:42.0854 0x0ccc System memory - ok 14:52:42.0854 0x0ccc ================ Scan services ============================= 14:52:43.0183 0x0ccc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 14:52:43.0277 0x0ccc 1394ohci - ok 14:52:43.0293 0x0ccc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 14:52:43.0308 0x0ccc 3ware - ok 14:52:43.0402 0x0ccc [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 14:52:43.0418 0x0ccc ACPI - ok 14:52:43.0449 0x0ccc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 14:52:43.0449 0x0ccc acpiex - ok 14:52:43.0480 0x0ccc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 14:52:43.0496 0x0ccc acpipagr - ok 14:52:43.0542 0x0ccc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 14:52:43.0587 0x0ccc AcpiPmi - ok 14:52:43.0603 0x0ccc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 14:52:43.0618 0x0ccc acpitime - ok 14:52:43.0696 0x0ccc [ 4BA3BFF03B1A10E49B590BE3C4D79C10, 54D0159ACD6FB93EE08CBB2C7BA13DC3ECD131EE26E07E53040FB3976CC4FBAE ] AdobeActiveFileMonitor12.0 C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe 14:52:43.0712 0x0ccc AdobeActiveFileMonitor12.0 - ok 14:52:43.0759 0x0ccc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 14:52:43.0775 0x0ccc ADP80XX - ok 14:52:43.0806 0x0ccc [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 14:52:43.0900 0x0ccc AeLookupSvc - ok 14:52:43.0993 0x0ccc [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys 14:52:44.0087 0x0ccc AFD - ok 14:52:44.0118 0x0ccc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 14:52:44.0118 0x0ccc agp440 - ok 14:52:44.0150 0x0ccc [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 14:52:44.0196 0x0ccc ahcache - ok 14:52:44.0228 0x0ccc [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys 14:52:44.0228 0x0ccc AiCharger - ok 14:52:44.0259 0x0ccc [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe 14:52:44.0306 0x0ccc ALG - ok 14:52:44.0321 0x0ccc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 14:52:44.0353 0x0ccc AmdK8 - ok 14:52:44.0368 0x0ccc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 14:52:44.0400 0x0ccc AmdPPM - ok 14:52:44.0415 0x0ccc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 14:52:44.0431 0x0ccc amdsata - ok 14:52:44.0462 0x0ccc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 14:52:44.0478 0x0ccc amdsbs - ok 14:52:44.0493 0x0ccc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 14:52:44.0509 0x0ccc amdxata - ok 14:52:44.0665 0x0ccc [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 14:52:44.0681 0x0ccc AntiVirSchedulerService - ok 14:52:44.0696 0x0ccc [ 624D29E2D70F83147A79043FD0024D1D, 8B9D4692529155893E3E73E2CF1B0A36354C7032C9524FDCBC5D57562F7F0342 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 14:52:44.0712 0x0ccc AntiVirService - ok 14:52:44.0743 0x0ccc [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys 14:52:44.0775 0x0ccc AppID - ok 14:52:44.0806 0x0ccc [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 14:52:44.0837 0x0ccc AppIDSvc - ok 14:52:44.0868 0x0ccc [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll 14:52:44.0900 0x0ccc Appinfo - ok 14:52:44.0946 0x0ccc [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:52:44.0962 0x0ccc Apple Mobile Device - ok 14:52:44.0993 0x0ccc [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 14:52:45.0056 0x0ccc AppReadiness - ok 14:52:45.0103 0x0ccc [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 14:52:45.0189 0x0ccc AppXSvc - ok 14:52:45.0220 0x0ccc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 14:52:45.0220 0x0ccc arcsas - ok 14:52:45.0298 0x0ccc [ E40AF754F43E3B44E2D6DE829267AD52, 5F9427E595A56464807D071205FB4DFD6BB21B68058E67529DC1727D32FAB0AD ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe 14:52:45.0314 0x0ccc ASLDRService - ok 14:52:45.0314 0x0ccc [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 14:52:45.0314 0x0ccc ASMMAP64 - ok 14:52:45.0345 0x0ccc [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe 14:52:45.0360 0x0ccc ASUS InstantOn - ok 14:52:45.0392 0x0ccc [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe 14:52:45.0407 0x0ccc Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 ) 14:52:46.0032 0x0ccc Detect skipped due to KSN trusted 14:52:46.0032 0x0ccc Asus WebStorage Windows Service - ok 14:52:46.0079 0x0ccc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 14:52:46.0110 0x0ccc atapi - ok 14:52:46.0329 0x0ccc [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys 14:52:46.0454 0x0ccc athr - ok 14:52:46.0501 0x0ccc [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 14:52:46.0517 0x0ccc ATKGFNEXSrv - ok 14:52:46.0533 0x0ccc [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 14:52:46.0548 0x0ccc ATKWMIACPIIO - ok 14:52:46.0595 0x0ccc [ 74D09AC81A7BD9E5361B3F623F78608A, D97271ED81F7408892CDDFC00168FF0000E6507B46A0197B1FB81F86B9034C9F ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys 14:52:46.0595 0x0ccc ATP - ok 14:52:46.0626 0x0ccc [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 14:52:46.0704 0x0ccc AudioEndpointBuilder - ok 14:52:46.0736 0x0ccc [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 14:52:46.0767 0x0ccc Audiosrv - ok 14:52:46.0798 0x0ccc [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 14:52:46.0798 0x0ccc avgntflt - ok 14:52:46.0829 0x0ccc [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 14:52:46.0845 0x0ccc avipbb - ok 14:52:46.0892 0x0ccc [ 523EBA6B6124EC416FF35A37BB47C30A, D2C545BB78E91ECCD3FFACFB524D03DFD5E277871A2500164F3602445A8A86FA ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe 14:52:46.0908 0x0ccc Avira.OE.ServiceHost - ok 14:52:46.0923 0x0ccc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 14:52:46.0923 0x0ccc avkmgr - ok 14:52:46.0970 0x0ccc [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 14:52:47.0001 0x0ccc AxInstSV - ok 14:52:47.0048 0x0ccc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 14:52:47.0064 0x0ccc b06bdrv - ok 14:52:47.0126 0x0ccc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 14:52:47.0173 0x0ccc BasicDisplay - ok 14:52:47.0204 0x0ccc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 14:52:47.0251 0x0ccc BasicRender - ok 14:52:47.0267 0x0ccc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 14:52:47.0267 0x0ccc bcmfn2 - ok 14:52:47.0298 0x0ccc [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 14:52:47.0345 0x0ccc BDESVC - ok 14:52:47.0392 0x0ccc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 14:52:47.0423 0x0ccc Beep - ok 14:52:47.0470 0x0ccc [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll 14:52:47.0517 0x0ccc BFE - ok 14:52:47.0564 0x0ccc [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll 14:52:47.0642 0x0ccc BITS - ok 14:52:47.0704 0x0ccc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 14:52:47.0720 0x0ccc Bonjour Service - ok 14:52:47.0736 0x0ccc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 14:52:47.0783 0x0ccc bowser - ok 14:52:47.0814 0x0ccc [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 14:52:47.0845 0x0ccc BrokerInfrastructure - ok 14:52:47.0876 0x0ccc [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll 14:52:47.0908 0x0ccc Browser - ok 14:52:47.0939 0x0ccc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 14:52:47.0955 0x0ccc BthAvrcpTg - ok 14:52:47.0986 0x0ccc [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 14:52:48.0001 0x0ccc BthHFEnum - ok 14:52:48.0001 0x0ccc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 14:52:48.0017 0x0ccc bthhfhid - ok 14:52:48.0048 0x0ccc [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 14:52:48.0079 0x0ccc BTHMODEM - ok 14:52:48.0111 0x0ccc [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll 14:52:48.0126 0x0ccc bthserv - ok 14:52:48.0126 0x0ccc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 14:52:48.0173 0x0ccc cdfs - ok 14:52:48.0189 0x0ccc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 14:52:48.0204 0x0ccc cdrom - ok 14:52:48.0220 0x0ccc [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 14:52:48.0267 0x0ccc CertPropSvc - ok 14:52:48.0298 0x0ccc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 14:52:48.0314 0x0ccc circlass - ok 14:52:48.0345 0x0ccc [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 14:52:48.0361 0x0ccc CLFS - ok 14:52:48.0564 0x0ccc [ 6FBAED1D15BF7FE648CE0888F8DA034D, B593937DF1A00306816D19D4CBE8F253D6C24E22FF0AE1B88784CB7CC9AA6AB7 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 14:52:48.0611 0x0ccc ClickToRunSvc - ok 14:52:48.0658 0x0ccc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 14:52:48.0689 0x0ccc CmBatt - ok 14:52:48.0830 0x0ccc [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 14:52:48.0845 0x0ccc CNG - ok 14:52:48.0876 0x0ccc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 14:52:48.0955 0x0ccc CompositeBus - ok 14:52:48.0955 0x0ccc COMSysApp - ok 14:52:48.0970 0x0ccc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 14:52:48.0986 0x0ccc condrv - ok 14:52:49.0095 0x0ccc [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 14:52:49.0095 0x0ccc cphs - ok 14:52:49.0189 0x0ccc [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 14:52:49.0251 0x0ccc CryptSvc - ok 14:52:49.0314 0x0ccc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys 14:52:49.0314 0x0ccc dam - ok 14:52:49.0439 0x0ccc [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 14:52:49.0502 0x0ccc DcomLaunch - ok 14:52:49.0549 0x0ccc [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 14:52:49.0580 0x0ccc defragsvc - ok 14:52:49.0627 0x0ccc [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll 14:52:49.0720 0x0ccc DeviceAssociationService - ok 14:52:49.0783 0x0ccc [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 14:52:49.0877 0x0ccc DeviceInstall - ok 14:52:49.0955 0x0ccc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 14:52:50.0064 0x0ccc Dfsc - ok 14:52:50.0127 0x0ccc [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 14:52:50.0174 0x0ccc Dhcp - ok 14:52:50.0189 0x0ccc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys 14:52:50.0205 0x0ccc disk - ok 14:52:50.0220 0x0ccc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 14:52:50.0267 0x0ccc dmvsc - ok 14:52:50.0299 0x0ccc [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 14:52:50.0314 0x0ccc Dnscache - ok 14:52:50.0345 0x0ccc [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll 14:52:50.0377 0x0ccc dot3svc - ok 14:52:50.0392 0x0ccc [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll 14:52:50.0439 0x0ccc DPS - ok 14:52:50.0470 0x0ccc [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 14:52:50.0470 0x0ccc drmkaud - ok 14:52:50.0502 0x0ccc [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 14:52:50.0533 0x0ccc DsmSvc - ok 14:52:50.0595 0x0ccc [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 14:52:50.0642 0x0ccc DXGKrnl - ok 14:52:50.0674 0x0ccc [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll 14:52:50.0689 0x0ccc Eaphost - ok 14:52:50.0799 0x0ccc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 14:52:50.0924 0x0ccc ebdrv - ok 14:52:50.0939 0x0ccc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe 14:52:50.0955 0x0ccc EFS - ok 14:52:50.0986 0x0ccc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 14:52:50.0986 0x0ccc EhStorClass - ok 14:52:51.0017 0x0ccc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 14:52:51.0033 0x0ccc EhStorTcgDrv - ok 14:52:51.0064 0x0ccc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 14:52:51.0095 0x0ccc ErrDev - ok 14:52:51.0142 0x0ccc [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll 14:52:51.0189 0x0ccc EventSystem - ok 14:52:51.0220 0x0ccc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 14:52:51.0236 0x0ccc exfat - ok 14:52:51.0267 0x0ccc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 14:52:51.0283 0x0ccc fastfat - ok 14:52:51.0345 0x0ccc [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe 14:52:51.0436 0x0ccc Fax - ok 14:52:51.0451 0x0ccc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 14:52:51.0467 0x0ccc fdc - ok 14:52:51.0482 0x0ccc [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll 14:52:51.0514 0x0ccc fdPHost - ok 14:52:51.0529 0x0ccc [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll 14:52:51.0545 0x0ccc FDResPub - ok 14:52:51.0576 0x0ccc [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll 14:52:51.0607 0x0ccc fhsvc - ok 14:52:51.0639 0x0ccc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 14:52:51.0654 0x0ccc FileInfo - ok 14:52:51.0654 0x0ccc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 14:52:51.0686 0x0ccc Filetrace - ok 14:52:51.0701 0x0ccc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 14:52:51.0732 0x0ccc flpydisk - ok 14:52:51.0764 0x0ccc [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 14:52:51.0779 0x0ccc FltMgr - ok 14:52:51.0842 0x0ccc [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll 14:52:51.0920 0x0ccc FontCache - ok 14:52:52.0029 0x0ccc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:52:52.0045 0x0ccc FontCache3.0.0.0 - ok 14:52:52.0061 0x0ccc [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 14:52:52.0076 0x0ccc FsDepends - ok 14:52:52.0076 0x0ccc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 14:52:52.0092 0x0ccc Fs_Rec - ok 14:52:52.0139 0x0ccc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 14:52:52.0154 0x0ccc fvevol - ok 14:52:52.0170 0x0ccc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 14:52:52.0217 0x0ccc FxPPM - ok 14:52:52.0248 0x0ccc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 14:52:52.0264 0x0ccc gagp30kx - ok 14:52:52.0326 0x0ccc [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 14:52:52.0326 0x0ccc GamesAppService - ok 14:52:52.0373 0x0ccc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 14:52:52.0373 0x0ccc GEARAspiWDM - ok 14:52:52.0404 0x0ccc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 14:52:52.0420 0x0ccc gencounter - ok 14:52:52.0451 0x0ccc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 14:52:52.0467 0x0ccc GPIOClx0101 - ok 14:52:52.0514 0x0ccc [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 14:52:52.0576 0x0ccc gpsvc - ok 14:52:52.0623 0x0ccc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:52:52.0623 0x0ccc gupdate - ok 14:52:52.0639 0x0ccc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:52:52.0639 0x0ccc gupdatem - ok 14:52:52.0670 0x0ccc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 14:52:52.0717 0x0ccc HDAudBus - ok 14:52:52.0733 0x0ccc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 14:52:52.0748 0x0ccc HidBatt - ok 14:52:52.0780 0x0ccc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 14:52:52.0811 0x0ccc HidBth - ok 14:52:52.0842 0x0ccc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 14:52:52.0842 0x0ccc hidi2c - ok 14:52:52.0889 0x0ccc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 14:52:52.0905 0x0ccc HidIr - ok 14:52:52.0936 0x0ccc [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll 14:52:52.0936 0x0ccc hidserv - ok 14:52:52.0983 0x0ccc [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys 14:52:52.0983 0x0ccc HIDSwitch - ok 14:52:53.0045 0x0ccc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 14:52:53.0076 0x0ccc HidUsb - ok 14:52:53.0108 0x0ccc [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 14:52:53.0123 0x0ccc hkmsvc - ok 14:52:53.0155 0x0ccc [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 14:52:53.0201 0x0ccc HomeGroupListener - ok 14:52:53.0233 0x0ccc [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 14:52:53.0280 0x0ccc HomeGroupProvider - ok 14:52:53.0311 0x0ccc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 14:52:53.0326 0x0ccc HpSAMD - ok 14:52:53.0373 0x0ccc [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 14:52:53.0405 0x0ccc HTTP - ok 14:52:53.0436 0x0ccc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 14:52:53.0436 0x0ccc hwpolicy - ok 14:52:53.0467 0x0ccc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 14:52:53.0498 0x0ccc hyperkbd - ok 14:52:53.0514 0x0ccc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 14:52:53.0530 0x0ccc HyperVideo - ok 14:52:53.0545 0x0ccc [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 14:52:53.0561 0x0ccc i8042prt - ok 14:52:53.0592 0x0ccc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 14:52:53.0608 0x0ccc iaLPSSi_GPIO - ok 14:52:53.0623 0x0ccc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 14:52:53.0623 0x0ccc iaLPSSi_I2C - ok 14:52:53.0670 0x0ccc [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 14:52:53.0686 0x0ccc iaStorA - ok 14:52:53.0733 0x0ccc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 14:52:53.0748 0x0ccc iaStorAV - ok 14:52:53.0780 0x0ccc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 14:52:53.0795 0x0ccc iaStorV - ok 14:52:53.0905 0x0ccc [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 14:52:53.0905 0x0ccc ICCS - ok 14:52:54.0108 0x0ccc [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 14:52:54.0155 0x0ccc IconMan_R - ok 14:52:54.0170 0x0ccc IEEtwCollectorService - ok 14:52:54.0295 0x0ccc [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 14:52:54.0421 0x0ccc igfx - ok 14:52:54.0468 0x0ccc [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll 14:52:54.0514 0x0ccc IKEEXT - ok 14:52:54.0546 0x0ccc [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 14:52:54.0546 0x0ccc intaud_WaveExtensible - ok 14:52:54.0671 0x0ccc [ 6C7970A8E0546A4D9466E0045C7DB199, 70F2D58514C8E1A1E10B833236213F87F34AEB06ACC0D4C0DF61FCD69F8F1E07 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 14:52:54.0749 0x0ccc IntcAzAudAddService - ok 14:52:54.0780 0x0ccc [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 14:52:54.0827 0x0ccc IntcDAud - ok 14:52:54.0905 0x0ccc [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 14:52:54.0921 0x0ccc Intel(R) Capability Licensing Service Interface - ok 14:52:54.0983 0x0ccc [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 14:52:54.0983 0x0ccc Intel(R) ME Service - ok 14:52:55.0015 0x0ccc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 14:52:55.0015 0x0ccc intelide - ok 14:52:55.0046 0x0ccc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 14:52:55.0061 0x0ccc intelpep - ok 14:52:55.0077 0x0ccc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 14:52:55.0108 0x0ccc intelppm - ok 14:52:55.0108 0x0ccc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 14:52:55.0140 0x0ccc IpFilterDriver - ok 14:52:55.0186 0x0ccc [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 14:52:55.0233 0x0ccc iphlpsvc - ok 14:52:55.0249 0x0ccc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 14:52:55.0296 0x0ccc IPMIDRV - ok 14:52:55.0343 0x0ccc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 14:52:55.0390 0x0ccc IPNAT - ok 14:52:55.0436 0x0ccc [ 635F7587F7576AA14871B850EB95BFB8, 75CB8F4D511964BB9104E93EF31D2DDF1227DACE1EDB9DE25AE9719835B6C34B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 14:52:55.0452 0x0ccc iPod Service - ok 14:52:55.0468 0x0ccc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 14:52:55.0483 0x0ccc IRENUM - ok 14:52:55.0515 0x0ccc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 14:52:55.0515 0x0ccc isapnp - ok 14:52:55.0561 0x0ccc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 14:52:55.0577 0x0ccc iScsiPrt - ok 14:52:55.0593 0x0ccc [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys 14:52:55.0593 0x0ccc iwdbus - ok 14:52:55.0624 0x0ccc [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 14:52:55.0640 0x0ccc jhi_service - ok 14:52:55.0655 0x0ccc [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 14:52:55.0655 0x0ccc kbdclass - ok 14:52:55.0671 0x0ccc [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 14:52:55.0702 0x0ccc kbdhid - ok 14:52:55.0733 0x0ccc [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys 14:52:55.0733 0x0ccc kbfiltr - ok 14:52:55.0733 0x0ccc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 14:52:55.0765 0x0ccc kdnic - ok 14:52:55.0780 0x0ccc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe 14:52:55.0796 0x0ccc KeyIso - ok 14:52:55.0811 0x0ccc [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 14:52:55.0811 0x0ccc KSecDD - ok 14:52:55.0843 0x0ccc [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 14:52:55.0858 0x0ccc KSecPkg - ok 14:52:55.0874 0x0ccc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 14:52:55.0890 0x0ccc ksthunk - ok 14:52:55.0921 0x0ccc [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 14:52:55.0936 0x0ccc KtmRm - ok 14:52:55.0983 0x0ccc [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 14:52:56.0030 0x0ccc LanmanServer - ok 14:52:56.0061 0x0ccc [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 14:52:56.0077 0x0ccc LanmanWorkstation - ok 14:52:56.0124 0x0ccc [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 14:52:56.0171 0x0ccc lfsvc - ok 14:52:56.0202 0x0ccc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 14:52:56.0233 0x0ccc lltdio - ok 14:52:56.0249 0x0ccc [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 14:52:56.0280 0x0ccc lltdsvc - ok 14:52:56.0296 0x0ccc [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 14:52:56.0327 0x0ccc lmhosts - ok 14:52:56.0374 0x0ccc [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 14:52:56.0374 0x0ccc LMS - ok 14:52:56.0405 0x0ccc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 14:52:56.0421 0x0ccc LSI_SAS - ok 14:52:56.0436 0x0ccc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 14:52:56.0452 0x0ccc LSI_SAS2 - ok 14:52:56.0468 0x0ccc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 14:52:56.0468 0x0ccc LSI_SAS3 - ok 14:52:56.0483 0x0ccc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 14:52:56.0499 0x0ccc LSI_SSS - ok 14:52:56.0530 0x0ccc [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll 14:52:56.0593 0x0ccc LSM - ok 14:52:56.0640 0x0ccc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 14:52:56.0655 0x0ccc luafv - ok 14:52:56.0686 0x0ccc [ 478CC94C937D235CB0A96AB8F2359D81, 1877AF93FD777F0D5BC02C0CD6E806A165991B6C77D424B13D2D77F8F9D1EFCC ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys 14:52:56.0686 0x0ccc mbamchameleon - ok 14:52:56.0718 0x0ccc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 14:52:56.0733 0x0ccc megasas - ok 14:52:56.0749 0x0ccc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 14:52:56.0780 0x0ccc megasr - ok 14:52:56.0811 0x0ccc [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 14:52:56.0811 0x0ccc MEIx64 - ok 14:52:56.0843 0x0ccc [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll 14:52:56.0874 0x0ccc MMCSS - ok 14:52:56.0921 0x0ccc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 14:52:56.0936 0x0ccc Modem - ok 14:52:56.0952 0x0ccc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 14:52:56.0983 0x0ccc monitor - ok 14:52:56.0999 0x0ccc [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 14:52:57.0015 0x0ccc mouclass - ok 14:52:57.0015 0x0ccc [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 14:52:57.0030 0x0ccc mouhid - ok 14:52:57.0030 0x0ccc [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 14:52:57.0046 0x0ccc mountmgr - ok 14:52:57.0077 0x0ccc [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 14:52:57.0093 0x0ccc MozillaMaintenance - ok 14:52:57.0108 0x0ccc [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 14:52:57.0140 0x0ccc mpsdrv - ok 14:52:57.0171 0x0ccc [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 14:52:57.0218 0x0ccc MpsSvc - ok 14:52:57.0233 0x0ccc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 14:52:57.0265 0x0ccc MRxDAV - ok 14:52:57.0296 0x0ccc [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:52:57.0343 0x0ccc mrxsmb - ok 14:52:57.0358 0x0ccc [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 14:52:57.0390 0x0ccc mrxsmb10 - ok 14:52:57.0421 0x0ccc [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 14:52:57.0452 0x0ccc mrxsmb20 - ok 14:52:57.0468 0x0ccc [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 14:52:57.0531 0x0ccc MsBridge - ok 14:52:57.0546 0x0ccc [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe 14:52:57.0577 0x0ccc MSDTC - ok 14:52:57.0593 0x0ccc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 14:52:57.0624 0x0ccc Msfs - ok 14:52:57.0640 0x0ccc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 14:52:57.0656 0x0ccc msgpiowin32 - ok 14:52:57.0671 0x0ccc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 14:52:57.0687 0x0ccc mshidkmdf - ok 14:52:57.0687 0x0ccc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 14:52:57.0718 0x0ccc mshidumdf - ok 14:52:57.0749 0x0ccc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 14:52:57.0765 0x0ccc msisadrv - ok 14:52:57.0795 0x0ccc [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 14:52:57.0798 0x0ccc MSiSCSI - ok 14:52:57.0798 0x0ccc msiserver - ok 14:52:57.0829 0x0ccc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:52:57.0845 0x0ccc MSKSSRV - ok 14:52:57.0876 0x0ccc [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 14:52:57.0892 0x0ccc MsLldp - ok 14:52:57.0907 0x0ccc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:52:57.0939 0x0ccc MSPCLOCK - ok 14:52:57.0939 0x0ccc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 14:52:57.0970 0x0ccc MSPQM - ok 14:52:58.0001 0x0ccc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 14:52:58.0017 0x0ccc MsRPC - ok 14:52:58.0017 0x0ccc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 14:52:58.0032 0x0ccc mssmbios - ok 14:52:58.0032 0x0ccc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 14:52:58.0064 0x0ccc MSTEE - ok 14:52:58.0079 0x0ccc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 14:52:58.0095 0x0ccc MTConfig - ok 14:52:58.0126 0x0ccc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 14:52:58.0142 0x0ccc Mup - ok 14:52:58.0157 0x0ccc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 14:52:58.0157 0x0ccc mvumis - ok 14:52:58.0189 0x0ccc [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll 14:52:58.0220 0x0ccc napagent - ok 14:52:58.0251 0x0ccc [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 14:52:58.0282 0x0ccc NativeWifiP - ok 14:52:58.0314 0x0ccc [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 14:52:58.0345 0x0ccc NcaSvc - ok 14:52:58.0360 0x0ccc [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll 14:52:58.0392 0x0ccc NcbService - ok 14:52:58.0407 0x0ccc [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 14:52:58.0470 0x0ccc NcdAutoSetup - ok 14:52:58.0517 0x0ccc [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 14:52:58.0548 0x0ccc NDIS - ok 14:52:58.0579 0x0ccc [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 14:52:58.0595 0x0ccc NdisCap - ok 14:52:58.0611 0x0ccc [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 14:52:58.0626 0x0ccc NdisImPlatform - ok 14:52:58.0642 0x0ccc [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:52:58.0657 0x0ccc NdisTapi - ok 14:52:58.0689 0x0ccc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:52:58.0704 0x0ccc Ndisuio - ok 14:52:58.0704 0x0ccc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 14:52:58.0735 0x0ccc NdisVirtualBus - ok 14:52:58.0767 0x0ccc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:52:58.0798 0x0ccc NdisWan - ok 14:52:58.0814 0x0ccc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:52:58.0829 0x0ccc NdisWanLegacy - ok 14:52:58.0845 0x0ccc [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 14:52:58.0861 0x0ccc NDProxy - ok 14:52:58.0876 0x0ccc [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 14:52:58.0907 0x0ccc Ndu - ok 14:52:58.0923 0x0ccc [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl64.sys 14:52:58.0954 0x0ccc Netaapl - ok 14:52:58.0970 0x0ccc [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 14:52:59.0001 0x0ccc NetBIOS - ok 14:52:59.0017 0x0ccc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 14:52:59.0048 0x0ccc NetBT - ok 14:52:59.0064 0x0ccc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe 14:52:59.0079 0x0ccc Netlogon - ok 14:52:59.0111 0x0ccc [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll 14:52:59.0126 0x0ccc Netman - ok 14:52:59.0157 0x0ccc [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 14:52:59.0189 0x0ccc netprofm - ok 14:52:59.0282 0x0ccc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 14:52:59.0298 0x0ccc NetTcpPortSharing - ok 14:52:59.0329 0x0ccc [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys 14:52:59.0345 0x0ccc netvsc - ok 14:52:59.0376 0x0ccc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 14:52:59.0407 0x0ccc NlaSvc - ok 14:52:59.0423 0x0ccc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 14:52:59.0456 0x0ccc Npfs - ok 14:52:59.0492 0x0ccc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 14:52:59.0507 0x0ccc npsvctrig - ok 14:52:59.0538 0x0ccc [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll 14:52:59.0554 0x0ccc nsi - ok 14:52:59.0570 0x0ccc [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 14:52:59.0601 0x0ccc nsiproxy - ok 14:52:59.0679 0x0ccc [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 14:52:59.0742 0x0ccc Ntfs - ok 14:52:59.0757 0x0ccc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 14:52:59.0773 0x0ccc Null - ok 14:52:59.0788 0x0ccc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 14:52:59.0804 0x0ccc nvraid - ok 14:52:59.0820 0x0ccc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 14:52:59.0835 0x0ccc nvstor - ok 14:52:59.0867 0x0ccc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 14:52:59.0882 0x0ccc nv_agp - ok 14:52:59.0945 0x0ccc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:52:59.0960 0x0ccc ose - ok 14:52:59.0992 0x0ccc [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 14:53:00.0039 0x0ccc p2pimsvc - ok 14:53:00.0054 0x0ccc [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 14:53:00.0101 0x0ccc p2psvc - ok 14:53:00.0132 0x0ccc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 14:53:00.0164 0x0ccc Parport - ok 14:53:00.0179 0x0ccc [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 14:53:00.0195 0x0ccc partmgr - ok 14:53:00.0226 0x0ccc [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 14:53:00.0257 0x0ccc PcaSvc - ok 14:53:00.0289 0x0ccc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys 14:53:00.0304 0x0ccc pci - ok 14:53:00.0320 0x0ccc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 14:53:00.0335 0x0ccc pciide - ok 14:53:00.0351 0x0ccc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 14:53:00.0367 0x0ccc pcmcia - ok 14:53:00.0382 0x0ccc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 14:53:00.0382 0x0ccc pcw - ok 14:53:00.0414 0x0ccc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 14:53:00.0429 0x0ccc pdc - ok 14:53:00.0507 0x0ccc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 14:53:00.0554 0x0ccc PEAUTH - ok 14:53:00.0726 0x0ccc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 14:53:00.0757 0x0ccc PerfHost - ok 14:53:00.0835 0x0ccc [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll 14:53:00.0898 0x0ccc pla - ok 14:53:00.0914 0x0ccc [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 14:53:00.0929 0x0ccc PlugPlay - ok 14:53:00.0960 0x0ccc [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 14:53:00.0976 0x0ccc PNRPAutoReg - ok 14:53:00.0992 0x0ccc [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 14:53:01.0023 0x0ccc PNRPsvc - ok 14:53:01.0054 0x0ccc [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 14:53:01.0085 0x0ccc PolicyAgent - ok 14:53:01.0101 0x0ccc [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll 14:53:01.0132 0x0ccc Power - ok 14:53:01.0257 0x0ccc [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 14:53:01.0398 0x0ccc PrintNotify - ok 14:53:01.0445 0x0ccc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 14:53:01.0460 0x0ccc Processor - ok 14:53:01.0476 0x0ccc [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 14:53:01.0539 0x0ccc ProfSvc - ok 14:53:01.0554 0x0ccc [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 14:53:01.0585 0x0ccc Psched - ok 14:53:01.0601 0x0ccc [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\WINDOWS\system32\drivers\PxHlpa64.sys 14:53:01.0617 0x0ccc PxHlpa64 - ok 14:53:01.0695 0x0ccc [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll 14:53:01.0726 0x0ccc QWAVE - ok 14:53:01.0780 0x0ccc [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 14:53:01.0796 0x0ccc QWAVEdrv - ok 14:53:01.0827 0x0ccc [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:53:01.0843 0x0ccc RasAcd - ok 14:53:01.0858 0x0ccc [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll 14:53:01.0889 0x0ccc RasAuto - ok 14:53:01.0921 0x0ccc [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll 14:53:01.0968 0x0ccc RasMan - ok 14:53:01.0983 0x0ccc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:53:01.0999 0x0ccc RasPppoe - ok 14:53:02.0030 0x0ccc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:53:02.0061 0x0ccc rdbss - ok 14:53:02.0077 0x0ccc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 14:53:02.0108 0x0ccc rdpbus - ok 14:53:02.0124 0x0ccc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 14:53:02.0155 0x0ccc RDPDR - ok 14:53:02.0186 0x0ccc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 14:53:02.0202 0x0ccc RdpVideoMiniport - ok 14:53:02.0249 0x0ccc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 14:53:02.0264 0x0ccc rdyboost - ok 14:53:02.0296 0x0ccc [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 14:53:02.0327 0x0ccc ReFS - ok 14:53:02.0358 0x0ccc [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 14:53:02.0374 0x0ccc RemoteAccess - ok 14:53:02.0405 0x0ccc [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 14:53:02.0436 0x0ccc RemoteRegistry - ok 14:53:02.0452 0x0ccc [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 14:53:02.0468 0x0ccc RpcEptMapper - ok 14:53:02.0483 0x0ccc [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe 14:53:02.0483 0x0ccc RpcLocator - ok 14:53:02.0499 0x0ccc [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll 14:53:02.0530 0x0ccc RpcSs - ok 14:53:02.0561 0x0ccc [ C648C1FC380D17CB1D6CEEBA168CB15F, 88BC4626353D54D1A2ABC144585DD7E6EDF24BBAF7677C27E6CFAA477329E83E ] RSBASTOR C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys 14:53:02.0577 0x0ccc RSBASTOR - ok 14:53:02.0608 0x0ccc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 14:53:02.0639 0x0ccc rspndr - ok 14:53:02.0702 0x0ccc [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 14:53:02.0718 0x0ccc RTL8168 - ok 14:53:02.0749 0x0ccc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 14:53:02.0749 0x0ccc s3cap - ok 14:53:02.0780 0x0ccc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe 14:53:02.0780 0x0ccc SamSs - ok 14:53:02.0811 0x0ccc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 14:53:02.0811 0x0ccc sbp2port - ok 14:53:02.0874 0x0ccc [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 14:53:02.0890 0x0ccc SCardSvr - ok 14:53:02.0890 0x0ccc [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 14:53:02.0921 0x0ccc ScDeviceEnum - ok 14:53:02.0952 0x0ccc [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 14:53:02.0968 0x0ccc scfilter - ok 14:53:03.0015 0x0ccc [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll 14:53:03.0093 0x0ccc Schedule - ok 14:53:03.0108 0x0ccc [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 14:53:03.0124 0x0ccc SCPolicySvc - ok 14:53:03.0155 0x0ccc [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 14:53:03.0171 0x0ccc sdbus - ok 14:53:03.0202 0x0ccc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 14:53:03.0202 0x0ccc sdstor - ok 14:53:03.0249 0x0ccc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 14:53:03.0280 0x0ccc secdrv - ok 14:53:03.0327 0x0ccc [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll 14:53:03.0358 0x0ccc seclogon - ok 14:53:03.0374 0x0ccc [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll 14:53:03.0405 0x0ccc SENS - ok 14:53:03.0405 0x0ccc [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 14:53:03.0468 0x0ccc SensrSvc - ok 14:53:03.0499 0x0ccc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 14:53:03.0499 0x0ccc SerCx - ok 14:53:03.0515 0x0ccc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 14:53:03.0530 0x0ccc SerCx2 - ok 14:53:03.0546 0x0ccc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 14:53:03.0561 0x0ccc Serenum - ok 14:53:03.0577 0x0ccc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 14:53:03.0593 0x0ccc Serial - ok 14:53:03.0593 0x0ccc [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 14:53:03.0608 0x0ccc sermouse - ok 14:53:03.0655 0x0ccc [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 14:53:03.0687 0x0ccc SessionEnv - ok 14:53:03.0718 0x0ccc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 14:53:03.0733 0x0ccc sfloppy - ok 14:53:03.0765 0x0ccc [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 14:53:03.0812 0x0ccc SharedAccess - ok 14:53:03.0858 0x0ccc [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 14:53:03.0921 0x0ccc ShellHWDetection - ok 14:53:03.0952 0x0ccc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 14:53:03.0968 0x0ccc SiSRaid2 - ok 14:53:03.0983 0x0ccc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 14:53:03.0999 0x0ccc SiSRaid4 - ok 14:53:04.0249 0x0ccc [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 14:53:04.0265 0x0ccc SkypeUpdate - ok 14:53:04.0296 0x0ccc [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll 14:53:04.0312 0x0ccc smphost - ok 14:53:04.0327 0x0ccc [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 14:53:04.0343 0x0ccc SNMPTRAP - ok 14:53:04.0390 0x0ccc [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 14:53:04.0405 0x0ccc spaceport - ok 14:53:04.0437 0x0ccc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 14:53:04.0437 0x0ccc SpbCx - ok 14:53:04.0483 0x0ccc [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe 14:53:04.0530 0x0ccc Spooler - ok 14:53:04.0718 0x0ccc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 14:53:04.0905 0x0ccc sppsvc - ok 14:53:04.0952 0x0ccc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 14:53:04.0999 0x0ccc srv - ok 14:53:05.0155 0x0ccc [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 14:53:05.0171 0x0ccc srv2 - ok 14:53:05.0233 0x0ccc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 14:53:05.0249 0x0ccc srvnet - ok 14:53:05.0374 0x0ccc [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 14:53:05.0421 0x0ccc SSDPSRV - ok 14:53:05.0515 0x0ccc [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 14:53:05.0546 0x0ccc SstpSvc - ok 14:53:05.0609 0x0ccc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 14:53:05.0624 0x0ccc stexstor - ok 14:53:05.0734 0x0ccc [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll 14:53:05.0827 0x0ccc stisvc - ok 14:53:05.0859 0x0ccc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 14:53:05.0859 0x0ccc storahci - ok 14:53:05.0890 0x0ccc [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys 14:53:05.0890 0x0ccc storflt - ok 14:53:05.0921 0x0ccc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 14:53:05.0937 0x0ccc stornvme - ok 14:53:05.0968 0x0ccc [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll 14:53:06.0015 0x0ccc StorSvc - ok 14:53:06.0031 0x0ccc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 14:53:06.0046 0x0ccc storvsc - ok 14:53:06.0062 0x0ccc [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll 14:53:06.0093 0x0ccc svsvc - ok 14:53:06.0124 0x0ccc [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 14:53:06.0140 0x0ccc swenum - ok 14:53:06.0187 0x0ccc [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll 14:53:06.0234 0x0ccc swprv - ok 14:53:06.0281 0x0ccc [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll 14:53:06.0343 0x0ccc SysMain - ok 14:53:06.0374 0x0ccc [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 14:53:06.0434 0x0ccc SystemEventsBroker - ok 14:53:06.0450 0x0ccc [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 14:53:06.0465 0x0ccc TabletInputService - ok 14:53:06.0496 0x0ccc [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 14:53:06.0528 0x0ccc TapiSrv - ok 14:53:06.0621 0x0ccc [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 14:53:06.0706 0x0ccc Tcpip - ok 14:53:06.0752 0x0ccc [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:53:06.0820 0x0ccc TCPIP6 - ok 14:53:06.0851 0x0ccc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 14:53:06.0882 0x0ccc tcpipreg - ok 14:53:06.0924 0x0ccc [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 14:53:06.0948 0x0ccc tdx - ok 14:53:06.0969 0x0ccc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 14:53:06.0985 0x0ccc terminpt - ok 14:53:07.0047 0x0ccc [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll 14:53:07.0094 0x0ccc TermService - ok 14:53:07.0110 0x0ccc [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll 14:53:07.0141 0x0ccc Themes - ok 14:53:07.0172 0x0ccc [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 14:53:07.0188 0x0ccc THREADORDER - ok 14:53:07.0203 0x0ccc [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 14:53:07.0235 0x0ccc TimeBroker - ok 14:53:07.0281 0x0ccc [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys 14:53:07.0281 0x0ccc TPM - ok 14:53:07.0313 0x0ccc [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll 14:53:07.0328 0x0ccc TrkWks - ok 14:53:07.0375 0x0ccc [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 14:53:07.0422 0x0ccc TrustedInstaller - ok 14:53:07.0438 0x0ccc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 14:53:07.0469 0x0ccc TsUsbFlt - ok 14:53:07.0485 0x0ccc [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 14:53:07.0500 0x0ccc TsUsbGD - ok 14:53:07.0531 0x0ccc [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 14:53:07.0547 0x0ccc tunnel - ok 14:53:07.0578 0x0ccc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 14:53:07.0594 0x0ccc uagp35 - ok 14:53:07.0610 0x0ccc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 14:53:07.0625 0x0ccc UASPStor - ok 14:53:07.0625 0x0ccc [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 14:53:07.0641 0x0ccc UCX01000 - ok 14:53:07.0672 0x0ccc [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 14:53:07.0703 0x0ccc udfs - ok 14:53:07.0703 0x0ccc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 14:53:07.0719 0x0ccc UEFI - ok 14:53:07.0750 0x0ccc [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 14:53:07.0766 0x0ccc UI0Detect - ok 14:53:07.0797 0x0ccc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 14:53:07.0817 0x0ccc uliagpkx - ok 14:53:07.0822 0x0ccc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 14:53:07.0833 0x0ccc umbus - ok 14:53:07.0833 0x0ccc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 14:53:07.0864 0x0ccc UmPass - ok 14:53:07.0896 0x0ccc [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 14:53:07.0911 0x0ccc UmRdpService - ok 14:53:07.0974 0x0ccc [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 14:53:07.0989 0x0ccc UNS - ok 14:53:08.0021 0x0ccc [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll 14:53:08.0052 0x0ccc upnphost - ok 14:53:08.0083 0x0ccc [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys 14:53:08.0099 0x0ccc USBAAPL64 - ok 14:53:08.0130 0x0ccc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 14:53:08.0146 0x0ccc usbccgp - ok 14:53:08.0177 0x0ccc [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 14:53:08.0192 0x0ccc usbcir - ok 14:53:08.0224 0x0ccc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 14:53:08.0224 0x0ccc usbehci - ok 14:53:08.0255 0x0ccc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 14:53:08.0271 0x0ccc usbhub - ok 14:53:08.0302 0x0ccc [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 14:53:08.0317 0x0ccc USBHUB3 - ok 14:53:08.0349 0x0ccc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 14:53:08.0380 0x0ccc usbohci - ok 14:53:08.0396 0x0ccc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 14:53:08.0458 0x0ccc usbprint - ok 14:53:08.0489 0x0ccc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 14:53:08.0505 0x0ccc USBSTOR - ok 14:53:08.0521 0x0ccc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 14:53:08.0536 0x0ccc usbuhci - ok 14:53:08.0567 0x0ccc [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 14:53:08.0599 0x0ccc usbvideo - ok 14:53:08.0614 0x0ccc [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 14:53:08.0630 0x0ccc USBXHCI - ok 14:53:08.0646 0x0ccc [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe 14:53:08.0677 0x0ccc VaultSvc - ok 14:53:08.0692 0x0ccc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 14:53:08.0708 0x0ccc vdrvroot - ok 14:53:08.0896 0x0ccc [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe 14:53:08.0942 0x0ccc vds - ok 14:53:08.0974 0x0ccc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 14:53:08.0974 0x0ccc VerifierExt - ok 14:53:09.0021 0x0ccc [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 14:53:09.0036 0x0ccc vhdmp - ok 14:53:09.0052 0x0ccc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 14:53:09.0067 0x0ccc viaide - ok 14:53:09.0067 0x0ccc [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 14:53:09.0083 0x0ccc vmbus - ok 14:53:09.0099 0x0ccc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 14:53:09.0099 0x0ccc VMBusHID - ok 14:53:09.0146 0x0ccc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 14:53:09.0161 0x0ccc vmicguestinterface - ok 14:53:09.0177 0x0ccc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 14:53:09.0192 0x0ccc vmicheartbeat - ok 14:53:09.0208 0x0ccc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 14:53:09.0224 0x0ccc vmickvpexchange - ok 14:53:09.0239 0x0ccc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 14:53:09.0255 0x0ccc vmicrdv - ok 14:53:09.0271 0x0ccc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 14:53:09.0286 0x0ccc vmicshutdown - ok 14:53:09.0302 0x0ccc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 14:53:09.0333 0x0ccc vmictimesync - ok 14:53:09.0333 0x0ccc [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 14:53:09.0364 0x0ccc vmicvss - ok 14:53:09.0443 0x0ccc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 14:53:09.0443 0x0ccc volmgr - ok 14:53:09.0458 0x0ccc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 14:53:09.0474 0x0ccc volmgrx - ok 14:53:09.0505 0x0ccc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 14:53:09.0521 0x0ccc volsnap - ok 14:53:09.0568 0x0ccc [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 14:53:09.0568 0x0ccc vpci - ok 14:53:09.0599 0x0ccc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 14:53:09.0615 0x0ccc vsmraid - ok 14:53:09.0677 0x0ccc [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe 14:53:09.0740 0x0ccc VSS - ok 14:53:09.0771 0x0ccc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 14:53:09.0786 0x0ccc VSTXRAID - ok 14:53:09.0818 0x0ccc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 14:53:09.0865 0x0ccc vwifibus - ok 14:53:09.0880 0x0ccc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys 14:53:09.0911 0x0ccc vwififlt - ok 14:53:09.0911 0x0ccc [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys 14:53:09.0927 0x0ccc vwifimp - ok 14:53:09.0958 0x0ccc [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll 14:53:09.0974 0x0ccc W32Time - ok 14:53:10.0005 0x0ccc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 14:53:10.0021 0x0ccc WacomPen - ok 14:53:10.0083 0x0ccc [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe 14:53:10.0146 0x0ccc wbengine - ok 14:53:10.0193 0x0ccc [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 14:53:10.0224 0x0ccc WbioSrvc - ok 14:53:10.0240 0x0ccc [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 14:53:10.0286 0x0ccc Wcmsvc - ok 14:53:10.0302 0x0ccc [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 14:53:10.0349 0x0ccc wcncsvc - ok 14:53:10.0380 0x0ccc [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 14:53:10.0443 0x0ccc WcsPlugInService - ok 14:53:10.0458 0x0ccc [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 14:53:10.0474 0x0ccc WdBoot - ok 14:53:10.0521 0x0ccc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 14:53:10.0552 0x0ccc Wdf01000 - ok 14:53:10.0568 0x0ccc [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 14:53:10.0583 0x0ccc WdFilter - ok 14:53:10.0615 0x0ccc [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 14:53:10.0646 0x0ccc WdiServiceHost - ok 14:53:10.0646 0x0ccc [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 14:53:10.0661 0x0ccc WdiSystemHost - ok 14:53:10.0708 0x0ccc [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 14:53:10.0708 0x0ccc WdNisDrv - ok 14:53:10.0740 0x0ccc WdNisSvc - ok 14:53:10.0755 0x0ccc [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll 14:53:10.0771 0x0ccc WebClient - ok 14:53:10.0802 0x0ccc [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 14:53:10.0833 0x0ccc Wecsvc - ok 14:53:10.0849 0x0ccc [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 14:53:10.0865 0x0ccc WEPHOSTSVC - ok 14:53:10.0880 0x0ccc [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 14:53:10.0927 0x0ccc wercplsupport - ok 14:53:10.0943 0x0ccc [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 14:53:10.0974 0x0ccc WerSvc - ok 14:53:11.0005 0x0ccc [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 14:53:11.0021 0x0ccc WFPLWFS - ok 14:53:11.0052 0x0ccc [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 14:53:11.0068 0x0ccc WiaRpc - ok 14:53:11.0083 0x0ccc [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 14:53:11.0099 0x0ccc WIMMount - ok 14:53:11.0099 0x0ccc WinDefend - ok 14:53:11.0146 0x0ccc [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 14:53:11.0193 0x0ccc WinHttpAutoProxySvc - ok 14:53:11.0255 0x0ccc [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 14:53:11.0271 0x0ccc Winmgmt - ok 14:53:11.0349 0x0ccc [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 14:53:11.0427 0x0ccc WinRM - ok 14:53:11.0505 0x0ccc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys 14:53:11.0536 0x0ccc WinUsb - ok 14:53:11.0615 0x0ccc [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 14:53:11.0661 0x0ccc WlanSvc - ok 14:53:11.0724 0x0ccc [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 14:53:11.0771 0x0ccc wlidsvc - ok 14:53:11.0802 0x0ccc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 14:53:11.0818 0x0ccc WmiAcpi - ok 14:53:11.0833 0x0ccc [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 14:53:11.0880 0x0ccc wmiApSrv - ok 14:53:11.0896 0x0ccc WMPNetworkSvc - ok 14:53:11.0912 0x0ccc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 14:53:11.0927 0x0ccc Wof - ok 14:53:12.0005 0x0ccc [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 14:53:12.0083 0x0ccc workfolderssvc - ok 14:53:12.0115 0x0ccc [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 14:53:12.0130 0x0ccc wpcfltr - ok 14:53:12.0146 0x0ccc [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 14:53:12.0177 0x0ccc WPCSvc - ok 14:53:12.0193 0x0ccc [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 14:53:12.0240 0x0ccc WPDBusEnum - ok 14:53:12.0271 0x0ccc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 14:53:12.0287 0x0ccc WpdUpFltr - ok 14:53:12.0302 0x0ccc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 14:53:12.0333 0x0ccc ws2ifsl - ok 14:53:12.0349 0x0ccc [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll 14:53:12.0412 0x0ccc wscsvc - ok 14:53:12.0412 0x0ccc WSearch - ok 14:53:12.0521 0x0ccc [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll 14:53:12.0646 0x0ccc WSService - ok 14:53:12.0756 0x0ccc [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 14:53:12.0912 0x0ccc wuauserv - ok 14:53:12.0943 0x0ccc [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 14:53:12.0990 0x0ccc WudfPf - ok 14:53:13.0037 0x0ccc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 14:53:13.0037 0x0ccc WUDFRd - ok 14:53:13.0053 0x0ccc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 14:53:13.0068 0x0ccc WUDFSensorLP - ok 14:53:13.0131 0x0ccc [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 14:53:13.0162 0x0ccc wudfsvc - ok 14:53:13.0225 0x0ccc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 14:53:13.0240 0x0ccc WUDFWpdFs - ok 14:53:13.0240 0x0ccc [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 14:53:13.0256 0x0ccc WUDFWpdMtp - ok 14:53:13.0287 0x0ccc [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 14:53:13.0318 0x0ccc WwanSvc - ok 14:53:13.0318 0x0ccc ================ Scan global =============================== 14:53:13.0381 0x0ccc [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll 14:53:13.0412 0x0ccc [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll 14:53:13.0428 0x0ccc [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll 14:53:13.0475 0x0ccc [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe 14:53:13.0475 0x0ccc [ Global ] - ok 14:53:13.0475 0x0ccc ================ Scan MBR ================================== 14:53:13.0490 0x0ccc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 14:53:13.0553 0x0ccc \Device\Harddisk0\DR0 - ok 14:53:13.0553 0x0ccc ================ Scan VBR ================================== 14:53:13.0553 0x0ccc [ 1FB9BC5D1DFED66AF4858C5AE9FD0D88 ] \Device\Harddisk0\DR0\Partition1 14:53:13.0600 0x0ccc \Device\Harddisk0\DR0\Partition1 - ok 14:53:13.0600 0x0ccc [ 7B5B2F16EDAEA096D82DEDA3B6DA0576 ] \Device\Harddisk0\DR0\Partition2 14:53:13.0618 0x0ccc \Device\Harddisk0\DR0\Partition2 - ok 14:53:13.0626 0x0ccc [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 14:53:13.0626 0x0ccc \Device\Harddisk0\DR0\Partition3 - ok 14:53:13.0641 0x0ccc [ E839775B841965BCB003AD4B49404047 ] \Device\Harddisk0\DR0\Partition4 14:53:13.0641 0x0ccc \Device\Harddisk0\DR0\Partition4 - ok 14:53:13.0673 0x0ccc [ AAF101E149B5C2C8204485042968EE60 ] \Device\Harddisk0\DR0\Partition5 14:53:13.0688 0x0ccc \Device\Harddisk0\DR0\Partition5 - ok 14:53:13.0704 0x0ccc [ 5CE730D96F2185E104D91F63CF435D1E ] \Device\Harddisk0\DR0\Partition6 14:53:13.0720 0x0ccc \Device\Harddisk0\DR0\Partition6 - ok 14:53:13.0735 0x0ccc [ D0A891ABBD1AE3341D8BE65884A200D3 ] \Device\Harddisk0\DR0\Partition7 14:53:13.0751 0x0ccc \Device\Harddisk0\DR0\Partition7 - ok 14:53:13.0782 0x0ccc [ 96FBF9571B12CB477DBFD46EBFE446A4 ] \Device\Harddisk0\DR0\Partition8 14:53:13.0798 0x0ccc \Device\Harddisk0\DR0\Partition8 - ok 14:53:13.0798 0x0ccc ================ Scan generic autorun ====================== 14:53:14.0235 0x0ccc [ 637C513A8A3FFBB3AA05FAFAC3F9174D, 5BFE633BE091A1BCED55AB2E99A6FEB92B7166921249BFB4B05386EA3856B735 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 14:53:14.0626 0x0ccc RTHDVCPL - ok 14:53:14.0673 0x0ccc [ F66CE44D86EA704B31BED2BF2BEDDF75, EC0B3AB0B2011B718299BFF743A28117A3436E9431B6F31CF34416D68AAF1B56 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 14:53:14.0704 0x0ccc RtHDVBg - ok 14:53:14.0735 0x0ccc [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe 14:53:14.0751 0x0ccc IgfxTray - ok 14:53:14.0767 0x0ccc [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe 14:53:14.0798 0x0ccc HotKeysCmds - ok 14:53:14.0813 0x0ccc [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe 14:53:14.0845 0x0ccc Persistence - ok 14:53:14.0938 0x0ccc [ 79C9B6A7836DC358216036A1EBA31B62, 9E3987ED10C5CFCD06A2DCBC4E0838004F97A1527527749EF3CC7C5EC5AC2597 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 14:53:14.0954 0x0ccc AdobeAAMUpdater-1.0 - ok 14:53:15.0001 0x0ccc [ E97140424C378ACBD47DF493A6AB7235, 00F26F670AD6B03C465C4FC834DC993B551B8A8E73B603FE7B9CFFA893094A3D ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe 14:53:15.0001 0x0ccc Adobe Reader Speed Launcher - ok 14:53:15.0079 0x0ccc [ BAD6BEA0DE1F69C82BDB74378CE0C20A, ADA84B75173E9D03C180B527E31475ACA16CB19532C3EDA11357BD37049927E3 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 14:53:15.0110 0x0ccc Adobe ARM - ok 14:53:15.0252 0x0ccc [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE 14:53:15.0316 0x0ccc ASUSPRP - ok 14:53:15.0472 0x0ccc [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe 14:53:15.0582 0x0ccc ASUSWebStorage - ok 14:53:15.0644 0x0ccc [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 14:53:15.0644 0x0ccc RemoteControl10 - ok 14:53:15.0722 0x0ccc [ 69B388D8F3085411D00F875FF5CBCAF6, 22F6DCF1E6D1DD28793CCDFE9FC33E737180BB3C5C65BE3BFA9C2522B6B6F66B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 14:53:15.0738 0x0ccc avgnt - ok 14:53:15.0785 0x0ccc [ D88B2D487439305A2EC308A6796C3044, 79DF0A41ECB08D5BEB3393B2BA15E6C88AD626803E1734EFBA0DBE4ECF7274D7 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe 14:53:15.0800 0x0ccc iTunesHelper - ok 14:53:15.0832 0x0ccc [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 14:53:15.0847 0x0ccc SunJavaUpdateSched - ok 14:53:15.0879 0x0ccc [ 22283306E9A33D4EB10F8B6C7499C30E, F527A3ED9816EE5C5A191A26A7D29A2CAFAB7DA3BAA3295FE0E8A2D44F0F5F45 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 14:53:15.0894 0x0ccc Avira Systray - ok 14:53:15.0925 0x0ccc Skype - ok 14:53:16.0004 0x0ccc [ FB4A70985CE3C2571D7053630B6D2595, 5190F7DCFDA783DD8C8E500CC0187F747F70B890511318CCF31A332917D21529 ] C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe 14:53:16.0035 0x0ccc CAHeadless - ok 14:53:16.0157 0x0ccc [ ACE61C698A49021FA1E2799275E88CC8, F0D03B836B14F0C78B48CBA0D87549D33F76B69EFB7759993982BF1849B532E7 ] C:\Program Files (x86)\Gyazo\GyStation.exe 14:53:16.0219 0x0ccc Gyazo - ok 14:53:16.0672 0x0ccc [ 66642F97226FD55F1BF4D1C32881F8E0, 302CBE2721B46B95E1FA5556BC7AF92135DBC8B8DAEB7D7E84E776FBB5F17176 ] C:\Program Files (x86)\Zoiper\Zoiper.exe 14:53:17.0001 0x0ccc Zoiper - ok 14:53:17.0016 0x0ccc Waiting for KSN requests completion. In queue: 140 14:53:18.0032 0x0ccc AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.652 ), 0x41000 ( enabled : updated ) 14:53:18.0032 0x0ccc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated ) 14:53:18.0126 0x0ccc Win FW state via NFP2: enabled 14:53:18.0516 0x0ccc ============================================================ 14:53:18.0516 0x0ccc Scan finished 14:53:18.0516 0x0ccc ============================================================ 14:53:18.0516 0x173c Detected object count: 0 14:53:18.0516 0x173c Actual detected object count: 0 |
21.03.2015, 09:49 | #8 |
/// the machine /// TB-Ausbilder | Phishing mail Link geklickt sieht gut aus
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
21.03.2015, 13:42 | #9 |
| Phishing mail Link geklickt vielen vielen herzlichen dank |
22.03.2015, 07:39 | #10 |
/// the machine /// TB-Ausbilder | Phishing mail Link geklickt Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Phishing mail Link geklickt |
arbeiten, aufforderung, erfolgreich, erhalten, erwischt, fehlercode 0xc0000005, fehlercode 0xe0434352, geklickt, gespeichert, phishing, sensible |