Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Facebook virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.11.2015, 19:31   #1
misterfuxi
 
Facebook virus - Standard

Facebook virus



hallo, der fb acc von meinen Vater wurde gehackt und wurde über seinen namen in gruppen geposted usw...

jetzt bin ich mir nicht sicher ob auch ein Trojaner den PC befallen hat oder nicht?

lg

Alt 17.11.2015, 08:28   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Facebook virus - Standard

Facebook virus



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 17.11.2015, 14:10   #3
misterfuxi
 
Facebook virus - Standard

Facebook virus



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-11-2015
durchgeführt von Hons (Administrator) auf HONS-HP (17-11-2015 13:54:49)
Gestartet von C:\Users\Hons\Downloads
Geladene Profile: Hons (Verfügbare Profile: Hons)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Akamai Technologies, Inc.) C:\Users\Hons\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Hons\AppData\Local\Akamai\netsession_win.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-02-10] (EasyBits Software AS)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [36713096 2015-11-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Hons\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [9797416 2015-02-25] (Visicom Media Inc.)
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8202008 2015-04-08] (Piriform Ltd)
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Policies\system: [DisableChangePassword] 0
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 213.153.32.129 213.153.32.1
Tcpip\..\Interfaces\{b881092d-0c71-471c-b9df-6d516ce8c314}: [DhcpNameServer] 213.153.32.129 213.153.32.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=U218DHP&pc=U218
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1800866443-111596414-1649206034-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/WOL_WCP
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1800866443-111596414-1649206034-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Hons\AppData\Roaming\Mozilla\Firefox\Profiles\ft33zb0w.default
FF Homepage: hxxp://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1800866443-111596414-1649206034-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hons\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS)
FF Extension: Ghostery - C:\Users\Hons\AppData\Roaming\Mozilla\Firefox\Profiles\ft33zb0w.default\Extensions\firefox@ghostery.com.xpi [2015-11-05]
FF Extension: Adblock Plus - C:\Users\Hons\AppData\Roaming\Mozilla\Firefox\Profiles\ft33zb0w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Kein Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5155576 2015-05-25] (Emsisoft Ltd)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-09] (Dropbox, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-13] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-13] (Microsoft Corporation)
S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-08-13] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-13] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll [504832 2015-08-13] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 epp64; C:\Windows\System32\DRIVERS\epp64.sys [135800 2015-05-13] (Emsisoft GmbH)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-13] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
U5 usbfilter; C:\Windows\System32\Drivers\usbfilter.sys [44672 2010-11-29] (Advanced Micro Devices)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-17 13:54 - 2015-11-17 13:56 - 00016608 _____ C:\Users\Hons\Downloads\FRST.txt
2015-11-17 13:54 - 2015-11-17 13:54 - 02008576 _____ (Farbar) C:\Users\Hons\Downloads\FRST64.exe
2015-11-17 13:48 - 2015-11-17 13:48 - 00016148 _____ C:\WINDOWS\system32\HONS-HP_Hons_HistoryPrediction.bin
2015-11-11 07:44 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 07:44 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 07:44 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 07:44 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 07:44 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 07:44 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 07:44 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 07:44 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 07:44 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 07:44 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 07:44 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 07:43 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 07:43 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 07:43 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 07:43 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 07:43 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 07:43 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 07:43 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 07:43 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 07:43 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 07:43 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 07:43 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 07:43 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 07:43 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 07:43 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 07:43 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 07:43 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 07:43 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 07:43 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 07:43 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 07:43 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 07:43 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 07:43 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 07:43 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 07:43 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 07:43 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 07:43 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 07:43 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 07:43 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 07:43 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 07:43 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 07:43 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 07:43 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 07:43 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 07:43 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 07:43 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 07:43 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 07:43 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 07:43 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 07:43 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 07:43 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 07:43 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 07:43 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 21:09 - 2015-11-10 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-07 18:29 - 2015-11-07 23:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 16:45 - 2015-11-03 16:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-11-02 16:54 - 2015-11-02 16:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-02 16:54 - 2015-11-02 16:54 - 00002126 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-02 12:23 - 2015-11-02 12:23 - 00001824 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-11-02 12:23 - 2015-11-02 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-02 12:22 - 2015-11-02 12:23 - 00000000 ____D C:\Program Files\iTunes
2015-11-02 12:22 - 2015-11-02 12:22 - 00000000 ____D C:\Program Files\iPod
2015-11-02 12:22 - 2015-11-02 12:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-02 12:20 - 2015-11-02 12:20 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-11-02 12:20 - 2015-11-02 12:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-11-02 12:20 - 2015-11-02 12:20 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-11-02 12:19 - 2015-11-02 12:19 - 00000000 ____D C:\Program Files\Bonjour
2015-11-02 12:19 - 2015-11-02 12:19 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-11-02 12:18 - 2015-11-02 12:19 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-02 12:12 - 2015-11-02 12:16 - 167839512 _____ (Apple Inc.) C:\Users\Hons\Downloads\iTunes6464Setup.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-17 13:55 - 2015-05-21 13:12 - 00000000 ____D C:\FRST
2015-11-17 13:50 - 2015-08-09 19:59 - 00000000 ___RD C:\Users\Hons\Dropbox
2015-11-17 13:50 - 2015-08-09 19:54 - 00000000 ____D C:\Users\Hons\AppData\Local\Dropbox
2015-11-17 13:48 - 2015-08-09 19:54 - 00001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-11-17 13:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-17 13:20 - 2012-06-06 13:54 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-17 13:04 - 2014-10-03 19:12 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-11-17 12:59 - 2015-08-09 19:54 - 00001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-11-17 12:39 - 2015-08-28 15:03 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-17 12:38 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-17 12:38 - 2011-09-20 13:51 - 00000000 ____D C:\ProgramData\PDFC
2015-11-17 12:37 - 2015-07-10 10:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-11-16 19:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-15 19:43 - 2015-10-10 16:35 - 00000000 ____D C:\Users\Hons\Desktop\10-15
2015-11-14 07:49 - 2015-08-13 16:23 - 00000000 ____D C:\Users\Hons
2015-11-13 07:44 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 22:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 13:00 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-11 12:58 - 2013-08-15 09:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 12:50 - 2012-07-05 19:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 12:50 - 2012-06-09 23:00 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-10 22:53 - 2015-08-28 21:59 - 00003470 _____ C:\WINDOWS\PFRO.log
2015-11-10 21:09 - 2015-08-09 19:54 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-07 23:50 - 2012-06-06 13:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-03 19:20 - 2015-10-01 11:41 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-01 11:41 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 16:59 - 2015-08-13 16:21 - 02077126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-03 16:59 - 2015-07-10 17:34 - 00883662 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-03 16:59 - 2015-07-10 17:34 - 00195796 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-03 16:45 - 2015-10-02 17:35 - 00000685 _____ C:\WINDOWS\setupact.log
2015-11-02 16:55 - 2015-02-26 06:41 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-02 16:54 - 2015-02-25 22:33 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-02 16:54 - 2015-02-25 22:32 - 00000000 ____D C:\ProgramData\Adobe
2015-11-02 12:17 - 2013-11-30 16:00 - 00000000 ____D C:\ProgramData\Apple
2015-11-01 21:13 - 2011-09-20 13:39 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids
2015-10-23 11:44 - 2012-12-06 18:44 - 00003260 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForHONS-HP$
2015-10-23 11:44 - 2012-12-06 18:44 - 00000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHONS-HP$.job

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-11-02 21:15 - 2012-11-02 21:15 - 0000000 _____ () C:\Users\Hons\AppData\Roaming\SharedSettings.ccs

Einige Dateien in TEMP:
====================
C:\Users\Hons\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprh_wc3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-10 07:32

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Hons (2015-11-17 13:57:49)
Gestartet von C:\Users\Hons\Downloads
Windows 10 Home (X64) (2015-08-13 15:55:37)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1800866443-111596414-1649206034-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1800866443-111596414-1649206034-503 - Limited - Disabled)
Gast (S-1-5-21-1800866443-111596414-1649206034-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1800866443-111596414-1649206034-1002 - Limited - Enabled)
Hons (S-1-5-21-1800866443-111596414-1649206034-1000 - Administrator - Enabled) => C:\Users\Hons

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Emsisoft Anti-Malware (Disabled - Out of date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4lk7eyc12 (HKLM\...\{822b1bfa-0f0b-4693-9b9a-fa0e3ff3988e}.sdb) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
aobqlsi7bam (HKLM\...\{dd9689ec-30f6-483a-b0de-42482320fb7a}.sdb) (Version:  - )
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{7CBD809B-E823-30DC-5EF2-D7ADBD72FA8F}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Rig Europe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compaq Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
ManyCam 4.1.1 (HKLM-x32\...\ManyCam) (Version: 4.1.1 - Visicom Media Inc.)
ManyDownloader (HKLM-x32\...\ManyDownloader) (Version: 1.6.4.202 - Visicom Media Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
MEDION GoPal Assistant (HKLM-x32\...\{A6C8CD51-1AE4-474D-BA2D-125CDBEADD03}) (Version: 6.2.0.12196 - MEDION)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint 2007 (HKLM-x32\...\POWERPOINT) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
qa78av0pjst (HKLM\...\{163189cc-beee-4928-a116-b02a40b1558a}.sdb) (Version:  - )
qqg24e6wku2 (HKLM\...\{fc2ce180-eeb4-4d8c-b127-8b739ededb35}.sdb) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
rgvj8cx6 (HKLM\...\{b22d0c30-407c-40d4-b5b2-0628da27fa7b}.sdb) (Version:  - )
Ringtone Maker (HKLM-x32\...\Ringtone Maker) (Version: 1.0 - Fried Cookie)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-1800866443-111596414-1649206034-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0018-0000-0000-0000000FF1CE}_POWERPOINT_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_POWERPOINT_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
v7f343ho (HKLM\...\{d1f989f7-73c9-430f-84bb-fe073f4a6b13}.sdb) (Version:  - )
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

29-10-2015 07:37:20 Geplanter Prüfpunkt
02-11-2015 12:20:17 Installed iTunes
10-11-2015 08:18:12 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {042937CB-5476-4C2A-8480-C5E036578E2B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {07E50447-50A4-4917-84FD-5A1D80EF0326} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0EAC37DD-F715-4E10-B76E-0A9782186072} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {1373FBC2-A5AB-4B1A-B657-B9FE5BC4FE28} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {1AE6993D-EC54-48CF-9AF7-3A0E9BA4BFED} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2F490C42-018C-4AF6-84CD-301FCE93C27D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {34FDEA4C-6E96-425C-8C4B-1F3819654A52} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {35A742C1-2971-4943-A2E3-29AD462FFAAC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3ACF76E4-F5DF-431C-BEA2-BE70CF85AE6D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {42DBC513-8FCF-431A-A23C-46112DBB99D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4C0D1944-CC89-44EF-AE90-47D00562C982} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2011-08-11] (Hewlett-Packard)
Task: {4EF9C94A-BEB8-4886-8EFB-6F8DC72DE967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {53ABC437-1B0B-41C8-BFA8-0949927B2CAE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {57367103-702F-4F2D-8EB1-5DD39EF417EE} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {5C4C8F70-34A5-494F-AD22-BF9E7DEF7B2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-08] (Piriform Ltd)
Task: {6004E5F2-D84A-4102-8928-DCBDDA12AB4C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {61C21DF8-5178-480F-AE37-323317459556} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {75D7899C-C42C-4B67-B470-70D7DAC49F6F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {76028AB5-AC97-4F06-8327-7D5A47A19935} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {8019363D-BCAD-4773-B90D-F17D42075CBA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8479211B-953C-4F0E-B1AD-87FBEE983362} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {856F7CB6-09E8-4D70-A22E-4C384AA43B11} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {8D410771-290C-457E-BEA7-42E14720414D} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-21] (CyberLink)
Task: {8D77A25D-FD6A-481A-B0D6-9678902CB9A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {8E86CB7A-B618-45CB-8C23-6835C861CD9A} - System32\Tasks\{211B2704-6BAF-4AB7-B28B-059937C6486C} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.104.396/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {94CBB00C-79E9-41A7-86CB-34892DE0C255} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {B4089760-8021-477E-AEA6-F6CBD548691F} - System32\Tasks\{3B2B8867-491D-4BC3-8044-C45F3052FFD9} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.104.396/de/abandoninstall?page=tsDownload&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {BBBE438A-FBB9-49B6-BE0F-80AB6C60459B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-09] (Dropbox, Inc.)
Task: {BDEE0243-29F4-4D12-8BB0-174CE616623D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C0F395F2-9715-4314-A840-2E6C417F6A32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C2EE49E2-03E5-40B7-89C0-D870116180D3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {CD95655B-6AF8-4ACD-882E-135661E92E5A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {DF9768EB-A6AB-4FF0-9633-37DF55DD9103} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E6A1F159-4979-401B-B62D-890A1295150A} - System32\Tasks\HPCeeScheduleForHONS-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {EE44F1BC-3A65-4249-BBAC-F4DEB17CDF61} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F2511BEE-366D-49C8-BB06-D1D74AAAE162} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FA2454ED-93E2-4527-9B5B-606598187773} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-09] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForHONS-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-13 17:01 - 2015-08-13 17:01 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 09:22 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 06:37 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 06:37 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 06:36 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 06:37 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 06:36 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 06:36 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 06:37 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-04-08 20:53 - 2015-04-08 20:53 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-11-14 04:22 - 2012-11-14 04:22 - 02010624 _____ () C:\Program Files (x86)\ManyCam\opencv_core220.dll
2012-11-14 04:23 - 2012-11-14 04:23 - 01241088 _____ () C:\Program Files (x86)\ManyCam\opencv_imgproc220.dll
2012-11-14 04:23 - 2012-11-14 04:23 - 00241152 _____ () C:\Program Files (x86)\ManyCam\opencv_objdetect220.dll
2012-11-14 04:23 - 2012-11-14 04:23 - 00775680 _____ () C:\Program Files (x86)\ManyCam\opencv_highgui220.dll
2012-11-14 04:23 - 2012-11-14 04:23 - 00201216 _____ () C:\Program Files (x86)\ManyCam\opencv_video220.dll
2015-10-02 06:03 - 2015-11-05 00:44 - 00166416 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-11-17 13:49 - 2015-11-17 13:49 - 00071168 _____ () c:\users\hons\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprh_wc3.dll
2015-11-10 21:08 - 2015-09-03 01:11 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-11-10 21:08 - 2015-09-03 01:11 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-11-10 21:08 - 2015-09-03 01:11 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-10 21:08 - 2015-09-03 01:11 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1800866443-111596414-1649206034-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Hons\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 213.153.32.129 - 213.153.32.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: aspnet_state => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{FF69FDDD-4DF5-480D-A680-910E91E8174B}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{D661CBFF-F96E-4E78-9BA2-CF4900853725}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{2AF91EF7-1EB6-4052-9440-F304728E2FF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C312A73A-53B5-4FF8-B4C9-7D99E1E54CCB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A044DE87-3DDA-48B4-ABBD-1AB59B73A084}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9B4AF780-B4F9-47BB-99BA-3D6705030904}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{CCFA3C66-4942-473C-9FCC-D5BA40D1DFDC}C:\users\hons\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hons\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{FE2DA087-9168-43FB-BD00-E733CF67773C}C:\users\hons\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hons\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{CD84E195-F501-4EB7-9E46-9439F37D645D}C:\users\hons\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hons\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{C578EFBD-1EE4-4F55-B8AF-B50311B798FC}C:\users\hons\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\hons\appdata\local\akamai\netsession_win.exe
FirewallRules: [{29132FB0-4AA9-4697-B274-10DDEB398404}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{663C23FF-3A41-418F-AF62-4813DC4E0D7F}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7FAEC502-1AED-4B3A-BC85-674755CDED2E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{AEEB7D47-920C-4CD5-9DFC-88E45CEF7717}] => (Allow) LPort=1900
FirewallRules: [{AFA6BC86-A4D1-45A7-BD7E-CE822368781C}] => (Allow) LPort=2869
FirewallRules: [{A17814EB-C7D2-4906-9E53-9657E1339ACE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BC0AA552-DF91-489F-A4CB-0201AA882851}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{84385A76-C067-4CC4-8079-E895EE0B7301}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{09871C8B-F39F-446B-8112-64D16EF5DAC0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{74906FA1-0FC1-478E-9D13-8457A2E8FFED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B2088826-E250-4CCE-A9CF-E7271F7090C7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{513B6E53-AD08-4FCC-A514-85FEC26EA30E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{832A4A5A-0A3E-4B9D-BD91-84F12978DC0F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{DF0DAECE-4A73-49C1-886F-D03A871DF4EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{96AB72C6-4155-4A46-8C22-3F3575B50ACB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A146DAF5-29BA-4087-969A-ECD249E96A8F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/17/2015 00:36:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Name des fehlerhaften Moduls: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006069
ID des fehlerhaften Prozesses: 0x2c8
Startzeit der fehlerhaften Anwendung: 0xservices.exe0
Pfad der fehlerhaften Anwendung: services.exe1
Pfad des fehlerhaften Moduls: services.exe2
Berichtskennung: services.exe3
Vollständiger Name des fehlerhaften Pakets: services.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: services.exe5

Error: (11/17/2015 07:21:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Name des fehlerhaften Moduls: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006069
ID des fehlerhaften Prozesses: 0x2b4
Startzeit der fehlerhaften Anwendung: 0xservices.exe0
Pfad der fehlerhaften Anwendung: services.exe1
Pfad des fehlerhaften Moduls: services.exe2
Berichtskennung: services.exe3
Vollständiger Name des fehlerhaften Pakets: services.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: services.exe5

Error: (11/16/2015 10:45:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Name des fehlerhaften Moduls: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006069
ID des fehlerhaften Prozesses: 0x2bc
Startzeit der fehlerhaften Anwendung: 0xservices.exe0
Pfad der fehlerhaften Anwendung: services.exe1
Pfad des fehlerhaften Moduls: services.exe2
Berichtskennung: services.exe3
Vollständiger Name des fehlerhaften Pakets: services.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: services.exe5

Error: (11/16/2015 00:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Name des fehlerhaften Moduls: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006069
ID des fehlerhaften Prozesses: 0x2c0
Startzeit der fehlerhaften Anwendung: 0xservices.exe0
Pfad der fehlerhaften Anwendung: services.exe1
Pfad des fehlerhaften Moduls: services.exe2
Berichtskennung: services.exe3
Vollständiger Name des fehlerhaften Pakets: services.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: services.exe5

Error: (11/16/2015 00:32:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Hons-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/16/2015 07:21:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Name des fehlerhaften Moduls: services.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3848
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000006069
ID des fehlerhaften Prozesses: 0x2b0
Startzeit der fehlerhaften Anwendung: 0xservices.exe0
Pfad der fehlerhaften Anwendung: services.exe1
Pfad des fehlerhaften Moduls: services.exe2
Berichtskennung: services.exe3
Vollständiger Name des fehlerhaften Pakets: services.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: services.exe5

Error: (11/16/2015 07:04:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Hons-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/16/2015 06:59:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.10240.16515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12bc

Startzeit: 01d1203339cc08b9

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: 3267e9df-8c27-11e5-9ca1-3cd92b5856b1

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (11/16/2015 06:59:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Hons-HP)
Description: Das Paket „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (11/16/2015 06:57:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Hons-HP)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (11/17/2015 00:38:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/17/2015 00:38:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎17.‎11.‎2015 um 12:23:04 unerwartet heruntergefahren.

Error: (11/17/2015 00:36:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session1 erreicht.

Error: (11/17/2015 00:36:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/17/2015 07:23:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/17/2015 07:22:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎16.‎11.‎2015 um 22:47:25 unerwartet heruntergefahren.

Error: (11/17/2015 07:20:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/16/2015 10:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/16/2015 10:47:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎16.‎11.‎2015 um 22:22:02 unerwartet heruntergefahren.

Error: (11/16/2015 10:45:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session2 erreicht.


CodeIntegrity:
===================================
  Date: 2015-11-16 19:23:54.795
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-15 15:31:29.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-14 13:34:23.508
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-13 18:01:03.868
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-13 07:37:13.300
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-12 21:33:17.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-12 21:33:17.230
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-12 21:33:16.908
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-12 21:33:16.456
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-11-12 21:33:16.174
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD E-350 Processor
Prozentuale Nutzung des RAM: 78%
Installierter physikalischer RAM: 1643.98 MB
Verfügbarer physikalischer RAM: 347.43 MB
Summe virtueller Speicher: 3051.98 MB
Verfügbarer virtueller Speicher: 946.65 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:453.38 GB) (Free:399.43 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.84 GB) (Free:1.43 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 840D9F1E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 18.11.2015, 16:57   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Facebook virus - Standard

Facebook virus



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.11.2015, 21:27   #5
misterfuxi
 
Facebook virus - Standard

Facebook virus



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.11.18.06
  rootkit: v2015.11.14.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16590
Hons :: HONS-HP [administrator]

18.11.2015 19:27:08
mbar-log-2015-11-18 (19-27-08).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 0
Time elapsed: 32 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         


Alt 19.11.2015, 16:13   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Facebook virus - Standard

Facebook virus



TDSSKiller?
__________________
--> Facebook virus

Alt 19.11.2015, 19:21   #7
misterfuxi
 
Facebook virus - Standard

Facebook virus



Code:
ATTFilter
19:14:08.0459 0x0b10  TDSS rootkit removing tool 3.1.0.6 Nov 16 2015 12:17:23
19:14:11.0863 0x0b10  ============================================================
19:14:11.0863 0x0b10  Current date / time: 2015/11/19 19:14:11.0863
19:14:11.0863 0x0b10  SystemInfo:
19:14:11.0863 0x0b10  
19:14:11.0863 0x0b10  OS Version: 10.0.10240 ServicePack: 0.0
19:14:11.0863 0x0b10  Product type: Workstation
19:14:11.0863 0x0b10  ComputerName: HONS-HP
19:14:11.0863 0x0b10  UserName: Hons
19:14:11.0863 0x0b10  Windows directory: C:\WINDOWS
19:14:11.0863 0x0b10  System windows directory: C:\WINDOWS
19:14:11.0863 0x0b10  Running under WOW64
19:14:11.0863 0x0b10  Processor architecture: Intel x64
19:14:11.0863 0x0b10  Number of processors: 2
19:14:11.0863 0x0b10  Page size: 0x1000
19:14:11.0863 0x0b10  Boot type: Normal boot
19:14:11.0863 0x0b10  ============================================================
19:14:13.0441 0x0b10  KLMD registered as C:\WINDOWS\system32\drivers\68298117.sys
19:14:16.0088 0x0b10  System UUID: {29A68F63-F2A5-C3AB-946F-C758C6D07E2E}
19:14:18.0288 0x0b10  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:14:18.0337 0x0b10  ============================================================
19:14:18.0337 0x0b10  \Device\Harddisk0\DR0:
19:14:18.0337 0x0b10  MBR partitions:
19:14:18.0338 0x0b10  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:14:18.0338 0x0b10  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38AC3000
19:14:18.0338 0x0b10  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38BD6800, BlocksNum 0x17AF000
19:14:18.0338 0x0b10  ============================================================
19:14:18.0380 0x0b10  C: <-> \Device\Harddisk0\DR0\Partition2
19:14:18.0434 0x0b10  D: <-> \Device\Harddisk0\DR0\Partition3
19:14:18.0435 0x0b10  ============================================================
19:14:18.0436 0x0b10  Initialize success
19:14:18.0436 0x0b10  ============================================================
19:15:09.0629 0x1088  ============================================================
19:15:09.0629 0x1088  Scan started
19:15:09.0629 0x1088  Mode: Manual; SigCheck; TDLFS; 
19:15:09.0629 0x1088  ============================================================
19:15:09.0629 0x1088  KSN ping started
19:15:12.0427 0x1088  KSN ping finished: true
19:15:17.0343 0x1088  ================ Scan system memory ========================
19:15:17.0343 0x1088  System memory - ok
19:15:17.0345 0x1088  ================ Scan services =============================
19:15:17.0681 0x1088  [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:15:18.0449 0x1088  1394ohci - ok
19:15:18.0556 0x1088  [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:15:18.0636 0x1088  3ware - ok
19:15:19.0186 0x1088  [ BBFD6BC7E79989B69F0998D0FEF4E6B8, 2283EC51F26AE34C79679741A220F0FF45703EB5F83823DF64F7AEA24A1966BA ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
19:15:19.0695 0x1088  a2AntiMalware - ok
19:15:19.0789 0x1088  [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:15:19.0887 0x1088  ACPI - ok
         
Code:
ATTFilter
19:15:19.0948 0x1088  [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:15:20.0023 0x1088  acpiex - ok
19:15:20.0053 0x1088  [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:15:20.0155 0x1088  acpipagr - ok
19:15:20.0197 0x1088  [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:15:20.0352 0x1088  AcpiPmi - ok
19:15:20.0376 0x1088  [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:15:20.0482 0x1088  acpitime - ok
19:15:20.0597 0x1088  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:15:20.0688 0x1088  AdobeARMservice - ok
19:15:21.0041 0x1088  [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:15:21.0133 0x1088  AdobeFlashPlayerUpdateSvc - ok
19:15:21.0269 0x1088  [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:15:21.0414 0x1088  ADP80XX - ok
19:15:21.0482 0x1088  [ A3D96563BF46FC8A0E5756B796127D14, BAD3C30714F6514D2AF725077A79FF671CC022E415786E1666C0B7C24CE3670A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:15:21.0585 0x1088  AFD - ok
19:15:21.0631 0x1088  [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
19:15:21.0695 0x1088  agp440 - ok
19:15:21.0744 0x1088  [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:15:21.0904 0x1088  ahcache - ok
19:15:21.0955 0x1088  [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
19:15:22.0093 0x1088  AJRouter - ok
19:15:22.0153 0x1088  [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG             C:\WINDOWS\System32\alg.exe
19:15:22.0277 0x1088  ALG - ok
19:15:22.0326 0x1088  [ 20F4B8ABC30C1F02B513AFA8FF1AD105, AF556DAAE41A0C01128AFD07419B2352E84865021A641106AE9CD145E9BDFC09 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
19:15:22.0404 0x1088  AMD External Events Utility - ok
19:15:22.0502 0x1088  [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
19:15:22.0768 0x1088  AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
19:15:25.0169 0x1088  Detect skipped due to KSN trusted
19:15:25.0169 0x1088  AMD FUEL Service - ok
19:15:25.0256 0x1088  [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:15:25.0405 0x1088  AmdK8 - ok
19:15:25.0426 0x1088  amdkmdag - ok
19:15:25.0584 0x1088  [ B44E4A2ABBF61755E611A86D3B13B15F, 80D643998FFEC0F3D3A8087151A9B82A3A04A70FFFD05DF98508A1E34470284C ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
19:15:25.0689 0x1088  amdkmdap - ok
19:15:25.0724 0x1088  [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:15:25.0828 0x1088  AmdPPM - ok
19:15:25.0866 0x1088  [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:15:25.0929 0x1088  amdsata - ok
19:15:25.0981 0x1088  [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:15:26.0060 0x1088  amdsbs - ok
19:15:26.0090 0x1088  [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:15:26.0150 0x1088  amdxata - ok
19:15:26.0208 0x1088  [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7, B8953CC6B833E76F1483EFDB0198F14FA43E530D1A9FEA33260FD2EDB811B230 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
19:15:26.0261 0x1088  amd_sata - ok
19:15:26.0284 0x1088  [ 23726116B4FBCC84FC45B95157C08F5F, BCF1762FFB36D3846628917DC86CF26A83BDFE7D3DE54F8D6B1B1D3AC3E73F02 ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
19:15:26.0339 0x1088  amd_xata - ok
19:15:26.0442 0x1088  [ E4AFE476D9F758514A8A571DF6A24372, A37055A2CDB577CC8B76D4B020924A6C68D94166C1C9A64F7C0E9E16692709FC ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
19:15:26.0662 0x1088  AppHostSvc - ok
19:15:26.0695 0x1088  [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:15:26.0763 0x1088  AppID - ok
19:15:26.0819 0x1088  [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:15:26.0990 0x1088  AppIDSvc - ok
19:15:27.0020 0x1088  [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:15:27.0119 0x1088  Appinfo - ok
19:15:27.0261 0x1088  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:15:27.0312 0x1088  Apple Mobile Device Service - ok
19:15:27.0393 0x1088  [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:15:27.0634 0x1088  AppReadiness - ok
19:15:27.0835 0x1088  [ 43BE4036BC793A48BB0021B0FFF943CF, 233102A2B0D4B0527C6C2894EA5D14D556AD4C00BCFFC4E2B171F8B9DD200BAA ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:15:28.0208 0x1088  AppXSvc - ok
19:15:28.0255 0x1088  [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:15:28.0335 0x1088  arcsas - ok
19:15:28.0489 0x1088  [ BD63768F58666341BE007DAA21B3A063, 1D6112E97042E19E4D916AA22F8AEB7FCC2F36CA45F55049D77042DAF3B8847C ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:15:28.0554 0x1088  aspnet_state - ok
19:15:28.0582 0x1088  [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
19:15:28.0702 0x1088  AsyncMac - ok
19:15:28.0734 0x1088  [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:15:28.0794 0x1088  atapi - ok
19:15:28.0899 0x1088  [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:15:29.0447 0x1088  AudioEndpointBuilder - ok
19:15:29.0539 0x1088  [ 6300722E8527EC54D426FD00EE5196B2, 71376BE797E8F3E2E671167DA400239D5289DE7EE56CF29564C98715B9DB1D09 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:15:29.0753 0x1088  Audiosrv - ok
19:15:29.0798 0x1088  [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:15:29.0908 0x1088  AxInstSV - ok
19:15:29.0969 0x1088  [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:15:30.0068 0x1088  b06bdrv - ok
19:15:30.0097 0x1088  [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:15:30.0235 0x1088  BasicDisplay - ok
19:15:30.0279 0x1088  [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:15:30.0391 0x1088  BasicRender - ok
19:15:30.0418 0x1088  [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:15:30.0469 0x1088  bcmfn2 - ok
19:15:30.0552 0x1088  [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:15:30.0723 0x1088  BDESVC - ok
19:15:30.0763 0x1088  [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:15:30.0894 0x1088  Beep - ok
19:15:30.0969 0x1088  [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE             C:\WINDOWS\System32\bfe.dll
19:15:31.0182 0x1088  BFE - ok
19:15:31.0398 0x1088  [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS            C:\WINDOWS\System32\qmgr.dll
19:15:31.0710 0x1088  BITS - ok
19:15:31.0791 0x1088  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:15:31.0864 0x1088  Bonjour Service - ok
19:15:31.0932 0x1088  [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:15:32.0070 0x1088  bowser - ok
19:15:32.0137 0x1088  [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:15:32.0384 0x1088  BrokerInfrastructure - ok
19:15:32.0460 0x1088  [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser         C:\WINDOWS\System32\browser.dll
19:15:32.0635 0x1088  Browser - ok
19:15:32.0707 0x1088  [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:15:32.0854 0x1088  BthAvrcpTg - ok
19:15:32.0899 0x1088  [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:15:33.0180 0x1088  BthHFEnum - ok
19:15:33.0262 0x1088  [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:15:33.0351 0x1088  bthhfhid - ok
19:15:33.0438 0x1088  [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
19:15:33.0547 0x1088  BthHFSrv - ok
19:15:33.0579 0x1088  [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:15:33.0681 0x1088  BTHMODEM - ok
19:15:33.0720 0x1088  [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:15:33.0839 0x1088  bthserv - ok
19:15:33.0886 0x1088  [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:15:34.0155 0x1088  buttonconverter - ok
19:15:34.0199 0x1088  [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
19:15:34.0291 0x1088  CapImg - ok
19:15:34.0328 0x1088  [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:15:34.0435 0x1088  cdfs - ok
19:15:34.0511 0x1088  [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
19:15:34.0725 0x1088  CDPSvc - ok
19:15:34.0755 0x1088  [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:15:34.0856 0x1088  cdrom - ok
19:15:34.0924 0x1088  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:15:35.0040 0x1088  CertPropSvc - ok
19:15:35.0090 0x1088  [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:15:35.0219 0x1088  circlass - ok
19:15:35.0310 0x1088  [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:15:35.0395 0x1088  CLFS - ok
19:15:35.0505 0x1088  [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
19:15:35.0608 0x1088  ClipSVC - ok
19:15:35.0673 0x1088  [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:15:35.0778 0x1088  CmBatt - ok
19:15:35.0859 0x1088  [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:15:35.0961 0x1088  CNG - ok
19:15:35.0991 0x1088  [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:15:36.0056 0x1088  cnghwassist - ok
19:15:36.0211 0x1088  [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
19:15:36.0308 0x1088  CompositeBus - ok
19:15:36.0323 0x1088  COMSysApp - ok
19:15:36.0351 0x1088  [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:15:36.0475 0x1088  condrv - ok
19:15:36.0611 0x1088  [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:15:36.0730 0x1088  CoreMessagingRegistrar - ok
19:15:36.0797 0x1088  [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:15:36.0924 0x1088  CryptSvc - ok
19:15:36.0964 0x1088  [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:15:37.0060 0x1088  dam - ok
19:15:37.0170 0x1088  dbupdate - ok
19:15:37.0183 0x1088  dbupdatem - ok
19:15:37.0326 0x1088  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:15:37.0689 0x1088  DcomLaunch - ok
19:15:37.0759 0x1088  [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
19:15:37.0900 0x1088  DcpSvc - ok
19:15:38.0010 0x1088  [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:15:38.0168 0x1088  defragsvc - ok
19:15:38.0278 0x1088  [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:15:38.0420 0x1088  DeviceAssociationService - ok
19:15:38.0488 0x1088  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:15:38.0619 0x1088  DeviceInstall - ok
19:15:38.0671 0x1088  [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
19:15:38.0817 0x1088  DevQueryBroker - ok
19:15:38.0898 0x1088  [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:15:39.0003 0x1088  Dfsc - ok
19:15:39.0081 0x1088  [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:15:39.0267 0x1088  Dhcp - ok
19:15:39.0385 0x1088  [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:15:39.0470 0x1088  diagnosticshub.standardcollector.service - ok
19:15:39.0663 0x1088  [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
19:15:39.0842 0x1088  DiagTrack - ok
19:15:39.0914 0x1088  [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:15:39.0989 0x1088  disk - ok
19:15:40.0041 0x1088  [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:15:40.0258 0x1088  DmEnrollmentSvc - ok
19:15:40.0379 0x1088  [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:15:40.0532 0x1088  dmvsc - ok
19:15:40.0594 0x1088  [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:15:40.0710 0x1088  dmwappushservice - ok
19:15:40.0798 0x1088  [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:15:40.0908 0x1088  Dnscache - ok
19:15:41.0006 0x1088  [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:15:41.0126 0x1088  dot3svc - ok
19:15:41.0184 0x1088  [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS             C:\WINDOWS\system32\dps.dll
19:15:41.0319 0x1088  DPS - ok
19:15:41.0359 0x1088  [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:15:41.0424 0x1088  drmkaud - ok
19:15:41.0476 0x1088  [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:15:41.0602 0x1088  DsmSvc - ok
19:15:41.0666 0x1088  [ D920A8B070A9BA5C9DEFC3BA7C3883B5, 8EA05CDE58930EB16B4B502561AF2DB5229658FDC1948A9A8F249A7402C21398 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
19:15:41.0813 0x1088  DsSvc - ok
19:15:41.0979 0x1088  [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:15:42.0206 0x1088  DXGKrnl - ok
19:15:42.0272 0x1088  [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:15:42.0366 0x1088  Eaphost - ok
19:15:42.0619 0x1088  [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:15:42.0942 0x1088  ebdrv - ok
19:15:43.0006 0x1088  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS             C:\WINDOWS\System32\lsass.exe
19:15:43.0111 0x1088  EFS - ok
19:15:43.0166 0x1088  [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:15:43.0235 0x1088  EhStorClass - ok
19:15:43.0266 0x1088  [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:15:43.0338 0x1088  EhStorTcgDrv - ok
19:15:43.0398 0x1088  [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
19:15:43.0522 0x1088  embeddedmode - ok
19:15:43.0589 0x1088  [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:15:43.0764 0x1088  EntAppSvc - ok
19:15:43.0811 0x1088  [ CA4ADE6C3929B70317BFDDF9ABBFE0CE, 824F3D26FDFBA38A5191C78E68379D48C915FB6F82BD353A1D5416537F8A0A42 ] epp64           C:\WINDOWS\system32\DRIVERS\epp64.sys
19:15:43.0874 0x1088  epp64 - ok
19:15:43.0901 0x1088  [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:15:44.0020 0x1088  ErrDev - ok
19:15:44.0138 0x1088  [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem     C:\WINDOWS\system32\es.dll
19:15:44.0307 0x1088  EventSystem - ok
19:15:44.0372 0x1088  [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:15:44.0532 0x1088  exfat - ok
19:15:44.0583 0x1088  [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:15:44.0666 0x1088  fastfat - ok
19:15:44.0787 0x1088  [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:15:44.0990 0x1088  Fax - ok
19:15:45.0046 0x1088  [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc           C:\WINDOWS\System32\drivers\fcvsc.sys
19:15:45.0137 0x1088  fcvsc - ok
19:15:45.0165 0x1088  [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:15:45.0250 0x1088  fdc - ok
19:15:45.0293 0x1088  [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:15:45.0422 0x1088  fdPHost - ok
19:15:45.0444 0x1088  [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:15:45.0545 0x1088  FDResPub - ok
19:15:45.0578 0x1088  [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:15:45.0685 0x1088  fhsvc - ok
19:15:45.0730 0x1088  [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
19:15:45.0810 0x1088  FileCrypt - ok
19:15:45.0859 0x1088  [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:15:45.0937 0x1088  FileInfo - ok
19:15:45.0971 0x1088  [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:15:46.0080 0x1088  Filetrace - ok
19:15:46.0111 0x1088  [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:15:46.0185 0x1088  flpydisk - ok
19:15:46.0239 0x1088  [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:15:46.0343 0x1088  FltMgr - ok
19:15:46.0491 0x1088  [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:15:47.0090 0x1088  FontCache - ok
19:15:47.0170 0x1088  [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:15:47.0257 0x1088  FontCache3.0.0.0 - ok
19:15:47.0304 0x1088  [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:15:47.0374 0x1088  FsDepends - ok
19:15:47.0401 0x1088  [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:15:47.0469 0x1088  Fs_Rec - ok
19:15:47.0539 0x1088  [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:15:47.0651 0x1088  fvevol - ok
19:15:47.0711 0x1088  [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
19:15:47.0780 0x1088  gagp30kx - ok
19:15:47.0851 0x1088  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:15:47.0911 0x1088  GamesAppService - ok
19:15:47.0964 0x1088  [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:15:48.0109 0x1088  gencounter - ok
19:15:48.0149 0x1088  [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
19:15:48.0258 0x1088  genericusbfn - ok
19:15:48.0319 0x1088  [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:15:48.0392 0x1088  GPIOClx0101 - ok
19:15:48.0610 0x1088  [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:15:48.0848 0x1088  gpsvc - ok
19:15:48.0902 0x1088  [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:15:49.0020 0x1088  GpuEnergyDrv - ok
19:15:49.0068 0x1088  [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:15:49.0154 0x1088  HDAudBus - ok
19:15:49.0183 0x1088  [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:15:49.0279 0x1088  HidBatt - ok
19:15:49.0316 0x1088  [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:15:49.0446 0x1088  HidBth - ok
19:15:49.0494 0x1088  [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:15:49.0617 0x1088  hidi2c - ok
19:15:49.0671 0x1088  [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:15:49.0738 0x1088  hidinterrupt - ok
19:15:49.0770 0x1088  [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:15:49.0863 0x1088  HidIr - ok
19:15:49.0914 0x1088  [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:15:50.0018 0x1088  hidserv - ok
19:15:50.0050 0x1088  [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:15:50.0186 0x1088  HidUsb - ok
19:15:50.0254 0x1088  [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:15:50.0399 0x1088  HomeGroupListener - ok
19:15:50.0472 0x1088  [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:15:50.0603 0x1088  HomeGroupProvider - ok
19:15:50.0706 0x1088  [ 6A181452D4E240B8ECC7614B9A19BDE9, 3E458A737DA597DF007D278E9D81F2BF259AB4B97A4C188CEDAEA1F144B1074F ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:15:50.0937 0x1088  HPClientSvc - ok
19:15:50.0989 0x1088  [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:15:51.0051 0x1088  HpSAMD - ok
19:15:51.0188 0x1088  [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:15:51.0321 0x1088  HTTP - ok
19:15:51.0356 0x1088  [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:15:51.0429 0x1088  hwpolicy - ok
19:15:51.0474 0x1088  [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:15:51.0566 0x1088  hyperkbd - ok
19:15:51.0603 0x1088  [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:15:51.0693 0x1088  HyperVideo - ok
19:15:51.0755 0x1088  [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:15:51.0883 0x1088  i8042prt - ok
19:15:51.0926 0x1088  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:15:51.0999 0x1088  iaLPSSi_GPIO - ok
19:15:52.0037 0x1088  [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:15:52.0109 0x1088  iaLPSSi_I2C - ok
19:15:52.0190 0x1088  [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:15:52.0299 0x1088  iaStorAV - ok
         
Code:
ATTFilter
19:15:52.0394 0x1088  [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:15:52.0495 0x1088  iaStorV - ok
19:15:52.0556 0x1088  [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
19:15:52.0647 0x1088  ibbus - ok
19:15:52.0702 0x1088  [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
19:15:52.0926 0x1088  icssvc - ok
19:15:52.0965 0x1088  IEEtwCollectorService - ok
19:15:53.0136 0x1088  [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:15:53.0348 0x1088  IKEEXT - ok
19:15:53.0880 0x1088  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:15:54.0240 0x1088  IntcAzAudAddService - ok
19:15:54.0294 0x1088  [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:15:54.0353 0x1088  intelide - ok
19:15:54.0390 0x1088  [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:15:54.0452 0x1088  intelpep - ok
19:15:54.0494 0x1088  [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:15:54.0613 0x1088  intelppm - ok
19:15:54.0666 0x1088  [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
19:15:54.0797 0x1088  IoQos - ok
19:15:54.0875 0x1088  [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:15:55.0052 0x1088  IpFilterDriver - ok
19:15:55.0231 0x1088  [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:15:55.0427 0x1088  iphlpsvc - ok
19:15:55.0467 0x1088  [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:15:55.0607 0x1088  IPMIDRV - ok
19:15:55.0679 0x1088  [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:15:55.0769 0x1088  IPNAT - ok
19:15:55.0944 0x1088  [ 043A93A498B3C4A88CACA3BCBC9B54C7, C08C5A03940806C6CB75ADDCBE6183145AD2AFE84D77BC85E620E7C1542F0893 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:15:56.0028 0x1088  iPod Service - ok
19:15:56.0137 0x1088  [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:15:56.0236 0x1088  IRENUM - ok
19:15:56.0272 0x1088  [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:15:56.0333 0x1088  isapnp - ok
19:15:56.0441 0x1088  [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:15:56.0541 0x1088  iScsiPrt - ok
19:15:56.0617 0x1088  [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:15:56.0681 0x1088  kbdclass - ok
19:15:56.0721 0x1088  [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:15:56.0829 0x1088  kbdhid - ok
19:15:56.0856 0x1088  [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
19:15:56.0991 0x1088  kdnic - ok
19:15:57.0039 0x1088  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:15:57.0102 0x1088  KeyIso - ok
19:15:57.0142 0x1088  [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:15:57.0212 0x1088  KSecDD - ok
19:15:57.0285 0x1088  [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:15:57.0357 0x1088  KSecPkg - ok
19:15:57.0382 0x1088  [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:15:57.0474 0x1088  ksthunk - ok
19:15:57.0543 0x1088  [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:15:57.0702 0x1088  KtmRm - ok
19:15:57.0790 0x1088  [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:15:57.0922 0x1088  LanmanServer - ok
19:15:58.0018 0x1088  [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:15:58.0139 0x1088  LanmanWorkstation - ok
19:15:58.0208 0x1088  [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
19:15:58.0335 0x1088  lfsvc - ok
19:15:58.0391 0x1088  [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
19:15:58.0496 0x1088  LicenseManager - ok
19:15:58.0590 0x1088  [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
19:15:58.0685 0x1088  lltdio - ok
19:15:58.0769 0x1088  [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:15:58.0880 0x1088  lltdsvc - ok
19:15:58.0946 0x1088  [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:15:59.0067 0x1088  lmhosts - ok
19:15:59.0147 0x1088  [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:15:59.0230 0x1088  LSI_SAS - ok
19:15:59.0276 0x1088  [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:15:59.0344 0x1088  LSI_SAS2i - ok
19:15:59.0391 0x1088  [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:15:59.0455 0x1088  LSI_SAS3i - ok
19:15:59.0503 0x1088  [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:15:59.0566 0x1088  LSI_SSS - ok
19:15:59.0675 0x1088  [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM             C:\WINDOWS\System32\lsm.dll
19:15:59.0866 0x1088  LSM - ok
19:15:59.0914 0x1088  [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:16:00.0039 0x1088  luafv - ok
19:16:00.0087 0x1088  [ C06234DCDB1BFC0CF7E25CFAC5B7F5FE, 149A3880E1D58CC0768A174DF4E884F3A4432F935D134B5AE536B7020788F5D5 ] ManyCam         C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
19:16:00.0139 0x1088  ManyCam - ok
19:16:00.0202 0x1088  [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker      C:\WINDOWS\System32\moshost.dll
19:16:00.0501 0x1088  MapsBroker - ok
19:16:00.0553 0x1088  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:16:00.0603 0x1088  MBAMProtector - ok
19:16:00.0777 0x1088  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:16:00.0898 0x1088  MBAMService - ok
19:16:00.0933 0x1088  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:16:01.0004 0x1088  MBAMWebAccessControl - ok
19:16:01.0040 0x1088  [ 88B3BADFB02BE4471655EAF88DDC7EBD, F38D69B80A7670F85A9692A01D2D71A54BB413346C3523726E59D1282D349B83 ] mcaudrv_simple  C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
19:16:01.0102 0x1088  mcaudrv_simple - ok
19:16:01.0227 0x1088  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
19:16:01.0321 0x1088  McComponentHostService - ok
19:16:01.0383 0x1088  [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:16:01.0446 0x1088  megasas - ok
19:16:01.0555 0x1088  [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:16:01.0665 0x1088  megasr - ok
19:16:01.0774 0x1088  [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:16:01.0883 0x1088  mlx4_bus - ok
19:16:01.0946 0x1088  [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
19:16:02.0071 0x1088  MMCSS - ok
19:16:02.0118 0x1088  [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:16:02.0196 0x1088  Modem - ok
19:16:02.0259 0x1088  [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:16:02.0384 0x1088  monitor - ok
19:16:02.0415 0x1088  [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:16:02.0478 0x1088  mouclass - ok
19:16:02.0525 0x1088  [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:16:02.0618 0x1088  mouhid - ok
19:16:02.0681 0x1088  [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:16:02.0848 0x1088  mountmgr - ok
19:16:02.0918 0x1088  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:16:02.0983 0x1088  MozillaMaintenance - ok
19:16:03.0026 0x1088  [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:16:03.0564 0x1088  mpsdrv - ok
19:16:03.0662 0x1088  [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:16:04.0070 0x1088  MpsSvc - ok
19:16:04.0152 0x1088  [ 5B37FDC07159FE9F5F52399F7D78F60B, A0C20EB9A7918395A13A5E21917887DDC9897C475D33091B518354163CAE108A ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
19:16:04.0319 0x1088  MQAC - ok
19:16:04.0381 0x1088  [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:16:04.0490 0x1088  MRxDAV - ok
19:16:04.0569 0x1088  [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:16:04.0694 0x1088  mrxsmb - ok
19:16:04.0756 0x1088  [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:16:04.0881 0x1088  mrxsmb10 - ok
19:16:04.0944 0x1088  [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:16:05.0037 0x1088  mrxsmb20 - ok
19:16:05.0084 0x1088  [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
19:16:05.0194 0x1088  MsBridge - ok
19:16:05.0272 0x1088  [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:16:05.0381 0x1088  MSDTC - ok
19:16:05.0459 0x1088  [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:16:05.0537 0x1088  Msfs - ok
19:16:05.0616 0x1088  [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:16:05.0678 0x1088  msgpiowin32 - ok
19:16:05.0725 0x1088  [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:16:05.0819 0x1088  mshidkmdf - ok
19:16:05.0881 0x1088  [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:16:05.0975 0x1088  mshidumdf - ok
19:16:06.0006 0x1088  [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:16:06.0069 0x1088  msisadrv - ok
19:16:06.0131 0x1088  [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:16:06.0241 0x1088  MSiSCSI - ok
19:16:06.0272 0x1088  msiserver - ok
19:16:06.0335 0x1088  [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:16:06.0413 0x1088  MSKSSRV - ok
19:16:06.0506 0x1088  [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
19:16:06.0585 0x1088  MsLldp - ok
19:16:06.0647 0x1088  [ 85EBF0A28B8B132B67C84C6CE5EBAC29, D0012CF4822A3D16F7BF61C94C5650DC1ED310A0DD1A3333465D28C73D40ECDB ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
19:16:06.0741 0x1088  MSMQ - ok
19:16:06.0772 0x1088  [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:16:06.0850 0x1088  MSPCLOCK - ok
19:16:06.0897 0x1088  [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:16:06.0975 0x1088  MSPQM - ok
19:16:07.0038 0x1088  [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:16:07.0116 0x1088  MsRPC - ok
19:16:07.0210 0x1088  [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:16:07.0288 0x1088  mssmbios - ok
19:16:07.0319 0x1088  [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:16:07.0413 0x1088  MSTEE - ok
19:16:07.0460 0x1088  [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:16:07.0538 0x1088  MTConfig - ok
19:16:07.0600 0x1088  [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:16:07.0663 0x1088  Mup - ok
19:16:07.0710 0x1088  [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:16:07.0772 0x1088  mvumis - ok
19:16:07.0913 0x1088  [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:16:08.0225 0x1088  NativeWifiP - ok
19:16:08.0288 0x1088  [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:16:08.0428 0x1088  NcaSvc - ok
19:16:08.0491 0x1088  [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:16:08.0694 0x1088  NcbService - ok
19:16:08.0725 0x1088  [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:16:08.0866 0x1088  NcdAutoSetup - ok
19:16:08.0944 0x1088  [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
19:16:09.0007 0x1088  ndfltr - ok
19:16:09.0148 0x1088  [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:16:09.0288 0x1088  NDIS - ok
19:16:09.0335 0x1088  [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
19:16:09.0460 0x1088  NdisCap - ok
19:16:09.0507 0x1088  [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:16:09.0616 0x1088  NdisImPlatform - ok
19:16:09.0679 0x1088  [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:16:09.0773 0x1088  NdisTapi - ok
19:16:09.0820 0x1088  [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
19:16:09.0913 0x1088  Ndisuio - ok
19:16:09.0976 0x1088  [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:16:10.0054 0x1088  NdisVirtualBus - ok
19:16:10.0117 0x1088  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
19:16:10.0226 0x1088  NdisWan - ok
19:16:10.0273 0x1088  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:16:10.0351 0x1088  ndiswanlegacy - ok
19:16:10.0414 0x1088  [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:16:10.0507 0x1088  ndproxy - ok
19:16:10.0585 0x1088  [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:16:10.0742 0x1088  Ndu - ok
19:16:10.0788 0x1088  [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
19:16:10.0851 0x1088  NetBIOS - ok
19:16:10.0945 0x1088  [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:16:11.0070 0x1088  NetBT - ok
19:16:11.0117 0x1088  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:16:11.0195 0x1088  Netlogon - ok
19:16:11.0273 0x1088  [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman          C:\WINDOWS\System32\netman.dll
19:16:11.0383 0x1088  Netman - ok
19:16:11.0492 0x1088  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:11.0586 0x1088  NetMsmqActivator - ok
19:16:11.0633 0x1088  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:11.0679 0x1088  NetPipeActivator - ok
19:16:11.0773 0x1088  [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:16:11.0898 0x1088  netprofm - ok
19:16:11.0976 0x1088  [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
19:16:12.0195 0x1088  NetSetupSvc - ok
19:16:12.0258 0x1088  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:12.0336 0x1088  NetTcpActivator - ok
19:16:12.0367 0x1088  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:16:12.0429 0x1088  NetTcpPortSharing - ok
19:16:12.0492 0x1088  [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
19:16:12.0586 0x1088  netvsc - ok
19:16:12.0758 0x1088  [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
19:16:12.0898 0x1088  NgcCtnrSvc - ok
19:16:12.0945 0x1088  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc          C:\WINDOWS\system32\lsass.exe
19:16:13.0008 0x1088  NgcSvc - ok
19:16:13.0101 0x1088  [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:16:13.0321 0x1088  NlaSvc - ok
19:16:13.0400 0x1088  [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:16:13.0493 0x1088  Npfs - ok
19:16:13.0556 0x1088  [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:16:13.0665 0x1088  npsvctrig - ok
19:16:13.0743 0x1088  [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:16:13.0853 0x1088  nsi - ok
19:16:13.0884 0x1088  [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:16:13.0978 0x1088  nsiproxy - ok
19:16:14.0228 0x1088  [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
19:16:14.0457 0x1088  NTFS - ok
19:16:14.0521 0x1088  [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:16:14.0646 0x1088  Null - ok
19:16:14.0709 0x1088  [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:16:14.0787 0x1088  nvraid - ok
19:16:14.0834 0x1088  [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:16:14.0909 0x1088  nvstor - ok
19:16:14.0955 0x1088  [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
19:16:15.0026 0x1088  nv_agp - ok
19:16:15.0162 0x1088  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:16:15.0303 0x1088  odserv - ok
19:16:15.0381 0x1088  [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
19:16:15.0506 0x1088  OneSyncSvc - ok
19:16:15.0615 0x1088  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:16:15.0693 0x1088  ose - ok
19:16:15.0787 0x1088  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:16:15.0943 0x1088  p2pimsvc - ok
19:16:16.0021 0x1088  [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:16:16.0162 0x1088  p2psvc - ok
19:16:16.0241 0x1088  [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:16:16.0350 0x1088  Parport - ok
19:16:16.0397 0x1088  [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:16:16.0475 0x1088  partmgr - ok
19:16:16.0569 0x1088  [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:16:16.0663 0x1088  PcaSvc - ok
19:16:16.0804 0x1088  [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:16:16.0897 0x1088  pci - ok
19:16:16.0960 0x1088  [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:16:17.0022 0x1088  pciide - ok
19:16:17.0069 0x1088  [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:16:17.0147 0x1088  pcmcia - ok
19:16:17.0179 0x1088  [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:16:17.0241 0x1088  pcw - ok
19:16:17.0304 0x1088  [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:16:17.0382 0x1088  pdc - ok
19:16:17.0429 0x1088  pdfcDispatcher - ok
19:16:17.0600 0x1088  [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:16:17.0766 0x1088  PEAUTH - ok
19:16:17.0837 0x1088  [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
19:16:17.0915 0x1088  percsas2i - ok
19:16:17.0946 0x1088  [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
19:16:18.0025 0x1088  percsas3i - ok
19:16:18.0306 0x1088  [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:16:18.0853 0x1088  PerfHost - ok
19:16:19.0118 0x1088  [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:16:19.0385 0x1088  PimIndexMaintenanceSvc - ok
19:16:19.0682 0x1088  [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla             C:\WINDOWS\system32\pla.dll
19:16:19.0963 0x1088  pla - ok
19:16:20.0041 0x1088  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:16:20.0135 0x1088  PlugPlay - ok
19:16:20.0213 0x1088  [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:16:20.0291 0x1088  PNRPAutoReg - ok
19:16:20.0369 0x1088  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:16:20.0478 0x1088  PNRPsvc - ok
19:16:20.0557 0x1088  [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:16:20.0682 0x1088  PolicyAgent - ok
19:16:20.0775 0x1088  [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power           C:\WINDOWS\system32\umpo.dll
19:16:20.0869 0x1088  Power - ok
19:16:20.0947 0x1088  [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
19:16:21.0041 0x1088  PptpMiniport - ok
19:16:21.0526 0x1088  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:16:22.0745 0x1088  PrintNotify - ok
19:16:22.0823 0x1088  [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:16:22.0901 0x1088  Processor - ok
19:16:23.0089 0x1088  [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:16:23.0215 0x1088  ProfSvc - ok
19:16:23.0293 0x1088  [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
19:16:23.0356 0x1088  Psched - ok
19:16:23.0543 0x1088  [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:16:23.0700 0x1088  QWAVE - ok
19:16:23.0794 0x1088  [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:16:23.0903 0x1088  QWAVEdrv - ok
19:16:23.0965 0x1088  [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:16:24.0090 0x1088  RasAcd - ok
19:16:24.0153 0x1088  [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
19:16:24.0262 0x1088  RasAgileVpn - ok
19:16:24.0325 0x1088  [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:16:24.0434 0x1088  RasAuto - ok
19:16:24.0497 0x1088  [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
19:16:24.0606 0x1088  Rasl2tp - ok
19:16:24.0809 0x1088  [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:16:24.0997 0x1088  RasMan - ok
19:16:25.0059 0x1088  [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
19:16:25.0153 0x1088  RasPppoe - ok
19:16:25.0219 0x1088  [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
19:16:25.0329 0x1088  RasSstp - ok
19:16:25.0422 0x1088  [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:16:25.0594 0x1088  rdbss - ok
19:16:25.0688 0x1088  [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:16:25.0876 0x1088  rdpbus - ok
19:16:25.0938 0x1088  [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:16:26.0032 0x1088  RDPDR - ok
19:16:26.0157 0x1088  [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:16:26.0235 0x1088  RdpVideoMiniport - ok
19:16:26.0329 0x1088  [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:16:26.0422 0x1088  rdyboost - ok
19:16:26.0672 0x1088  [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
19:16:26.0876 0x1088  ReFSv1 - ok
19:16:27.0063 0x1088  [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:16:27.0252 0x1088  RemoteAccess - ok
19:16:27.0330 0x1088  [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:16:27.0455 0x1088  RemoteRegistry - ok
19:16:27.0627 0x1088  [ DF84555A734BA2BDA55BCCCC47095ADD, 639814A7F5B758792FE6D84E3FF312F9CE9DACB21B93EA43394DC7A04526CB81 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
19:16:27.0924 0x1088  RetailDemo - ok
19:16:27.0987 0x1088  [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:16:28.0065 0x1088  RpcEptMapper - ok
19:16:28.0174 0x1088  [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:16:28.0283 0x1088  RpcLocator - ok
19:16:28.0393 0x1088  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:16:28.0565 0x1088  RpcSs - ok
19:16:28.0658 0x1088  [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
19:16:28.0768 0x1088  rspndr - ok
19:16:28.0862 0x1088  [ 179E6BCF8D16AD39C137CB4FCFE015C5, A1DF499AA378BDB1CB7F95ACC0C7D6929358AF4596A47FDEDFAE115461563CD5 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
19:16:29.0018 0x1088  rt640x64 - ok
19:16:29.0252 0x1088  [ 347E3CE270009E4C71B26E71ACF98106, E20ACC50C2B4B3FDB28A8FA144EBA02E835873123315FDB5A2C87CBAD95218F6 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
19:16:29.0346 0x1088  RtkAudioService - ok
19:16:29.0424 0x1088  [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:16:29.0502 0x1088  s3cap - ok
19:16:29.0549 0x1088  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:16:29.0612 0x1088  SamSs - ok
19:16:29.0690 0x1088  [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:16:29.0768 0x1088  sbp2port - ok
19:16:29.0846 0x1088  [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:16:29.0955 0x1088  SCardSvr - ok
19:16:30.0033 0x1088  [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:16:30.0143 0x1088  ScDeviceEnum - ok
19:16:30.0222 0x1088  [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:16:30.0331 0x1088  scfilter - ok
19:16:30.0550 0x1088  [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:16:30.0847 0x1088  Schedule - ok
19:16:30.0956 0x1088  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:16:31.0050 0x1088  SCPolicySvc - ok
19:16:31.0128 0x1088  [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:16:31.0222 0x1088  sdbus - ok
19:16:31.0300 0x1088  [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
19:16:31.0425 0x1088  SDRSVC - ok
19:16:31.0503 0x1088  [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:16:31.0581 0x1088  sdstor - ok
19:16:31.0659 0x1088  [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:16:31.0814 0x1088  seclogon - ok
19:16:31.0877 0x1088  [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS            C:\WINDOWS\System32\sens.dll
19:16:32.0002 0x1088  SENS - ok
19:16:32.0183 0x1088  [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:16:32.0576 0x17ac  Object required for P2P: [ 6300722E8527EC54D426FD00EE5196B2 ] Audiosrv
19:16:32.0763 0x1088  SensorDataService - ok
19:16:32.0888 0x1088  [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService   C:\WINDOWS\system32\SensorService.dll
19:16:33.0154 0x1088  SensorService - ok
19:16:33.0232 0x1088  [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:16:33.0368 0x1088  SensrSvc - ok
19:16:33.0446 0x1088  [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:16:33.0509 0x1088  SerCx - ok
19:16:33.0572 0x1088  [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:16:33.0650 0x1088  SerCx2 - ok
19:16:33.0697 0x1088  [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:16:33.0790 0x1088  Serenum - ok
19:16:33.0853 0x1088  [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:16:33.0947 0x1088  Serial - ok
19:16:33.0994 0x1088  [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:16:34.0103 0x1088  sermouse - ok
19:16:34.0291 0x1088  [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:16:34.0432 0x1088  SessionEnv - ok
19:16:34.0573 0x1088  [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:16:34.0651 0x1088  sfloppy - ok
19:16:34.0838 0x1088  [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:16:34.0979 0x1088  SharedAccess - ok
19:16:35.0057 0x17ac  Object send P2P result: true
19:16:35.0104 0x1088  [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:16:35.0285 0x1088  ShellHWDetection - ok
19:16:35.0341 0x1088  [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:16:35.0411 0x1088  SiSRaid2 - ok
19:16:35.0455 0x1088  [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:16:35.0523 0x1088  SiSRaid4 - ok
19:16:35.0621 0x1088  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:16:35.0698 0x1088  SkypeUpdate - ok
19:16:35.0788 0x1088  [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost         C:\WINDOWS\System32\smphost.dll
19:16:35.0899 0x1088  smphost - ok
19:16:35.0991 0x1088  [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
19:16:36.0144 0x1088  SmsRouter - ok
19:16:36.0317 0x1088  [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:16:36.0410 0x1088  SNMPTRAP - ok
19:16:36.0535 0x1088  [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:16:36.0629 0x1088  spaceport - ok
19:16:36.0691 0x1088  [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:16:36.0770 0x1088  SpbCx - ok
19:16:36.0879 0x1088  [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:16:37.0051 0x1088  Spooler - ok
19:16:37.0645 0x1088  [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:16:38.0192 0x1088  sppsvc - ok
19:16:38.0302 0x1088  [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:16:38.0427 0x1088  srv - ok
19:16:38.0520 0x1088  [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:16:38.0677 0x1088  srv2 - ok
19:16:38.0739 0x1088  [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:16:38.0833 0x1088  srvnet - ok
19:16:38.0927 0x1088  [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:16:39.0036 0x1088  SSDPSRV - ok
19:16:39.0161 0x1088  [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:16:39.0271 0x1088  SstpSvc - ok
19:16:39.0631 0x1088  [ 78760751FBCB900F6F68CA1700DAE2DC, 356914797056B11745E18ECD033B8DC801C3C3DD6C5127FCD430A02C4FDD34A9 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:16:40.0037 0x1088  StateRepository - ok
19:16:40.0099 0x1088  [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:16:40.0162 0x1088  stexstor - ok
19:16:40.0271 0x1088  [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:16:40.0412 0x1088  stisvc - ok
19:16:40.0490 0x1088  [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:16:40.0553 0x1088  storahci - ok
19:16:40.0631 0x1088  [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
19:16:40.0709 0x1088  storflt - ok
19:16:40.0787 0x1088  [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:16:40.0849 0x1088  stornvme - ok
19:16:40.0928 0x1088  [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
19:16:41.0115 0x1088  storqosflt - ok
19:16:41.0178 0x1088  [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:16:41.0350 0x1088  StorSvc - ok
19:16:41.0412 0x1088  [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
19:16:41.0491 0x1088  storufs - ok
19:16:41.0553 0x1088  [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:16:41.0616 0x1088  storvsc - ok
19:16:41.0694 0x1088  [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:16:41.0787 0x1088  svsvc - ok
19:16:42.0459 0x1088  [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
19:16:42.0522 0x1088  swenum - ok
19:16:42.0616 0x1088  [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv           C:\WINDOWS\System32\swprv.dll
19:16:42.0787 0x1088  swprv - ok
19:16:42.0881 0x1088  [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:16:42.0975 0x1088  Synth3dVsc - ok
19:16:43.0178 0x1088  [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:16:43.0584 0x1088  SysMain - ok
19:16:43.0678 0x1088  [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:16:43.0881 0x1088  SystemEventsBroker - ok
19:16:43.0975 0x1088  [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:16:44.0275 0x1088  TabletInputService - ok
19:16:44.0385 0x1088  [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:16:44.0494 0x1088  TapiSrv - ok
19:16:44.0686 0x1088  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:16:44.0967 0x1088  Tcpip - ok
19:16:45.0348 0x1088  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
19:16:45.0579 0x1088  Tcpip6 - ok
19:16:45.0695 0x1088  [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:16:45.0804 0x1088  tcpipreg - ok
19:16:45.0902 0x1088  [ D42AC03ACF9CA67693D1D9BB4D2A0BC8, D39D5180F3CDB23B4551A8C98F3C92A960B4CC9FA48E0FE11A6D89B0C247783F ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:16:45.0991 0x1088  tdx - ok
19:16:46.0053 0x1088  [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:16:46.0116 0x1088  terminpt - ok
19:16:46.0334 0x1088  [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService     C:\WINDOWS\System32\termsrv.dll
19:16:46.0522 0x1088  TermService - ok
19:16:46.0616 0x1088  [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:16:46.0725 0x1088  Themes - ok
19:16:46.0850 0x1088  [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:16:47.0084 0x1088  tiledatamodelsvc - ok
19:16:47.0178 0x1088  [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
19:16:47.0303 0x1088  TimeBroker - ok
19:16:47.0397 0x1088  [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
19:16:47.0475 0x1088  TPM - ok
19:16:47.0569 0x1088  [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:16:47.0662 0x1088  TrkWks - ok
19:16:47.0787 0x1088  [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:16:47.0928 0x1088  TrustedInstaller - ok
19:16:48.0036 0x1088  [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:16:48.0161 0x1088  TsUsbFlt - ok
19:16:48.0208 0x1088  [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:16:48.0302 0x1088  TsUsbGD - ok
19:16:48.0396 0x1088  [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
19:16:48.0630 0x1088  tunnel - ok
19:16:48.0693 0x1088  [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
19:16:48.0755 0x1088  uagp35 - ok
19:16:48.0865 0x1088  [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:16:48.0927 0x1088  UASPStor - ok
19:16:49.0021 0x1088  [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
19:16:49.0146 0x1088  UcmCx0101 - ok
19:16:49.0240 0x1088  [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:16:49.0522 0x1088  UcmUcsi - ok
19:16:49.0584 0x1088  [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
19:16:49.0662 0x1088  Ucx01000 - ok
19:16:49.0729 0x1088  [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
19:16:49.0851 0x1088  UdeCx - ok
19:16:49.0929 0x1088  [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:16:50.0054 0x1088  udfs - ok
19:16:50.0116 0x1088  [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:16:50.0179 0x1088  UEFI - ok
19:16:50.0241 0x1088  [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
19:16:50.0319 0x1088  Ufx01000 - ok
19:16:50.0366 0x1088  [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:16:50.0429 0x1088  UfxChipidea - ok
19:16:50.0491 0x1088  [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:16:50.0569 0x1088  ufxsynopsys - ok
19:16:50.0726 0x1088  [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:16:50.0819 0x1088  UI0Detect - ok
19:16:50.0882 0x1088  [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
19:16:50.0960 0x1088  uliagpkx - ok
19:16:51.0038 0x1088  [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:16:51.0163 0x1088  umbus - ok
19:16:51.0226 0x1088  [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:16:51.0321 0x1088  UmPass - ok
         

Alt 19.11.2015, 19:22   #8
misterfuxi
 
Facebook virus - Standard

Facebook virus



Code:
ATTFilter
19:16:51.0415 0x1088  [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:16:51.0539 0x1088  UmRdpService - ok
19:16:51.0680 0x1088  [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
19:16:51.0914 0x1088  UnistoreSvc - ok
19:16:52.0196 0x1088  [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:16:52.0352 0x1088  upnphost - ok
19:16:52.0430 0x1088  [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
19:16:52.0493 0x1088  UrsChipidea - ok
19:16:52.0555 0x1088  [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
19:16:52.0618 0x1088  UrsCx01000 - ok
19:16:52.0696 0x1088  [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
19:16:52.0758 0x1088  UrsSynopsys - ok
19:16:52.0821 0x1088  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:16:53.0039 0x1088  USBAAPL64 - ok
19:16:53.0118 0x1088  [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:16:53.0211 0x1088  usbccgp - ok
19:16:53.0289 0x1088  [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:16:53.0399 0x1088  usbcir - ok
19:16:53.0571 0x1088  [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:16:53.0664 0x1088  usbehci - ok
19:16:53.0868 0x1088  [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:16:53.0993 0x1088  usbhub - ok
19:16:54.0149 0x1088  [ C08449092043601887A1743350888635, 5CD916649D2CD8823B89C9E7459AD76AA8E54D70B6D9F40AD4A41144E22ACBE0 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:16:54.0289 0x1088  USBHUB3 - ok
19:16:54.0383 0x1088  [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:16:54.0680 0x1088  usbohci - ok
19:16:54.0727 0x1088  [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:16:54.0821 0x1088  usbprint - ok
19:16:54.0915 0x1088  [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
19:16:55.0196 0x1088  usbser - ok
19:16:55.0258 0x1088  [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:16:55.0329 0x1088  USBSTOR - ok
19:16:55.0423 0x1088  [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:16:55.0516 0x1088  usbuhci - ok
19:16:55.0595 0x1088  [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:16:55.0673 0x1088  USBXHCI - ok
19:16:55.0813 0x1088  [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
19:16:56.0048 0x1088  UserDataSvc - ok
19:16:56.0266 0x1088  [ 19DB66E644058AA880AE20144FA40839, 3622EBD3E203C436000947666E7CDF9B075951CC1929241CCCDB123F55F93E46 ] UserManager     C:\WINDOWS\System32\usermgr.dll
19:16:56.0470 0x1088  UserManager - ok
19:16:56.0595 0x1088  [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
19:16:56.0923 0x1088  UsoSvc - ok
19:16:56.0985 0x1088  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:16:57.0048 0x1088  VaultSvc - ok
19:16:57.0095 0x1088  [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:16:57.0157 0x1088  vdrvroot - ok
19:16:57.0298 0x1088  [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds             C:\WINDOWS\System32\vds.exe
19:16:57.0455 0x1088  vds - ok
19:16:57.0549 0x1088  [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:16:57.0627 0x1088  VerifierExt - ok
19:16:57.0783 0x1088  [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:16:57.0893 0x1088  vhdmp - ok
19:16:57.0940 0x1088  [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
19:16:58.0049 0x1088  vhf - ok
19:16:58.0143 0x1088  [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:16:58.0205 0x1088  vmbus - ok
19:16:58.0252 0x1088  [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:16:58.0330 0x1088  VMBusHID - ok
19:16:58.0440 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:16:58.0565 0x1088  vmicguestinterface - ok
19:16:58.0627 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
19:16:58.0752 0x1088  vmicheartbeat - ok
19:16:58.0815 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:16:58.0924 0x1088  vmickvpexchange - ok
19:16:59.0002 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
19:16:59.0127 0x1088  vmicrdv - ok
19:16:59.0221 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
19:16:59.0325 0x1088  vmicshutdown - ok
19:16:59.0424 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
19:16:59.0542 0x1088  vmictimesync - ok
19:16:59.0614 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
19:16:59.0738 0x1088  vmicvmsession - ok
19:16:59.0806 0x1088  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
19:16:59.0915 0x1088  vmicvss - ok
19:16:59.0978 0x1088  [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:17:00.0056 0x1088  volmgr - ok
19:17:00.0150 0x1088  [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:17:00.0265 0x1088  volmgrx - ok
19:17:00.0335 0x1088  [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:17:00.0429 0x1088  volsnap - ok
19:17:00.0488 0x1088  [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:17:00.0555 0x1088  vpci - ok
19:17:00.0619 0x1088  [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:17:00.0694 0x1088  vsmraid - ok
19:17:00.0838 0x1088  [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS             C:\WINDOWS\system32\vssvc.exe
19:17:01.0049 0x1088  VSS - ok
19:17:01.0158 0x1088  [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:17:01.0252 0x1088  VSTXRAID - ok
19:17:01.0315 0x1088  [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:17:01.0440 0x1088  vwifibus - ok
19:17:01.0486 0x1088  [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
19:17:01.0580 0x1088  vwififlt - ok
19:17:01.0721 0x1088  [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time         C:\WINDOWS\system32\w32time.dll
19:17:01.0861 0x1088  W32Time - ok
19:17:01.0971 0x1088  [ 9776E4816D92B766F461957FBDA84360, 048F6ADC97767AFAB50582D0AE1E67A15B038A1C02F7982A6AD30B61AC5C7369 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
19:17:02.0111 0x1088  w3logsvc - ok
19:17:02.0221 0x1088  [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
19:17:02.0486 0x1088  W3SVC - ok
19:17:02.0596 0x1088  [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:17:02.0674 0x1088  WacomPen - ok
19:17:02.0799 0x1088  [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService   C:\WINDOWS\system32\WalletService.dll
19:17:02.0971 0x1088  WalletService - ok
19:17:03.0033 0x1088  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:17:03.0143 0x1088  wanarp - ok
19:17:03.0190 0x1088  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:17:03.0268 0x1088  wanarpv6 - ok
19:17:03.0393 0x1088  [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
19:17:03.0518 0x1088  WAS - ok
19:17:03.0752 0x1088  [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:17:04.0049 0x1088  wbengine - ok
19:17:04.0190 0x1088  [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:17:04.0424 0x1088  WbioSrvc - ok
19:17:04.0580 0x1088  [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:17:04.0799 0x1088  Wcmsvc - ok
19:17:04.0924 0x1088  [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:17:05.0080 0x1088  wcncsvc - ok
19:17:05.0143 0x1088  [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:17:05.0277 0x1088  WcsPlugInService - ok
19:17:05.0374 0x1088  [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:17:05.0446 0x1088  WdBoot - ok
19:17:05.0659 0x1088  [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:17:05.0827 0x1088  Wdf01000 - ok
19:17:06.0005 0x1088  [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:17:06.0103 0x1088  WdFilter - ok
19:17:06.0266 0x1088  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:17:06.0553 0x1088  WdiServiceHost - ok
19:17:06.0604 0x1088  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:17:06.0700 0x1088  WdiSystemHost - ok
19:17:06.0802 0x1088  [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:17:07.0386 0x1088  wdiwifi - ok
19:17:07.0455 0x1088  [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:17:07.0523 0x1088  WdNisDrv - ok
19:17:07.0602 0x1088  WdNisSvc - ok
19:17:07.0711 0x1088  [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:17:07.0820 0x1088  WebClient - ok
19:17:07.0930 0x1088  [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:17:08.0055 0x1088  Wecsvc - ok
19:17:08.0117 0x1088  [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:17:08.0226 0x1088  WEPHOSTSVC - ok
19:17:08.0289 0x1088  [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:17:08.0445 0x1088  wercplsupport - ok
19:17:08.0523 0x1088  [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:17:08.0648 0x1088  WerSvc - ok
19:17:08.0711 0x1088  wfpcapture - ok
19:17:08.0789 0x1088  [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
19:17:08.0898 0x1088  WFPLWFS - ok
19:17:08.0976 0x1088  [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:17:09.0086 0x1088  WiaRpc - ok
19:17:09.0195 0x1088  [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:17:09.0305 0x1088  WIMMount - ok
19:17:09.0351 0x1088  WinDefend - ok
19:17:09.0523 0x1088  [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:17:09.0601 0x1088  WindowsTrustedRT - ok
19:17:09.0664 0x1088  [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:17:09.0711 0x1088  WindowsTrustedRTProxy - ok
19:17:09.0867 0x1088  [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:17:10.0227 0x1088  WinHttpAutoProxySvc - ok
19:17:10.0320 0x1088  [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
19:17:10.0398 0x1088  WinMad - ok
19:17:10.0573 0x1088  [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:17:10.0807 0x1088  Winmgmt - ok
19:17:11.0229 0x1088  [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:17:11.0588 0x1088  WinRM - ok
19:17:11.0792 0x1088  [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
19:17:11.0917 0x1088  WINUSB - ok
19:17:11.0995 0x1088  [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
19:17:12.0073 0x1088  WinVerbs - ok
19:17:12.0480 0x1088  [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:17:12.0839 0x1088  WlanSvc - ok
19:17:12.0964 0x1088  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:17:13.0042 0x1088  wlcrasvc - ok
19:17:13.0324 0x1088  [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:17:13.0745 0x1088  wlidsvc - ok
19:17:13.0808 0x1088  [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:17:13.0902 0x1088  WmiAcpi - ok
19:17:14.0027 0x1088  [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:17:14.0120 0x1088  wmiApSrv - ok
19:17:14.0183 0x1088  WMPNetworkSvc - ok
19:17:14.0292 0x1088  [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:17:14.0355 0x1088  Wof - ok
19:17:14.0745 0x1088  [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:17:15.0136 0x1088  workfolderssvc - ok
19:17:15.0230 0x1088  [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:17:15.0292 0x1088  wpcfltr - ok
19:17:15.0418 0x1088  [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:17:15.0542 0x1088  WPDBusEnum - ok
19:17:15.0636 0x1088  [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:17:15.0697 0x1088  WpdUpFltr - ok
19:17:15.0790 0x1088  [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService      C:\WINDOWS\system32\WpnService.dll
19:17:15.0915 0x1088  WpnService - ok
19:17:15.0978 0x1088  [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:17:16.0072 0x1088  ws2ifsl - ok
19:17:16.0181 0x1088  [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:17:16.0290 0x1088  wscsvc - ok
19:17:16.0353 0x1088  WSearch - ok
19:17:16.0948 0x1088  [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService       C:\WINDOWS\System32\WSService.dll
19:17:17.0283 0x1088  WSService - ok
19:17:17.0634 0x1088  [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:17:18.0060 0x1088  wuauserv - ok
19:17:18.0185 0x1088  [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:17:18.0357 0x1088  WudfPf - ok
19:17:18.0435 0x1088  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:17:18.0560 0x1088  WUDFRd - ok
19:17:18.0701 0x1088  [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:17:18.0810 0x1088  wudfsvc - ok
19:17:18.0873 0x1088  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:17:18.0962 0x1088  WUDFWpdFs - ok
19:17:19.0122 0x1088  [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:17:19.0418 0x1088  WwanSvc - ok
19:17:19.0575 0x1088  [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
19:17:19.0823 0x1088  XblAuthManager - ok
19:17:19.0979 0x1088  [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
19:17:20.0271 0x1088  XblGameSave - ok
19:17:20.0407 0x1088  [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
19:17:20.0602 0x1088  xboxgip - ok
19:17:20.0754 0x1088  [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
19:17:21.0005 0x1088  XboxNetApiSvc - ok
19:17:21.0070 0x1088  [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
19:17:21.0156 0x1088  xinputhid - ok
19:17:21.0204 0x1088  ================ Scan global ===============================
19:17:21.0257 0x1088  [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
19:17:21.0309 0x1088  [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
19:17:21.0352 0x1088  [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
19:17:21.0401 0x1088  [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
19:17:21.0432 0x1088  [ Global ] - ok
19:17:21.0434 0x1088  ================ Scan MBR ==================================
19:17:21.0449 0x1088  [ DD45FA6627B306E080D1D2542102EBDD ] \Device\Harddisk0\DR0
19:17:23.0073 0x1088  \Device\Harddisk0\DR0 - ok
19:17:23.0073 0x1088  ================ Scan VBR ==================================
19:17:23.0104 0x1088  [ B4C88324D7AEE3613410304ED9784D50 ] \Device\Harddisk0\DR0\Partition1
19:17:23.0135 0x1088  \Device\Harddisk0\DR0\Partition1 - ok
19:17:23.0182 0x1088  [ 8155AD0DEDA3C7BF017D0DCD7A5D987B ] \Device\Harddisk0\DR0\Partition2
19:17:23.0229 0x1088  \Device\Harddisk0\DR0\Partition2 - ok
19:17:23.0260 0x1088  [ 67D154497AF48DC06597FEB269FC4665 ] \Device\Harddisk0\DR0\Partition3
19:17:23.0260 0x1088  \Device\Harddisk0\DR0\Partition3 - ok
19:17:23.0276 0x1088  ================ Scan generic autorun ======================
19:17:23.0385 0x1088  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
19:17:23.0432 0x1088  hpsysdrv - ok
19:17:23.0541 0x1088  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe
19:17:23.0635 0x1088  Windows Mobile Device Center - ok
19:17:23.0745 0x1088  [ 1BF113E377E570DB915EE7D228E594D6, FF4D198D412CA21C49E0A3E6FE52EAD69786B305429095B5BD25CB4FAFD33B51 ] C:\Program Files\iTunes\iTunesHelper.exe
19:17:23.0807 0x1088  iTunesHelper - ok
19:17:23.0887 0x1088  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
19:17:23.0949 0x1088  HP Software Update - ok
19:17:25.0028 0x1088  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:17:25.0620 0x1088  OneDriveSetup - ok
19:17:26.0419 0x1088  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:17:27.0004 0x1088  OneDriveSetup - ok
19:17:27.0594 0x1088  [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\Hons\AppData\Local\Akamai\netsession_win.exe
19:17:27.0969 0x1088  Akamai NetSession Interface - ok
19:17:28.0894 0x1088  [ 305A7F831EFC150B60C6D20F91093FBB, 8DADC8D01185D70CDFDEB8B0BAF7395CF6FAEAE2BF60E7C2597B680686C581D5 ] C:\Program Files (x86)\ManyCam\ManyCam.exe
19:17:29.0630 0x1088  ManyCam - ok
19:17:29.0877 0x1088  [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Hons\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:17:29.0955 0x1088  OneDrive - ok
19:17:30.0645 0x1088  [ B9715F3793A2F859632C3BF0E1D9113A, 351595070137579B307B69680AC3FB8BED934172BFB4710CB4051620398A36FA ] C:\Program Files\CCleaner\CCleaner64.exe
19:17:31.0279 0x1088  CCleaner Monitoring - ok
19:17:31.0310 0x1088  Waiting for KSN requests completion. In queue: 199
19:17:32.0326 0x1088  Waiting for KSN requests completion. In queue: 199
19:17:33.0342 0x1088  Waiting for KSN requests completion. In queue: 199
19:17:33.0716 0x0598  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
19:17:34.0342 0x1088  Waiting for KSN requests completion. In queue: 146
19:17:35.0358 0x1088  Waiting for KSN requests completion. In queue: 146
19:17:36.0216 0x0598  Object send P2P result: true
19:17:36.0216 0x0598  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
19:17:36.0373 0x1088  Waiting for KSN requests completion. In queue: 145
19:17:37.0373 0x1088  Waiting for KSN requests completion. In queue: 145
19:17:38.0375 0x1088  Waiting for KSN requests completion. In queue: 145
19:17:38.0769 0x0598  Object send P2P result: true
19:17:38.0795 0x0598  Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
19:17:39.0376 0x1088  Waiting for KSN requests completion. In queue: 33
19:17:40.0382 0x1088  Waiting for KSN requests completion. In queue: 33
19:17:41.0366 0x0598  Object send P2P result: true
19:17:41.0554 0x1088  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
19:17:48.0578 0x1088  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe ( 10.0.0.5409 ), 0x40010 ( disabled : outofdate )
19:17:48.0640 0x1088  Win FW state via NFP2: enabled ( trusted )
19:17:51.0073 0x1088  ============================================================
19:17:51.0073 0x1088  Scan finished
19:17:51.0073 0x1088  ============================================================
19:17:51.0099 0x169c  Detected object count: 0
19:17:51.0099 0x169c  Actual detected object count: 0
         

Alt 20.11.2015, 16:39   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Facebook virus - Standard

Facebook virus



PC ist sauber.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.11.2015, 19:01   #10
misterfuxi
 
Facebook virus - Standard

Facebook virus



vielen herzlichen dank für die mühe!

bitte closen

Alt 21.11.2015, 19:44   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Facebook virus - Standard

Facebook virus



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Facebook virus
befallen, facebook, facebook virus, gehackt, gruppe, gruppen, namen, nicht, nicht sicher, troja, trojaner, vater, virus



Ähnliche Themen: Facebook virus


  1. Facebook (Virus)
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (1)
  2. Facebook-Virus
    Plagegeister aller Art und deren Bekämpfung - 03.11.2011 (26)
  3. Facebook Virus
    Plagegeister aller Art und deren Bekämpfung - 27.10.2011 (7)
  4. Facebook-Virus
    Plagegeister aller Art und deren Bekämpfung - 23.10.2011 (28)
  5. Facebook Virus
    Log-Analyse und Auswertung - 17.10.2011 (1)
  6. Facebook Virus!
    Plagegeister aller Art und deren Bekämpfung - 05.09.2011 (9)
  7. Facebook virus
    Plagegeister aller Art und deren Bekämpfung - 28.08.2011 (3)
  8. Facebook Virus - als .jpg getarnte .scr Datei - vermutlich Virus?
    Log-Analyse und Auswertung - 23.08.2011 (22)
  9. facebook virus
    Log-Analyse und Auswertung - 23.08.2011 (1)
  10. Facebook-Virus
    Plagegeister aller Art und deren Bekämpfung - 19.08.2011 (3)
  11. Facebook Virus :/
    Log-Analyse und Auswertung - 16.08.2011 (1)
  12. Zuerst Facebook-Virus-Neu aufgesetzt,cpu Auslastung 100%,bei Facebook-Games extrem lahm!
    Log-Analyse und Auswertung - 03.02.2011 (11)
  13. Facebook Virus
    Log-Analyse und Auswertung - 13.01.2011 (13)
  14. facebook virus
    Diskussionsforum - 02.01.2011 (17)
  15. Facebook Virus
    Plagegeister aller Art und deren Bekämpfung - 22.12.2010 (18)
  16. Skype - Facebook Virus foto :P h**p://facebook.twitterbizzer.com/member_profile.php
    Plagegeister aller Art und deren Bekämpfung - 27.08.2010 (6)
  17. MSN VIRUS von FACEBOOK
    Plagegeister aller Art und deren Bekämpfung - 22.02.2010 (12)

Zum Thema Facebook virus - hallo, der fb acc von meinen Vater wurde gehackt und wurde über seinen namen in gruppen geposted usw... jetzt bin ich mir nicht sicher ob auch ein Trojaner den PC - Facebook virus...
Archiv
Du betrachtest: Facebook virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.